Changelog for
codeigniter3-3.1.13-ill.4.5.noarch.rpm :
* Fri Mar 04 2022 tuukka.pasanenAATTilmi.fi- Update to version 3.1.13:
* [ci skip] 3.1.13 release
* [ci skip] Doc updates for 3.1.13 start and changelog entry for #6107
* [ci skip] Remove epub-related stuff from build-release script
* [ci skip] Merge pull request #6107 from ducng99/patch-1
* [ci skip] Misc. maintenance
* [ci skip] Update copyright notices
* [ci skip] Fix #6103
* [ci skip] SessionUpdateTimestampHandlerInterface
* [ci skip] Merge pull request #6102 from maxiwheat/develop
* [ci skip] Merge pull request #6100 from svennd/develop
* Fri Mar 04 2022 Tuukka Pasanen
- Update to Version 3.1.13 Release Date: Mar 3, 2022 - Bug fixes for 3.1.13
* Fixed a bug (#6107) - :doc:`Session Library ` broke for PHP 5 due to a misnamed polyfill interface.
* Fixed a bug (#5834) - :doc:`Query Builder ` method count_all_results() triggered an SQL error for queries with a HAVING clause.
* Fixed a bug (#5840) - :doc:`Cache Library ` \'redis\' driver triggered an E_DEPRECATED warning about sRemove() with phpRedis 5.
* Fixed a bug (#5857) - :doc:`Session ` data could be corrupted after a concurrent request write with the \'files\' driver due to a filesize cache being incorrect.
* Fixed a bug (#5861) - :doc:`Cache Library ` \'redis\' driver would always use phpRedis 5 del() due to an incorrect version check.
* Fixed a bug (#5879) - :doc:`Profiler Library ` triggered an E_DEPRECATED warning on PHP 7.4+.
* Fixed a bug (#5901) - :doc:`Database Library ` methods list_fields() and field_data() ignored the configured table schema on PostgreSQL.
* Fixed a bug (#5906) - :doc:`Database Library ` \'postgre\' driver couldn\'t use the failover feature without a $config[\'dsn\'].
* Fixed a bug (#5903) - :doc:`common function ` :php:func:`set_status_header()` didn\'t recognize \'HTTP/2.0\' as a valid $_SERVER[\'SERVER_PROTOCOL\'].
* Fixed a bug (#6013) - :doc:`Session ` flashdata didn\'t work on PHP 8.
* Fixed a bug (#6006) - is_callable() change in PHP 8 broke :doc:`Migrations `, a part of :doc:`XML-RPC ` and an edge case in 404 detection logic.
* Fixed a bug (#5729) - :doc:`Query Builder ` possibly not detecting NOT BETWEEN expression. - Security
* Fixed a possible session fixation vulnerability where session.use_strict_mode wasn\'t enforced on PHP 7+. - General Changes
* Improved logging of error conditions in :doc:`CAPTCHA Helper ` function :php:func:`create_captcha()`.
* Added AUTO_INCREMENT support for Oracle 12.1+ to :doc:`Database Forge `.
* Added FULL [OUTER] JOIN support to :doc:`Query Builder `.
* Added support for detecting WebP image type to :doc:`File Uploading Library `.
* Added method :doc:`Database Library ` method trans_active() to expose transaction state.
* Updated :doc:`Database Library ` \'pdo\' driver to attempt to free resources in order to allow connections to be closed.
* Added SameSite=Strict attribute to the CSRF cookie sent by the :doc:`Security Class `.
* Added $config[\'cookie_samesite\'] option and $samesite parameter to :doc:`Input Library ` method set_cookie().
* Added SameSite support through $config[\'sess_samesite\'] option to the :doc:`Session Library `.
* Added a wrapper class around :doc:`Session ` drivers to deal with compatibility between PHP 8.1 and older versions.
* Updated a lot of code for PHP 8.0 and 8.1 compatibility.
* Tue Oct 01 2019 Tuukka Pasanen - Version 3.1.11- Release Date: Sep 19, 2019 - General Changes
* Changed CI_Log to append PHP_EOL instead of \
at the end of log messages.
* Improved performance in Cache Library ‘redis’ driver with non-scalar variables.
* Altered the Session Library ‘files’ driver to log error and trigger a session start failure instead of throwing an Exception in case of unusable $config[\'sess_save_path\'].
* Updated the Session and Cache libraries’ ‘redis’ driver to work with phpRedis 5. - Bug fixes for 3.1.11
* Fixed a bug (#5681) - Database Forge method modify_column() produced erroneous SQL for DEFAULT attribute changes under PostgreSQL, Firebird.
* Fixed a bug (#5692) - Database Forge didn’t handle column nullability with the ‘oci8’, ‘pdo/oci’ drivers.
* Fixed a bug (#5701) - Database driver ‘pdo/pgsql’ produced incorrect DSNs when constructing from a configuration array.
* Fixed a bug (#5708) - Session Library ‘redis’ driver too often failed with locking-related errors that could’ve been avoided.
* Fixed a bug (#5703) - Session Library triggered an E_WARNING message about changing session.save_path during an active session when it fails to obtain a lock.
* Fixed a bug where Session Library ‘database’ driver didn’t trigger a failure if it can’t obtain a lock.
* Fixed a bug (#5755) - Form Validation Library rule valid_url accepted digit-only domains due to a PHP bug.
* Fixed a bug (#5753) - Cache Library ‘redis’ driver methods increment(), decrement() ignored their $offset parameter.
* Fixed a bug (#5779) - Session Library ‘redis’ only attempted to validate session IDs in case the connection to Redis failed.
* Fixed a bug (#5774) - Database Results method custom_result_object() didn’t properly handle empty result sets, triggering E_WARNING messages on PHP 7.2+.
* Fixed a bug (#5788) - Database Results method field_data() triggered an E_NOTICE error with PDO when a field type is not recognized by PHP.
* Fixed a bug (#5796) - Query Builder method list_tables() triggered an SQL syntax error under MySQL when the database schema is a numeric string.
* Fixed a bug where Security Class would trigger an E_WARrrays instead of strings.
* Wed Mar 06 2019 Tuukka Pasanen - Version 3.1.10- Release Date: Jan 16, 2019 - General Changes
* Added ‘ssl_verify’ support to the ‘pdo/mysql’ Database driver.
* Renamed Inflector Helper function is_countable() to word_is_countable() due to the former colliding with one introduced in PHP 7.3.0. - Bug fixes for 3.1.10
* Fixed a bug (#5526) - Session Library had a syntax error in its ‘memcached’ driver.
* Fixed a bug (#5542) - Database Forge method modify_column() always made fields NOT NULL when attempting to modify their nullable property under PostgreSQL.
* Fixed a bug (#5561) - Database Library didn’t allow SSL connection configuration with only the ‘ssl_verify’ option when using the ‘mysqli’ driver.
* Fixed a bug (#5545) - Session Library crashed due to a caching-related error with the ‘files’ driver.
* Fixed a bug (#5571) - XML-RPC Library had a typo that triggered an E_WARNING message on PHP 7.2.
* Fixed a bug (#5587) - Database Forge method create_table() generated an E_WARNING message.
* Fixed a bug (#5590) - Form Validation Library rule valid_base64 didn’t have a default error message.
* Fixed a bug (#5624) - Database Library methods list_fields(), field_exists() returned incorrect results after tables are modified.
* Fixed a bug (#5627) - Database driver ‘mysqli’ triggered an E_WARNING message if there’s no \'port\' specified in the database configuration.
* Fixed a bug (#5651) - Database Caching could try to delete non-existent cache files due to a race condition.
* Fixed a bug (#5652) - CAPTCHA Helper function create_captcha() didn’t comply with CSS standards.
* Fixed a bug (#5605) - Form Validation Library didn’t nullify array inputs that are expected to be strings.
* Wed Sep 12 2018 Tuukka Pasanen - Version 3.1.9- Release Date: Jun 12, 2018 - Security
* Updated URL Helper function auto_link() to add rel=\"noopener\" to generated links in order to prevent tab hijacking.
* Fixed a possible session fixation vulnerability where the Session Library enabled session.use_strict_mode but it didn’t actually do anything (thanks to Aamer Shah, Prasanna Kumar). - General Changes
* Updated Query Builder method limit() to allow 0 values.
* Updated Email Library and Form Validation Library to discard the results of failed idn_to_ascii() calls while validating e-mail addresses. - Bug fixes for 3.1.9
* Fixed a regression (#5448) - Query Builder methods like(), or_like() (and siblings) didn’t apply dbprefix or identifier escaping.
* Fixed a regression (#5462) - Query Builder methods like(), or_like() (and siblings) produced incorrect SQL syntax when used with \'before\' as the third parameter.
* Fixed a bug (#5516) - HTML Helper functions img(), link_tag() would output results with double slashes if a prefix slash was included in their path inputs.
* Wed May 09 2018 tuukka.pasanenAATTilmi.fi- Version 3.1.8- Release Date: Mar 22, 2018 - Security
* Updated URL Helper function auto_link() to add rel=\"noopener\" to generated links in order to prevent tab hijacking.
* Updated Security Library method xss_clean() to also filter JavaScript tag functions.
* Fixed a bug where Security Library method xss_clean() didn’t check for parentheses around JavaScript’s document. - General Changes
* Updated Email Library to always negotiate between TLS 1.0, 1.1, 1.2 when possible (PHP 5.6+) for SMTP connections.
* Updated Database Library method version() to exclude suffixes to the main version numbers with the ‘postgre’ driver. - Bug fixes for 3.1.8
* Fixed a bug where Form Validation Library, Email Library tried to use INTL_IDNA_VARIANT_UTS46 when it was undeclared.
* Fixed a bug where Query Builder methods where(), having() treated values passed to them as arbitrary SQL.
* Fixed a bug (#5423) - Database Library method insert_id() failed due to incorrect server version parsing with the ‘postgre’ driver.
* Fixed a bug (#5425) - XML-RPC Library produced an error message related to count() on PHP 7.2.
* Fixed a bug (#5434) - Image Manipulation Library attempted to chmod() while rendering images with the dynamic_output option.
* Fixed a bug (#5435) - Database Results method field_data() hid info about one field if limit() was previously used with the ‘oci8’ driver.
* Tue Mar 13 2018 tuukka.pasanenAATTilmi.fi- Version 3.1.7- Release Date: Jan 13, 2018 - General Changes
* Updated Form Validation Library rule valid_email to use INTL_IDNA_VARIANT_UTS46 for non-ASCII domain names.
* Updated Email Library to use INTL_IDNA_VARIANT_UTS46 for non-ASCII domain names.
* Updated Loader Library method model() to log both CI_Model class loading and individual models’ initialization.
* Updated Pagination Library to preserve previously set attributes while calling initialize().
* Updated Cache Library to automatically add items to cache on increment(), decrement() calls for missing keys.
* Deprecated usage of CAPTCHA Helper function create_captcha() with parameters other than $data. - Bug fixes for 3.1.7
* Fixed a regression (#5276) - Database Utilities method backup() generated incorrect INSERT statements with the ‘mysqli’ driver.
* Fixed a regression where Database Results method field_data() returned incorrect type names.
* Fixed a bug (#5278) - URL Helper function auto_link() didn’t detect trailing slashes in URLs.
* Fixed a regression (#5282) - Query Builder method count_all_results() breaks ORDER BY clauses for subsequent queries.
* Fixed a bug (#5279) - Query Builder didn’t account for already escaped identifiers while applying database name prefixes.
* Fixed a bug (#5331) - URL Helper function auto_link() converted e-mail addresses starting with ‘www.’ to both “url” and “email” links.
* Fixed a bug where $config[\'allow_get_array\'] defaulted to FALSE if it didn’t exist in the config file.
* Fixed a bug (#5379) - Session Library would incorrectly fail to obtain a lock that it already has on PHP 7 with the ‘memcached’ driver.
* Tue Oct 24 2017 tuukka.pasanenAATTilmi.fi- Version 3.1.6- Release Date: Sep 25, 2017 - Security
* Fixed a potential object injection in Cache Library ‘apc’ driver when save() is used with $raw = TRUE (thanks to Tomas Bortoli). - General Changes
* Deprecated Cache Library Library driver ‘apc’.
* Updated the Session Library ‘redis’, ‘memcached’ drivers to reduce the potential of a locking race conditions.- Bug fixes for 3.1.6
* Fixed a bug (#5164) - Loader Library method library() ignored requests to load libraries previously assigned to super-object properties named differently than the library name.
* Fixed a bug (#5168) - Query Builder method count_all_results() produced erroneous queries on Microsoft SQL Server when ORDER BY clauses are cached.
* Fixed a bug (#5128) - Profiler didn’t wrap $_SESSION and configuration arrays in tags.
* Fixed a bug (#5183) - Database Library method is_write_type() didn’t return TRUE for MERGE statements.
* Fixed a bug where Image Manipulation Library didn’t escape image source paths passed to NetPBM as shell arguments.
* Fixed a bug (#5236) - Query Builder methods limit(), offset() break SQL Server 2005, 2008 queries with \"\".
* in the SELECT clause.
* Fixed a bug (#5243) - Database Library method version() didn’t work with the ‘pdo/dblib’ driver.
* Fixed a bug (#5246) - Database transactions status wasn’t reset unless trans_complete() was called.
* Fixed a bug (#5260) - Database Utilities method backup() generated incorrect INSERT statements with the ‘mysqli’ driver.
* Fixed a bug where Database Results method field_data() didn’t parse field types with the ‘mysqli’ driver.
* Sat Jul 22 2017 tuukka.pasanenAATTilmi.fi- Relese 3.1.5- Release Date: Jun 19, 2017 - Security
* Form Validation Library rule valid_email could be bypassed if idn_to_ascii() is available. - General Changes
* Updated Form Helper function form_label() to accept HTML attributes as a string. - Bug fixes for 3.1.5
* Fixed a bug (#5070) - Email Library didn’t properly detect 7-bit encoding.
* Fixed a bug (#5084) - XML-RPC Library errored because of a variable name typo.
* Fixed a bug (#5108) - Inflector Helper function singular() didn’t properly handle ‘quizzes’.
* Fixed a regression (#5131) - private controller methods triggered PHP errors instead of a 404 response.
* Fixed a bug (#5150) - Database Forge method modify_column() triggered an error while renaming columns with the ‘oci8’, ‘pdo/oci’ drivers.
* Fixed a bug (#5155) - Query Builder method count_all_results() returned incorrect result for queries using LIMIT, OFFSET.
* Wed May 10 2017 tuukka.pasanenAATTilmi.fi- Release 3.1.4- Release Date: March 23, 2017 - Security
* Fixed a header injection vulnerability in common function set_status_header() under Apache (thanks to Guillermo Caminer from Flowgate).
* Fixed byte-safety issues in Encrypt Library (DEPRECATED) when mbstring.func_overload is enabled.
* Fixed byte-safety issues in Encryption Library when mbstring.func_overload is enabled.
* Fixed byte-safety issues in compatibility functions password_hash(), hash_pbkdf2() when mbstring.func_overload is enabled.
* Updated Encrypt Library (DEPRECATED) to call mcrypt_create_iv() with MCRYPT_DEV_URANDOM. - General Changes
* Updated the Image Manipulation Library to work-around an issue with some JPEGs when using GD. - Bug fixes for 3.1.4
* Fixed a regression (#4975) - Loader Library couldn’t handle objects passed as view variables.
* Fixed a bug (#4977) - Loader Library method helper() could accept any character as a filename extension separator.
* Fixed a regression where the Session Library would fail on a session_regenerate_id(TRUE) call with the ‘database’ driver.
* Fixed a bug (#4987) - Query Builder caching didn’t keep track of table aliases.
* Fixed a bug where Text Helper function ascii_to_entities() wasn’t byte-safe when mbstring.func_overload is enabled.
* Fixed a bug where CI_Log, CI_Output, CI_Email and CI_Zip didn’t handle strings in a byte-safe manner when mbstring.func_overload is enabled.
* Fixed a bug where Session Library didn’t read session data in a byte-safe manner when mbstring.func_overload is enabled.
* Fixed a bug (#4990) - Profiler didn’t close tags it generated.
* Fixed a bug (#4990) - Profiler didn’t HTML-escape quotes for $_SESSION variables.
* Fixed a bug where Input Library method set_cookie() didn’t allow its httponly and secure parameters to be overriden to FALSE.
* Fixed a bug (#5006) - common function get_mimes() didn’t load application/config/mimes.php if an environment specific config exists.
* Fixed a bug (#5006) - common function remove_invisible_characters() didn’t remove URL-encoded 0x7F.
* Fixed a bug (#4815) - Database Library stripped URL-encoded sequences while escaping strings with the ‘mssql’ driver.
* Fixed a bug (#5044) - HTML Helper function img() didn’t accept data: URI schemes for the image source.
* Fixed a bug (#5050) - Database Library tried to access an undefined property in a number of error handling cases.
* Fixed a bug (#5057) - Database driver ‘postgre’ didn’t actually apply extra options (such as ‘connect_timeout’) to its DSN.
