Tuesday, April 9, 2019

CodeIgniter 3 Released !

Codeigniter 3 has released in March,30 2015. It's available to download in here.

There's a a lot of huge changes from Codeigniter Version 2 to Codeigniter Version 3. Here is some of the changes I take from Codeigniter sites.

  • License
    • CodeIgniter has been relicensed with the MIT License, eliminating its old proprietary licensing.
  • General Changes
    • PHP 5.1.6 is no longer supported. CodeIgniter now requires PHP 5.2.4 and recommends PHP 5.4+ or newer to be used.
    • Changed filenaming convention (class file names now must be Ucfirst and everything else in lowercase).
    • Changed the default database driver to ‘mysqli’ (the old ‘mysql’ driver is DEPRECATED).
    • $_SERVER['CI_ENV'] can now be set to control the ENVIRONMENT constant.
    • Added an optional backtrace to php-error template.
    • Added Android to the list of user agents.
    • Added Windows 7, Windows 8, Windows 8.1, Android, Blackberry, iOS and PlayStation 3 to the list of user platforms.
    • Added Fennec (Firefox for mobile) to the list of mobile user agents.
    • Ability to log certain error types, not all under a threshold.
    • Added support for pem, p10, p12, p7a, p7c, p7m, p7r, p7s, crt, crl, der, kdb, rsa, cer, sst, csr Certs to mimes.php.
    • Added support for pgp, gpg, zsh and cdr files to mimes.php.
    • Added support for 3gp, 3g2, mp4, wmv, f4v, vlc Video files to mimes.php.
    • Added support for m4a, aac, m4u, xspf, au, ac3, flac, ogg, wma Audio files to mimes.php.
    • Added support for kmz and kml (Google Earth) files to mimes.php.
    • Added support for ics Calendar files to mimes.php.
    • Added support for rar, jar and 7zip archives to mimes.php.
    • Updated support for xml (‘application/xml’) and xsl (‘application/xml’, ‘text/xsl’) files in mimes.php.
    • Updated support for doc files in mimes.php.
    • Updated support for docx files in mimes.php.
    • Updated support for php files in mimes.php.
    • Updated support for zip files in mimes.php.
    • Updated support for csv files in mimes.php.
    • Added Romanian, Greek, Vietnamese and Cyrilic characters in application/config/foreign_characters.php.
    • Changed logger to only chmod when file is first created.
    • Removed previously deprecated SHA1 Library.
    • Removed previously deprecated use of $autoload['core'] in application/config/autoload.php. Only entries in$autoload['libraries'] are auto-loaded now.
    • Removed previously deprecated EXT constant.
    • Updated all classes to be written in PHP 5 style, with visibility declarations and no var usage for properties.
    • Added an Exception handler.
    • Moved error templates to application/views/errors/ and made the path configurable via $config['error_views_path'].
    • Added support non-HTML error templates for CLI applications.
    • Moved the Log class to application/core/
    • Global config files are loaded first, then environment ones. Environment config keys overwrite base ones, allowing to only set the keys we want changed per environment.
    • Changed detection of $view_folder so that if it’s not found in the current path, it will now also be searched for under the application folder.
    • Path constants BASEPATH, APPPATH and VIEWPATH are now (internally) defined as absolute paths.
    • Updated email validation methods to use filter_var() instead of PCRE.
    • Changed environment defaults to report all errors in development and only fatal ones in testingproduction but only display them in development.
    • Updated ip_address database field lengths from 16 to 45 for supporting IPv6 address on Trackback Library and Captcha Helper.
    • Removed cheatsheets and quick_reference PDFs from the documentation.
    • Added availability checks where usage of dangerous functions like eval() and exec() is required.
    • Added support for changing the file extension of log files using $config['log_file_extension'].
    • Added support for turning newline standardization on/off via $config['standardize_newlines'] and set it to FALSE by default.
    • Added configuration setting $config['composer_autoload'] to enable loading of a Composer auto-loader.
    • Removed the automatic conversion of ‘programmatic characters’ to HTML entities from the URI Library.
    • Changed log messages that say a class or file was loaded to “info” level instead of “debug”, so that they don’t pollute log files when $config['log_threshold'] is set to 2 (debug).
  • Helpers
    • Date Helper changes include:
      • Added an optional third parameter to timespan() that constrains the number of time units displayed.
      • Added an optional parameter to timezone_menu() that allows more attributes to be added to the generated select tag.
      • Added function date_range() that generates a list of dates between a specified period.
      • Deprecated standard_date(), which now just uses the native date() with DateTime constants.
      • Changed now() to work with all timezone strings supported by PHP.
      • Changed days_in_month() to use the native cal_days_in_month() PHP function, if available.
    • URL Helper changes include:
      • Deprecated separator options dash and underscore for function url_title() (they are only aliases for ‘-‘ and ‘_’ respectively).
      • url_title() will now trim extra dashes from beginning and end.
      • anchor_popup() will now fill the href attribute with the URL and its JS code will return FALSE instead.
      • Added JS window name support to the anchor_popup() function.
      • Added support for menubar attribute to the anchor_popup().
      • Added support (auto-detection) for HTTP/1.1 response codes 303, 307 in redirect().
      • Changed redirect() to choose the refresh method only on IIS servers, instead of all servers on Windows (when auto is used).
      • Changed anchor()anchor_popup(), and redirect() to support protocol-relative URLs (e.g. //ellislab.com/codeigniter).
    • HTML Helper changes include:
      • Added more doctypes.
      • Changed application and environment config files to be loaded in a cascade-like manner.
      • Changed doctype() to cache and only load once the doctypes array.
      • Deprecated functions nbs() and br(), which are just aliases for the native str_repeat() with &nbsp; and <br />respectively.
    • Inflector Helper changes include:
    • Download Helper changes include:
      • Added an optional third parameter to force_download() that enables/disables sending the actual file MIME type in the Content-Type header (disabled by default).
      • Added a work-around in force_download() for a bug Android <= 2.1, where the filename extension needs to be in uppercase.
      • Added support for reading from an existing file path by passing NULL as the second parameter to force_download()(useful for large files and/or safely transmitting binary data).
    • Form Helper changes include:
    • Security Helper changes include:
    • Smiley Helper changes include:
      • Deprecated the whole helper as too specific for CodeIgniter.
      • Removed previously deprecated function js_insert_smiley().
      • Changed application and environment config files to be loaded in a cascade-like manner.
      • The smileys array is now cached and loaded only once.
    • File Helper changes include:
      • set_realpath() can now also handle file paths as opposed to just directories.
      • Added an optional paramater to delete_files() to enable it to skip deleting files such as .htaccess and index.html.
      • Deprecated function read_file() - it’s just an alias for PHP’s native file_get_contents().
    • String Helper changes include:
      • Deprecated function repeater() - it’s just an alias for PHP’s native str_repeat().
      • Deprecated function trim_slashes() - it’s just an alias for PHP’s native trim() (with a slash as its second argument).
      • Deprecated randomization type options unique and encrypt for funcion random_string() (they are only aliases formd5 and sha1 respectively).
    • CAPTCHA Helper changes include:
      • Added word_length and pool options to allow customization of the generated word.
      • Added colors configuration to allow customization for the backgroundbordertext and grid colors.
      • Added filename to the returned array elements.
      • Updated to use imagepng() in case that imagejpeg() isn’t available.
      • Added font_size option to allow customization of font size.
      • Added img_id option to set id attribute of captcha image.
    • Text Helper changes include:
    • Directory Helper directory_map() will now append DIRECTORY_SEPARATOR to directory names in the returned array.
    • Array Helper element() and elements() now return NULL instead of FALSE when the required elements don’t exist.
    • Language Helper lang() now accepts an optional list of additional HTML attributes.
    • Deprecated the Email Helper as its valid_email()send_email() functions are now only aliases for PHP native functionsfilter_var() and mail() respectively.
  • Database
    • DEPRECATED the ‘mysql’, ‘sqlite’, ‘mssql’ and ‘pdo/dblib’ (also known as ‘pdo/mssql’ or ‘pdo/sybase’) drivers.
    • Added dsn configuration setting for drivers that support DSN strings (PDO, PostgreSQL, Oracle, ODBC, CUBRID).
    • Added schema configuration setting (defaults to public) for drivers that might need it (currently used by PostgreSQL and ODBC).
    • Added save_queries configuration setting to application/config/database.php (defaults to TRUE).
    • Removed autoinit configuration setting as it doesn’t make sense to instantiate the database class but not connect to the database.
    • Added subdrivers support (currently only used by PDO).
    • Added an optional database name parameter to db_select().
    • Removed protect_identifiers() and renamed internal method _protect_identifiers() to it instead - it was just an alias.
    • Renamed internal method _escape_identifiers() to escape_identifiers().
    • Updated escape_identifiers() to accept an array of fields as well as strings.
    • MySQL and MySQLi drivers now require at least MySQL version 5.1.
    • Added a $persistent parameter to db_connect() and changed db_pconnect() to be an alias for db_connect(TRUE).
    • db_set_charset() now only requires one parameter (collation was only needed due to legacy support for MySQL versions prior to 5.1).
    • db_select() will now always (if required by the driver) be called by db_connect() instead of only when initializing.
    • Replaced the _error_message() and _error_number() methods with error(), which returns an array containing the last database error code and message.
    • Improved version() implementation so that drivers that have a native function to get the version number don’t have to be defined in the core DB_driver class.
    • Added capability for packages to hold config/database.php config files.
    • Added MySQL client compression support.
    • Added encrypted connections support (for mysqlsqlsrv and PDO with sqlsrv).
    • Removed Loader Class from Database error tracing to better find the likely culprit.
    • Added support for SQLite3 database driver.
    • Added Interbase/Firebird database support via the ibase driver.
    • Added ODBC support for create_database()drop_database() and drop_table() in Database Forge.
    • Added support to binding arrays as IN() sets in query().
    • Query Builder changes include:
      • Renamed the Active Record class to Query Builder to remove confusion with the Active Record design pattern.
      • Added the ability to insert objects with insert_batch().
      • Added new methods that return the SQL string of queries without executing them: get_compiled_select(),get_compiled_insert()get_compiled_update()get_compiled_delete().
      • Added an optional parameter that allows to disable escaping (useful for custom fields) for methods join(),order_by()where_in()or_where_in()where_not_in()or_where_not_in()insert()insert_batch().
      • Added support for join() with multiple conditions.
      • Added support for USING in join().
      • Added support for EXISTS in where().
      • Added seed values support for random ordering with order_by(seed, 'RANDOM').
      • Changed limit() to ignore NULL values instead of always casting to integer.
      • Changed offset() to ignore empty values instead of always casting to integer.
      • Methods insert_batch() and update_batch() now return an integer representing the number of rows affected by them.
      • Methods where()or_where()having() and or_having() now convert trailing = and <>!= SQL operators toIS NULL and IS NOT NULL respectively when the supplied comparison value is NULL.
      • Added method chaining support to reset_query()start_cache()stop_cache() and flush_cache().
      • Added an optional second parameter to count_all_results() to disable resetting of QB values.
    • Database Results changes include:
      • Added a constructor to the DB_result class and moved all driver-specific properties and logic out of the baseDB_driver class to allow better abstraction.
      • Added method unbuffered_row() for fetching a row without prefetching the whole result (consume less memory).
      • Renamed former method _data_seek() to data_seek() and made it public.
    • Improved support for the MySQLi driver, including:
      • OOP style usage of the PHP extension is now used, instead of the procedural aliases.
      • Server version checking is now done via mysqli::$server_info instead of running an SQL query.
      • Added persistent connections support for PHP >= 5.3.
      • Added support for configuring socket pipe connections.
      • Added support for backup() in Database Utilities.
      • Changed methods trans_begin()trans_commit() and trans_rollback() to use the PHP API instead of sending queries.
    • Improved support of the PDO driver, including:
      • Added support for create_database()drop_database() and drop_table() in Database Forge.
      • Added support for list_fields() in Database Results.
      • Subdrivers are now isolated from each other instead of being in one large class.
    • Improved support of the PostgreSQL driver, including:
      • pg_version() is now used to get the database version number, when possible.
      • Added db_set_charset() support.
      • Added support for optimize_table() in Database Utilities (rebuilds table indexes).
      • Added boolean data type support in escape().
      • Added update_batch() support.
      • Removed limit() and order_by() support for UPDATE and DELETE queries as PostgreSQL does not support those features.
      • Added a work-around for dead persistent connections to be re-created after a database restart.
      • Changed db_connect() to include the (new) schema value into Postgre’s search_path session variable.
      • pg_escape_literal() is now used for escaping strings, if available.
    • Improved support of the CUBRID driver, including:
      • Added DSN string support.
      • Added persistent connections support.
      • Improved list_databases() in Database Utility (until now only the currently used database was returned).
    • Improved support of the MSSQL and SQLSRV drivers, including:
      • Added random ordering support.
      • Added support for optimize_table() in Database Utility.
      • Added escaping with QUOTE_IDENTIFIER setting detection.
      • Added port handling support for UNIX-based systems (MSSQL driver).
      • Added OFFSET support for SQL Server 2005 and above.
      • Added db_set_charset() support (MSSQL driver).
      • Added a scrollable property to enable configuration of the cursor to use (SQLSRV driver).
      • Added support and auto-detection for the SQLSRV_CURSOR_CLIENT_BUFFERED scrollable cursor flag (SQLSRV driver).
      • Changed default behavior to not use SQLSRV_CURSOR_STATIC due to performance issues (SQLSRV driver).
    • Improved support of the Oracle (OCI8) driver, including:
      • Added DSN string support (Easy Connect and TNS).
      • Added support for drop_table() in Database Forge.
      • Added support for list_databases() in Database Utilities.
      • Generally improved for speed and cleaned up all of its components.
      • num_rows() is now only called explicitly by the developer and no longer re-executes statements.
    • Improved support of the SQLite driver, including:
    • Database Forge changes include:
      • Added an optional second parameter to drop_table() that allows adding the IF EXISTS condition, which is no longer the default.
      • Added support for passing a custom database object to the loader.
      • Added support for passing custom table attributes (such as ENGINE for MySQL) to create_table().
      • Added support for usage of the FIRST clause in add_column() for MySQL and CUBRID.
      • Added partial support for field comments (MySQL, PostgreSQL, Oracle).
      • Deprecated add_column()‘s third method. AFTER clause should now be added to the field definition array instead.
      • Overall improved support for all of the drivers.
    • Database Utility changes include:
      • Added support for passing a custom database object to the loader.
      • Modified the class to no longer extend Database Forge, which has been a deprecated behavior for awhile.
      • Overall improved support for all of the drivers.
      • Added foreign_key_checks option to MySQL/MySQLi backup, allowing statement to disable/re-enable foreign key checks to be inserted into the backup output.
  • Libraries
    • Added a new Encryption Library to replace the old, largely insecure Encrypt Library.
    • Encrypt Library changes include:
      • Deprecated the library in favor of the new Encryption Library.
      • Added support for hashing algorithms other than SHA1 and MD5.
      • Removed previously deprecated sha1() method.
    • Session Library changes include:
      • Completely re-written the library to use self-contained drivers via $config['sess_driver'].
      • Added ‘files’, ‘database’, ‘redis’ and ‘memcached’ drivers (using ‘files’ by default).
      • Added $config['sess_save_path'] setting to specify where the session data is stored, depending on the driver.
      • Dropped support for storing session data in cookies (which renders $config['sess_encrypt_cookie'] useless and is therefore also removed).
      • Dropped official support for storing session data in databases other than MySQL and PostgreSQL.
      • Changed table structure for the ‘database’ driver.
      • Added a new tempdata feature that allows setting userdata items with expiration time (mark_as_temp()tempdata(),set_tempdata()unset_tempdata()).
      • Changed method keep_flashdata() to also accept an array of keys.
      • Changed methods userdata()flashdata() to return an array of all userdata/flashdata when no parameter is passed.
      • Deprecated method all_userdata() - it is now just an alias for userdata() with no parameters.
      • Added method has_userdata() that verifies the existence of a userdata item.
      • Added debug level log messages for key events in the session validation process.
      • Dropped support for the sess_match_useragent option.
    • File Uploading Library changes include:
      • Added method chaining support.
      • Added support for using array notation in file field names.
      • Added max_filename_increment and file_ext_tolower configuration settings.
      • Added min_width and min_height configuration settings for images.
      • Added mod_mime_fix configuration setting to disable suffixing multiple file extensions with an underscore.
      • Added the possibility pass allowed_types as an array.
      • Added an $index parameter to the method data().
      • Added a $reset parameter to method initialize().
      • Removed method clean_file_name() and its usage in favor of Security Library‘s sanitize_filename().
      • Removed method mimes_types().
      • Changed CI_Upload::_prep_filename() to simply replace all (but the last) dots in the filename with underscores, instead of suffixing them.
    • Calendar Library changes include:
      • Added method chaining support.
      • Added configuration to generate days of other months instead of blank cells.
      • Added auto-configuration for next_prev_url if it is empty and show_prev_next is set to TRUE.
      • Added support for templating via an array in addition to the encoded string.
      • Changed method get_total_days() to be an alias for Date Helper days_in_month().
    • Cart Library changes include:
      • Deprecated the library as too specific for CodeIgniter.
      • Added method remove() to remove a cart item, updating with quantity of 0 seemed like a hack but has remained to retain compatibility.
      • Added method get_item() to enable retrieving data for a single cart item.
      • Added unicode support for product names.
      • Added support for disabling product name strictness via the $product_name_safe property.
      • Changed insert() method to auto-increment quantity for an item when inserted twice instead of resetting it.
      • Changed update() method to support updating all properties attached to an item and not to require ‘qty’.
    • Image Manipulation Library changes include:
      • The initialize() method now only sets existing class properties.
      • Added support for 3-length hex color values for wm_font_color and wm_shadow_color properties, as well as validation for them.
      • Class properties wm_font_colorwm_shadow_color and wm_use_drop_shadow are now protected, to avoid breaking thetext_watermark() method if they are set manually after initialization.
      • If property maintain_ratio is set to TRUE, image_reproportion() now doesn’t need both width and height to be specified.
      • Property maintain_ratio is now taken into account when resizing images using ImageMagick library.
      • Added support for maintaining transparency for PNG images when watermarking.
      • Added a file_permissions setting.
    • Form Validation Library changes include:
      • Added method error_array() to return all error messages as an array.
      • Added method set_data() to set an alternative data array to be validated instead of the default $_POST.
      • Added method reset_validation() which resets internal validation variables in case of multiple validation routines.
      • Added support for setting error delimiters in the config file via $config['error_prefix'] and $config['error_suffix'].
      • Internal method _execute() now considers input data to be invalid if a specified rule is not found.
      • Removed method is_numeric() as it exists as a native PHP function and _execute() will find and use that (theis_numeric rule itself is deprecated since 1.6.1).
      • Native PHP functions used as rules can now accept an additional parameter, other than the data itself.
      • Updated method set_rules() to accept an array of rules as well as a string.
      • Fields that have empty rules set no longer run through validation (and therefore are not considered erroneous).
      • Added rule differs to check if the value of a field differs from the value of another field.
      • Added rule valid_url.
      • Added rule in_list to check if the value of a field is within a given list.
      • Added support for named parameters in error messages.
      • Language line keys must now be prefixed with form_validation_.
      • Added rule alpha_numeric_spaces.
      • Added support for custom error messages per field rule.
      • Added support for callable rules when they are passed as an array.
      • Added support for non-ASCII domains in valid_email rule, depending on the Intl extension.
      • Changed the debug message about an error message not being set to include the rule name it is about.
    • Caching Library changes include:
      • Added Wincache driver.
      • Added Redis driver.
      • Added a key_prefix option for cache IDs.
      • Updated driver is_supported() methods to log at the “debug” level.
      • Added option to store raw values instead of CI-formatted ones (APC, Memcache).
      • Added atomic increment/decrement feature via increment()decrement().
    • E-mail Library changes include:
      • Added a custom filename parameter to attach() as $this->email->attach($filename, $disposition, $newname).
      • Added possibility to send attachment as buffer string in attach() as$this->email->attach($buffer, $disposition, $newname, $mime).
      • Added possibility to attach remote files by passing a URL.
      • Added method attachment_cid() to enable embedding inline attachments into HTML.
      • Added dsn (delivery status notification) option.
      • Renamed method _set_header() to set_header() and made it public to enable adding custom headers.
      • Successfully sent emails will automatically clear the parameters.
      • Added a return_path parameter to the from() method.
      • Removed the second parameter (character limit) from internal method _prep_quoted_printable() as it is never used.
      • Internal method _prep_quoted_printable() will now utilize the native quoted_printable_encode()imap_8bit()functions (if available) when CRLF is set to “rn”.
      • Default charset now relies on the global $config['charset'] setting.
      • Removed unused protected method _get_ip() (Input Library‘s ip_address() should be used anyway).
      • Internal method _prep_q_encoding() now utilizes PHP’s mbstring and iconv extensions (when available) and no longer has a second ($from) argument.
      • Added an optional parameter to print_debugger() to allow specifying which parts of the message should be printed (‘headers’, ‘subject’, ‘body’).
      • Added SMTP keepalive option to avoid opening the connection for each send() call. Accessible as $smtp_keepalive.
      • Public method set_header() now filters the input by removing all “\r” and “\n” characters.
      • Added support for non-ASCII domains in valid_email(), depending on the Intl extension.
    • Pagination Library changes include:
      • Deprecated usage of the “anchor_class” setting (use the new “attributes” setting instead).
      • Added method chaining support to initialize() method.
      • Added support for the anchor “rel” attribute.
      • Added support for setting custom attributes.
      • Added support for language translations of the first_linknext_linkprev_link and last_link values.
      • Added support for $config['num_links'] = 0 configuration.
      • Added $config['reuse_query_string'] to allow automatic repopulation of query string arguments, combined with normal URI segments.
      • Added $config['use_global_url_suffix'] to allow overriding the library ‘suffix’ value with that of the global$config['url_suffix'] setting.
      • Removed the default &nbsp; from a number of the configuration variables.
    • Profiler Library changes include:
      • Database object names are now being displayed.
      • The sum of all queries running times in seconds is now being displayed.
      • Added support for displaying the HTTP DNT (“Do Not Track”) header.
      • Added support for displaying $_FILES.
    • Migration Library changes include:
      • Added support for timestamp-based migrations (enabled by default).
      • Added $config['migration_type'] to allow switching between sequential and timestamp migrations.
    • XML-RPC Library changes include:
      • Added the ability to use a proxy.
      • Added Basic HTTP authentication support.
    • User Agent Library changes include:
      • Added check to detect if robots are pretending to be mobile clients (helps with e.g. Google indexing mobile website versions).
      • Added method parse() to allow parsing a custom user-agent string, different from the current visitor’s.
    • HTML Table Library changes include:
      • Added method chaining support.
      • Added support for setting table class defaults in a config file.
    • Zip Library changes include:
      • Method read_file() can now also alter the original file path/name while adding files to an archive.
      • Added support for changing the compression level.
    • Trackback Library method receive() will now utilize iconv() if it is available but mb_convert_encoding() is not.
  • Core
    • Routing changes include:
      • Added support for multiple levels of controller directories.
      • Added support for per-directory default_controller and 404_override classes.
      • Added possibility to route requests using HTTP verbs.
      • Added possibility to route requests using callbacks.
      • Added a new reserved route (translate_uri_dashes) to allow usage of dashes in the controller and method URI segments.
      • Deprecated methods fetch_directory()fetch_class() and fetch_method() in favor of their respective public properties.
      • Removed method _set_overrides() and moved its logic to the class constructor.
    • URI Library changes include:
      • Added conditional PCRE UTF-8 support to the “invalid URI characters” check and removed the preg_quote() call from it to allow more flexibility.
      • Renamed method _filter_uri() to filter_uri().
      • Changed method filter_uri() to accept by reference and removed its return value.
      • Changed private methods to protected so that MY_URI can override them.
      • Renamed internal method _parse_cli_args() to _parse_argv().
      • Renamed internal method _detect_uri() to _parse_request_uri().
      • Changed _parse_request_uri() to accept absolute URIs for compatibility with HTTP/1.1 as per RFC2616 <http://www.ietf.org/rfc/rfc2616.txt>.
      • Added protected method _parse_query_string() to URI paths in the the QUERY_STRING value, like_parse_request_uri() does.
      • Changed URI string detection logic to always default to REQUEST_URI unless configured otherwise or under CLI.
      • Removed methods _remove_url_suffix()_explode_segments() and moved their logic into _set_uri_string().
      • Removed method _fetch_uri_string() and moved its logic into the class constructor.
      • Removed method _reindex_segments().
    • Loader Library changes include:
      • Added method chaining support.
      • Added method get_vars() to the Loader to retrieve all variables loaded with $this->load->vars().
      • _ci_autoloader() is now a protected method.
      • Added autoloading of drivers with $autoload['drivers'].
      • $config['rewrite_short_tags'] now has no effect when using PHP 5.4 as <?= will always be available.
      • Changed method config() to return whatever CI_Config::load() returns instead of always being void.
      • Added support for library and model aliasing on autoload.
      • Changed method is_loaded() to ask for the (case sensitive) library name instead of its instance name.
      • Removed $_base_classes property and unified all class data in $_ci_classes instead.
      • Added method clear_vars() to allow clearing the cached variables for views.
    • Input Library changes include:
      • Deprecated the $config['global_xss_filtering'] setting.
      • Added method() to retrieve $_SERVER['REQUEST_METHOD'].
      • Added support for arrays and network addresses (e.g. 192.168.1.1/24) for use with the proxy_ips setting.
      • Added method input_stream() to aid in using php://input stream data such as one passed via PUT, DELETE and PATCH requests.
      • Changed method valid_ip() to use PHP’s native filter_var() function.
      • Changed internal method _sanitize_globals() to skip enforcing reversal of register_globals in PHP 5.4+, where this functionality no longer exists.
      • Changed methods get()post()get_post()cookie()server()user_agent() to return NULL instead of FALSE when no value is found.
      • Changed default value of the $xss_clean parameter to NULL for all methods that utilize it, the default value is now determined by the $config['global_xss_filtering'] setting.
      • Added method post_get() and changed get_post() to search in GET data first. Both methods’ names now properly match their GET/POST data search priorities.
      • Changed method _fetch_from_array() to parse array notation in field name.
      • Changed method _fetch_from_array() to allow retrieving multiple fields at once.
      • Added an option for _clean_input_keys() to return FALSE instead of terminating the whole script.
      • Deprecated the is_cli_request() method, it is now an alias for the new is_cli() common function.
      • Added an $xss_clean parameter to method user_agent() and removed the $user_agent property.
      • Added property $raw_input_stream to access php://input data.
    • Common functions changes include:
      • Added function get_mimes() to return the application/config/mimes.php array.
      • Added support for HTTP code 303 (“See Other”) in set_status_header().
      • Removed redundant conditional to determine HTTP server protocol in set_status_header().
      • Renamed _exception_handler() to _error_handler() and replaced it with a real exception handler.
      • Changed _error_handler() to respect php.ini display_errors setting.
      • Added function is_https() to check if a secure connection is used.
      • Added function is_cli() to replace the CI_Input::is_cli_request() method.
      • Added function function_usable() to work around a bug in Suhosin <http://www.hardened-php.net/suhosin/>.
      • Removed the third ($php_error) argument from function log_message().
      • Changed internal function load_class() to accept a constructor parameter instead of (previously unused) class name prefix.
      • Removed default parameter value of is_php().
      • Added a second argument $double_encode to html_escape().
      • Changed function config_item() to return NULL instead of FALSE when no value is found.
      • Changed function set_status_header() to return immediately when run under CLI.
    • Output Library changes include:
      • Added a second argument to method set_content_type() that allows setting the document charset as well.
      • Added methods get_content_type() and get_header().
      • Added method delete_cache().
      • Added configuration option $config['cache_query_string'] to enable taking the query string into account when caching.
      • Changed caching behavior to compress the output before storing it, if $config['compress_output'] is enabled.
    • Config Library changes include:
      • Changed site_url() method to accept an array as well.
      • Removed internal method _assign_to_config() and moved its implementation to CodeIgniter.php instead.
      • item() now returns NULL instead of FALSE when the required config item doesn’t exist.
      • Added an optional second parameter to both base_url() and site_url() that allows enforcing of a protocol different than the one in the base_url configuration setting.
      • Added HTTP “Host” header character validation to prevent cache poisoning attacks when base_url auto-detection is used.
    • Security Library changes include:
      • Added $config['csrf_regeneration'], which makes CSRF token regeneration optional.
      • Added $config['csrf_exclude_uris'], allowing for exclusion of URIs from the CSRF protection (regular expressions are supported).
      • Added method strip_image_tags().
      • Added method get_random_bytes() and switched CSRF & XSS token generation to use it.
      • Modified method sanitize_filename() to read a public $filename_bad_chars property for getting the invalid characters list.
      • Return status code of 403 instead of a 500 if CSRF protection is enabled but a token is missing from a request.
    • Language Library changes include:
      • Changed method load() to filter the language name with ctype_alpha().
      • Changed method load() to also accept an array of language files.
      • Added an optional second parameter to method line() to disable error logging for line keys that were not found.
      • Language files are now loaded in a cascading style with the one in system/ always loaded and overridden afterwards, if another one is found.
    • Hooks Library changes include:
      • Added support for closure hooks (or anything that is_callable() returns TRUE for).
      • Renamed method _call_hook() to call_hook().
      • Class instances are now stored in order to maintain their state.
    • UTF-8 Library changes include:
      • UTF8_ENABLED now requires only one of Multibyte String or iconv to be available instead of both.
      • Changed method clean_string() to utilize mb_convert_encoding() if it is available.
      • Renamed method _is_ascii() to is_ascii() and made it public.
    • Log Library changes include:
      • Added a $config['log_file_permissions'] setting.
      • Changed the library constructor to try to create the log_path directory if it doesn’t exist.
      • Added support for microseconds (“u” date format character) in $config['log_date_format'].
    • Added compatibility layers <general/compatibility_functions> for:
      • Multibyte String (limited support).
      • Hash (hash_equals()hash_pbkdf2()).
      • Password Hashing.
      • Standard Functions ``array_column()`array_replace()array_replace_recursive()hex2bin(),quoted_printable_encode().
    • Removed CI_CORE boolean constant from CodeIgniter.php (no longer Reactor and Core versions).
    • Added support for HTTP-Only cookies with new config option cookie_httponly (default FALSE).
    • $config['time_reference'] now supports all timezone strings supported by PHP.
    • Fatal PHP errors are now also passed to _error_handler(), so they can be logged.

Share:

0 comments:

Post a Comment