Softpedia >Mac >Development >WEB >CodeIgniter >  Changelog

CodeIgniter Changelog

What's new in CodeIgniter 2.1.3

Oct 10, 2012
  • Bug fixes:
  • Fixed a bug (#1543) - File-based Caching method get_metadata() used a non-existent array key to look for the TTL value.
  • Fixed a bug (#1314) - Session Library method sess_destroy() didn't destroy the userdata array.
  • Fixed a bug where the Profiler Library issued an E_WARNING error if Session userdata contains objects.
  • Fixed a bug (#1699) - Migration Library ignored the $config['migration_path'] setting.
  • Fixed a bug (#227) - Input Library allowed unconditional spoofing of HTTP clients' IP addresses through the HTTP_CLIENT_IP header.
  • Fixed a bug (#907) - Input Library ignored HTTP_X_CLUSTER_CLIENT_IP and HTTP_X_CLIENT_IP headers when checking for proxies.
  • Fixed a bug (#940) - csrf_verify() used to set the CSRF cookie while processing a POST request with no actual POST data, which resulted in validating a request that should be considered invalid.
  • Fixed a bug in the Security Library where a CSRF cookie was created even if $config['csrf_protection'] is set tot FALSE.
  • Fixed a bug (#1715) - Input Library triggered csrf_verify() on CLI requests.

New in CodeIgniter 2.1.0 (Nov 23, 2011)

  • General Changes:
  • Fixed a potential parameter injection flaw in the Security Library and strengthened the XSS filter for HTML5 vulnerabilites.
  • Callback validation rules can now accept parameters like any other validation rule.
  • Added html_escape() to the Common functions to escape HTML output for preventing XSS easliy.
  • Helpers:
  • Added increment_string() to String Helper to turn "foo" into "foo-1" or "foo-1" into "foo-2".
  • Altered form helper - made action on form_open_multipart helper function call optional. Fixes (#65)
  • url_title() will now trim extra dashes from beginning and end.
  • Improved speed of String Helper's random_string() method
  • Database:
  • Added a CUBRID driver to the Database driver. Thanks to the CUBRID team for supplying this patch.
  • Added a PDO driver to the Database driver.
  • Typecast limit and offset in the Database driver to integers to avoid possible injection.
  • Added additional option 'none' for the optional third argument for $this->db->like() in the Database driver.
  • Added $this->db->insert_batch() support to the OCI8 (Oracle) driver.
  • Libraries:
  • Changed $this->cart->insert() in the Cart library to return the Row ID if a single item was inserted successfully.
  • Added support to set an optional parameter in your callback rules of validation using the Form Validation library.
  • Added a Migration library to assist with applying incremental updates to your database schema.
  • Driver children can be located in any package path.
  • Added is_unique to the Form Validation library.
  • Added $config['use_page_numbers'] to the Pagination library, which enables real page numbers in the URI.
  • Added TLS and SSL Encryption for SMTP.
  • Core:
  • Changed private functions in URI library to protected so MY_URI can override them.
  • Removed CI_CORE boolean constant from CodeIgniter.php (there are no longer different Reactor and Core versions).
  • Bug fixes:
  • Fixed #378 Robots identified as regular browsers by the User Agent class.
  • If a config class was loaded first then a library with the same name is loaded, the config would be ignored.
  • Fixed a bug (Reactor #19) where 1) the 404_override route was being ignored in some cases, and 2) auto-loaded libraries were not available to the 404_override controller when a controller existed but the requested method did not.
  • Fixed a bug (Reactor #89) where MySQL export would fail if the table had hyphens or other non alphanumeric/underscore characters.
  • Fixed a bug (#200) where MySQL queries would be malformed after calling $this->db->count_all() then $this->db->get()
  • Fixed bug #105 that stopped query errors from being logged unless database debugging was enabled
  • Fixed a bug (#160) - Removed unneeded array copy in the file cache driver.
  • Fixed a bug (#150) - field_data() now correctly returns column length.
  • Fixed a bug (#8) - load_class() now looks for core classes in APPPATH first, allowing them to be replaced.
  • Fixed a bug (#24) - ODBC database driver called incorrect parent in __construct().
  • Fixed a bug (#85) - OCI8 (Oracle) database escape_str() function did not escape correct.
  • Fixed a bug (#344) - Using schema found in Saving Session Data to a Database, system would throw error "user_data does not have a default value" when deleting then creating a session.
  • Fixed a bug (#112) - OCI8 (Oracle) driver didn't pass the configured database character set when connecting.
  • Fixed a bug (#182) - OCI8 (Oracle) driver used to re-execute the statement whenever num_rows() is called.
  • Fixed a bug (#82) - WHERE clause field names in the DB update_string() method were not escaped, resulting in failed queries in some cases.
  • Fixed a bug (#89) - Fix a variable type mismatch in DB display_error() where an array is expected, but a string could be set instead.
  • Fixed a bug (#467) - Suppress warnings generated from get_magic_quotes_gpc() (deprecated in PHP 5.4)
  • Fixed a bug (#484) - First time _csrf_set_hash() is called, hash is never set to the cookie (in Security.php).
  • Fixed a bug (#60) - Added _file_mime_type() method to the File Uploading Library in order to fix a possible MIME-type injection (also fixes bug #394).
  • Fixed a bug (#537) - Support for all wav type in browser.
  • Fixed a bug (#576) - Using ini_get() function to detect if apc is enabled or not.
  • Fixed invalid date time format in Date helper and XMLRPC library.

New in CodeIgniter 2.0.2 (May 11, 2011)

  • General changes:
  • The Security library was moved to the core and is now loaded automatically. Please remove your loading calls.
  • The CI_SHA class is now deprecated. All supported versions of PHP provide a sha1() function.
  • constants.php will now be loaded from the environment folder if available.
  • Added language key error logging
  • Made Environment Support optional. Comment out or delete the constant to stop environment checks.
  • Added Environment Support for Hooks.
  • Added CI_ Prefix to the Cache driver.
  • Helpers:
  • Removed the previously deprecated dohash() from the Security helper; use do_hash() instead.
  • Changed the 'plural' function so that it doesn't ruin the captalization of your string. It also take into consideration acronyms which are all caps.
  • Database:
  • $this->db->count_all_results() will now return an integer instead of a string.

New in CodeIgniter 1.7.3 (Jan 10, 2011)

  • Version 1.7.3 is a security maintenance release, including a previously patched file Upload class, and a new security fix to prevent possible directory traversal in certain circumstances. There are no other significant changes.

New in CodeIgniter 1.7.2 (Oct 13, 2009)

  • Libraries
  • Added a new Cart Class.
  • Added the ability to pass $config['file_name'] for the File Uploading Class and rename the uploaded file.
  • Changed order of listed user-agents so Safari would more accurately report itself. (#6844)
  • Database
  • Switched from using gettype() in escape() to is_* methods, since future PHP versions might change its output.
  • Updated all database drivers to handle arrays in escape_str()
  • Added escape_like_str() method for escaping strings to be used in LIKE conditions
  • Updated Active Record to utilize the new LIKE escaping mechanism.
  • Added reconnect() method to DB drivers to try to keep alive / reestablish a connection after a long idle.
  • Modified MSSQL driver to use mssql_get_last_message() for error messages.
  • Helpers
  • Added form_multiselect() to the Form helper.
  • Modified form_hidden() in the Form helper to accept multi-dimensional arrays.
  • Modified form_prep() in the Form helper to keep track of prepped fields to avoid multiple prep/mutation from subsequent calls which can occur when using Form Validation and form helper functions to output form fields.
  • Modified directory_map() in the Directory helper to allow the inclusion of hidden files, and to return FALSE on failure to read directory.
  • Modified the Smiley helper to work with multiple fields and insert the smiley at the last known cursor position.
  • General
  • Compatible with PHP 5.3.0
  • Modified show_error() to allow sending of HTTP server response codes.
  • Modified show_404() to send 404 status code, removing non-CGI compatible header() statement from error_404.php template.
  • Added set_status_header() to the Common functions to allow use when the Output class is unavailable.
  • Added is_php() to Common functions to facilitate PHP version comparisons.
  • Added 2 CodeIgniter "cheatsheets" (thanks to DesignFellow.com for this contribution).

New in CodeIgniter 1.7.1 (May 11, 2009)

  • Libraries
  • Fixed an arbitrary script execution security flaw (#6068) in the Form Validation library (thanks to hkk)
  • Changed default current page indicator in the Pagination library to use instead of
  • A "HTTP/1.1 400 Bad Request" header is now sent when disallowed characters are encountered.
  • Added , , , and to the Typography parser's inline elements.
  • Added more accurate error reporting for the Email library when using sendmail.
  • Removed a strict type check from the rotate() function of the Image Manipulation Class.
  • Added enhanced error checking in file saving in the Image library when using the GD lib.
  • Added an additional newline between multipart email headers and the MIME message text for better compatibility with a variety of MUAs.
  • Made modest improvements to efficiency and accuracy of explode_name() in the Image lib.
  • Database
  • Added where_in to the list of expected arguments received by delete().
  • Helpers
  • Added the ability to have optgroups in form_dropdown() within the form helper.
  • Added a doctype() function to the HTML helper.
  • Added ability to force lowercase for url_title() in the URL helper.
  • Changed the default "type" of form_button() to "button" from "submit" in the form helper.
  • Changed redirect() in the URL helper to allow redirections to URLs outside of the CI site.
  • Updated get_cookie() to try to fetch the cookie using the global cookie prefix if the requested cookie name doesn't exist.
  • Other Changes
  • Improved security in xss_clean() to help prevent attacks targeting Internet Explorer.
  • Added 'application/msexcel' to config/mimes.php for .xls files.
  • Added 'proxy_ips' config item to whitelist reverse proxy servers from which to trust the HTTP_X_FORWARDED_FOR header to to determine the visitor's IP address.
  • Improved accuracy of Upload::is_allowed_filetype() for images (#6715)
  • Bug fixes for 1.7.1:
  • Database
  • Fixed a bug when doing 'random' on order_by() (#5706).
  • Fixed a bug where adding a primary key through Forge could fail (#5731).
  • Fixed a bug when using DB cache on multiple databases (#5737).
  • Fixed a bug where TRUNCATE was not considered a "write" query (#6619).
  • Fixed a bug where csv_from_result() was checking for a nonexistent method.
  • Fixed a bug _protect_identifiers() where it was improperly removing all pipe symbols from items
  • Fixed assorted user guide typos or examples (#5998, #6093, #6259, #6339, #6432, #6521).
  • Fixed a bug in the MySQLi driver when no port is specified
  • Fixed a bug (#5702), in which the field label was not being fetched properly, when "matching" one field to another.
  • Fixed a bug in which identifers were not being escaped properly when reserved characters were used.
  • Fixed a bug with the regular expression used to protect submitted paragraph tags in auto typography.
  • Fixed a bug where double dashes within tag attributes were being converted to em dash entities.
  • Fixed a bug where double spaces within tag attributes were being converted to non-breaking space entities.
  • Fixed some accuracy issues with curly quotes in Typography::format_characters()
  • Changed a few docblock comments to reflect actual return values.
  • Fixed a bug with high ascii characters in subject and from email headers.
  • Fixed a bug in xss_clean() where whitespace following a validated character entity would not be preserved.
  • Fixed a bug where HTML comments and tags were being parsed in Typography::auto_typography().
  • Fixed a bug with non-breaking space cleanup in Typography::auto_typography().
  • Fixed a bug in database escaping where a compound statement (ie: SUM()) wasn't handled correctly with database prefixes.
  • Fixed a bug when an opening quote is preceded by a paragraph tag and immediately followed by another tag.
  • Fixed a bug in the Text Helper affecting some locales where word_censor() would not work on words beginning or ending with an accented character.
  • Fixed a bug in the Text Helper character limiter where the provided limit intersects the last word of the string.
  • Fixed a bug (#6342) with plural() in the Inflection helper with words ending in "y".
  • Fixed bug (#6517) where Routed URI segments returned by URI::rsegment() method were incorrect for the default controller.
  • Fixed a bug (#6706) in the Security Helper where xss_clean() was using a deprecated second argument.
  • Fixed a bug in the URL helper url_title() function where trailing periods were allowed at the end of a URL.
  • Fixed a bug (#6669) in the Email class when CRLF's are used for the newline character with headers when used with the "mail" protocol.
  • Fixed a bug (#6500) where URI::A_filter_uri() was exit()ing an error instead of using show_error().
  • Fixed a bug (#6592) in the File Helper where get_dir_file_info() where recursion was not occurring properly.
  • Tweaked Typography::auto_typography() for some edge-cases.