变更记录
带 标识的为社区贡献。
标识的为社区贡献。
Version 2.1.0
Release Date: November 14, 2011
- General Changes
    - Fixed a potential parameter injection flaw in the Security Library and strengthened the XSS filter for HTML5 vulnerabilites.
- Callback validation rules can now accept parameters like any other validation rule.
- Added html_escape() to the Common functions to escape HTML output for preventing XSS easliy.
 
- Helpers
    - Added increment_string() to String Helper to turn "foo" into "foo-1" or "foo-1" into "foo-2".
- Altered form helper - made action on form_open_multipart helper function call optional. Fixes (#65)
- url_title() will now trim extra dashes from beginning and end.
- Improved speed of String Helper's random_string() method
 
- Database
    - Added a CUBRID driver to the Database driver. Thanks to the CUBRID team for supplying this patch.
- Added a PDO driver to the Database driver.
- Typecast limit and offset in the Database driver to integers to avoid possible injection.
- Added additional option 'none' for the optional third argument for $this->db->like() in the Database driver.
- Added $this->db->insert_batch() support to the OCI8 (Oracle) driver.
 
- Libraries
    - Changed $this->cart->insert() in the Cart library to return the Row ID if a single item was inserted successfully.
- Added support to set an optional parameter in your callback rules of validation using the Form Validation library.
- Added a Migration library to assist with applying incremental updates to your database schema.
- Driver children can be located in any package path.
- Added is_unique to the Form Validation library.
- Added $config['use_page_numbers'] to the Pagination library, which enables real page numbers in the URI.
- Added TLS and SSL Encryption for SMTP.
 
- Core
    - Changed private functions in URI library to protected so MY_URI can override them.
- Removed CI_CORE boolean constant from CodeIgniter.php (there are no longer different Reactor and Core versions).
 
- Changed private functions in URI library to protected so 
Bug fixes for 2.1.0
- Fixed #378 Robots identified as regular browsers by the User Agent class.
- If a config class was loaded first then a library with the same name is loaded, the config would be ignored.
- Fixed a bug (Reactor #19) where 1) the 404_override route was being ignored in some cases, and 2) auto-loaded libraries were not available to the 404_override controller when a controller existed but the requested method did not.
- Fixed a bug (Reactor #89) where MySQL export would fail if the table had hyphens or other non alphanumeric/underscore characters.
- Fixed a bug (#200) where MySQL queries would be malformed after calling $this->db->count_all() then $this->db->get() 
- Fixed bug #105 that stopped query errors from being logged unless database debugging was enabled
- Fixed a bug (#160) - Removed unneeded array copy in the file cache driver.
- Fixed a bug (#150) - field_data() now correctly returns column length.
- Fixed a bug (#8) - load_class() now looks for core classes in APPPATH first, allowing them to be replaced.
- Fixed a bug (#24) - ODBC database driver called incorrect parent in __construct().
- Fixed a bug (#85) - OCI8 (Oracle) database escape_str() function did not escape correct.
- Fixed a bug (#344) - Using schema found in Saving Session Data to a Database, system would throw error "user_data does not have a default value" when deleting then creating a session.
- Fixed a bug (#112) - OCI8 (Oracle) driver didn't pass the configured database character set when connecting.
- Fixed a bug (#182) - OCI8 (Oracle) driver used to re-execute the statement whenever num_rows() is called.
- Fixed a bug (#82) - WHERE clause field names in the DB update_string() method were not escaped, resulting in failed queries in some cases.
- Fixed a bug (#89) - Fix a variable type mismatch in DB display_error() where an array is expected, but a string could be set instead.
- Fixed a bug (#467) - Suppress warnings generated from get_magic_quotes_gpc() (deprecated in PHP 5.4)
- Fixed a bug (#484) - First time _csrf_set_hash() is called, hash is never set to the cookie (in Security.php).
- Fixed a bug (#60) - Added _file_mime_type() method to the File Uploading Library in order to fix a possible MIME-type injection (also fixes bug #394).
- Fixed a bug (#537) - Support for all wav type in browser.
- Fixed a bug (#576) - Using ini_get() function to detect if apc is enabled or not.
- Fixed invalid date time format in Date helper and XMLRPC library.
版本号 2.0.3
发布时间: 2011年8月20号
Hg标签: v2.0.3
- 安全方面
    - 改进了MySQL和MySQLi的驱动以防止通过在数据库连接时使用多字节的字符集来进行SQL注入。
 在PHP版本低于5.2.3和MySQL版本低于5.0.7环境下使用mysql_set_charset()方法的不兼容将会导致一种危险状况,在此环境下使用多字节字符集可能会暴露出SQL注入攻击的漏洞。Latin-1,UTF-8,和其他“低ASCII”字符集在所有环境下使用都是没问题的。 如果你在为你的数据库连接使用或者考虑使用多字符集的话,请密切关注你部署的服务器环境,以确保服务器的安全。 
- 修复了在index.php中一个注释的拼写错误。
- 将Session类的用户数据添加到了output分析器中。并在HTTP消息头,Session数据和配置参数中增加了一个切换显示和隐藏状态的开关。
- 移除内部使用的EXT常量。
- 更新了welcome_message视图和default error模版文件. 感谢danijelb 所提供的建议。
- 为PostgreSQL数据库驱动增加了insert_batch()方法。感谢epallerols所提供的建议。
- 为mimes.php.增加"application/x-csv"。
- 修复了一个 Email库的bug(当Email名字上附带“.”的时候将使用无效的MIME类型)。
- 为heading()方法增加了一个可选的第三个参数,这个参数将允许为渲染标题标签增加html属性。
- 修改了Session类来使用一个更长的与用户代理字符串的匹配。如果使用数据库sessions请查看更新日志。
- 为数据库驱动增加了$this->db->set_dbprefix()方法。
- 改变了Cart库中的$this->cart->insert()方法,如果只有一个数据被成功插入,这个方法将返回插入行的id。
- 为Loader库增加了$this->load->get_var()方法,这个方法将检索通过$this->load->view()和$this->load->vars()方法所设置的全局变量是否存在。
- 修改了$this->db->having()方法,插入引号将使用escape()方法而不是escape_str()方法。
2.0.3的Bug修复
- 增加ENVIRONMENT为保留字(Reactor #196)
- 修改服务器检查以确保SCRIPT_NAME被定义(Reactor #57)
- 从autoloader包里移除APPPATH.'third_party',从而取消了不必要的文件属性(在不存在包或者开发者默认没有加载任何包情况下)
- 修复了(Reactor #231)Session库中的数据库表SQL示例不包含最近一次更改索引的bug,详情请见更新日志.
- 修复了(Reactor #229)Sessions库文档SQL示例中的错误语句。
- 修复了(Core #340)当向$this->db->select()传第二个参数时,在之后的查询中列名称可能不会正确去除的bug。
- 修复了一个问题#199 -当作字符串传递的属性在开始标记和它自己之间不包含空格 。
- 修复了Cart库中的$this->cart->total_items()方法,现在它将返回cart中所有条目的总数量而不是你自己的总数。
- 修复了当为mysql和mysqli驱动的db_forge增加字段时不设置为“null”的bug,现在将把字段默认设置为Null。
- 修复了当使用 $this->db->select_max(), $this->db->select_min()等方法时可能抛出的提示,感谢w431的修补。
- 用php_sapi_name() == 'cli'替换了标准输入(STDIN )的检查,以使得整体更加的可靠。它将在定时工作时获取参数。
版本号 2.0.1
发表时间: 2011年3月15号
Hg标签: v2.0.1
- 总体变化
    - config文件添加了 $config['cookie_secure'] 用来允许安全链接(HTTPS) 设置cookie.
- 添加了常量 CI_CORE 以用于区分核心代码: TRUE 和社区贡献代码: FALSE.
- index.php添加了常量ENVIRONMENT, 可以改变PHP的error reporting设置, 可选的, which configuration files are loaded (如下). 更多请见于 环境控制 .
- 添加了支持 定制环境的配置文件.
 
- 类库
    - Form validation Class添加了decimal, less_than和greater_than规则.
- 如果未提供第一个参数,Input Class 的post()和get()方法将返回包含全部结果的数组.
- set_cookie() helper和Input Class的方法可以生成Secure cookies.
- Output Class添加了set_content_type()方法,用于设置HTTP的头:Content-Type的 MIME Type或者是config/mimes.php的数组.(Added set_content_type() to Output Class to set the output Content-Type HTTP header based on a MIME Type or a config/mimes.php array key.)
- Output Class现在支持链式调用.
 
- 辅助类
    - 改变了Form helper的form_open()处理逻辑. 如果没有值传递过来,那么将会提交当前的URL.
 
2.0.1的Bug修正
- 可以在任意文件夹下面运行CLI的请求, 不再只限于index.php所在目录.
- Fixed issue #41: 为mp3添加了audio/mp3 mime头.
- Fixed a bug (核心代码#329) 文件缓存驱动引用了错误的缓存目录.
- Fixed a bug (社区代码#69) SHA1类库命名错误.
版本号:2.0.0
编译时间:2011年1月28日
Hg标签:v2.0.0
- 总体变化
    - 已不支持PHP4。 CodeIgniter现在最低需要PHP5.1.6。
- 脚手架前一版本已被弃用,2.0已删除。
- Plugins已被删除,鼓励使用Helpers。验证码图片plugin已经转为一个Helper,并归入文档。 由于可以使用其他更成熟的JavaScript日历类库,特别是jQuery,自带的JavaScript的日历插件已删除。
- 增加了新的特殊的库类型:Drivers。
- 新增对query-string的完整支持,详见配置文件。
- 将application从system文件夹中移出。
- 将system/cache和system/logs文件夹从system移到application里。
- 对主index.php文件添加路由重载,使普通的路由指向能够在每个单个的"index"文件的里重写。
- 在主index.php文件增加直接从数据集设置配置值(或重写配置值)的能力,这可以使一个单独的应用程序被多个前端Controller使用,而每个Controller之间又有自己的配置。
- 添加配置$config['directory_trigger'],使访问一个Controller子目录时可以用指定的URI,而不是_GET字符串。
- 新增设置“Package”路径功能 - 每次访问加载时,Loader和config总是首先从这里查找。这使分布的每个子应用都可以在一个单独的"package"目录里拥有它们自己的libraries, models, config等等。详见Loader class文档。
- 开发中的代码现在托管在BitBucket。
- 删除了过时Validation类。
- 在所有核心类名上添加了CI_前缀。
- 现在可以在自动加载文件application/config/autoload.php里设置"Package"的路径。
- 现在可以不带扩展名设置Upload库的file_name,扩展名将由实际上传的文件扩展名取代给定的。
- 在Database Forge中如果你不改变名称,$this-> dbforge -> modify_column()第二个参数可以省略。
- 配置$config['base_url']现在默认为空,会判断它应该是什么。
- 启用完整的命令行界面兼容配置config['uri_protocol'] = 'CLI';。
 
- 类库
    - 增加了一个Cache driver,支持APC,memcached,和基于文件的缓存。
- 在Pagination library里新增了$prefix, $suffix 和 $first_url属性。
- 在Pagination library里新增了可以设置值为false来禁用首页,上一页,下一页,和翻页跳转的链接。
- 增加Security library,它现在包含xss_clean方法,filename_security方法和其他安全相关的方法。
- 在Security library添加CSRF(跨站点的参考伪造)的保护。
- 在Output library新增$parse_exec_vars属性。
- Profiler新增能开启/禁用个别路径的访问权限。
- 在File Uploading Class增加了一个通配符配置选项$config['allowed_types'] = '*'。
- 在XML-RPC Server library中增加了一个'object'配置变量,这样就可以指定对象寻找要调用的方法,而不是在$CI superobject中假设它。
- 在单元测试运行的开头加入了“is_object”。
- Table library将生成一个空字段,赋值为一个空字符串或NULL值。
- 在Table library新增了功能:新增字段,设置标记属性。
- 在Parser Class增加了一个parse_string()。
- 在Profiler输出中曾加HTTP头和配置信息。
- 在User Agent Class中增加通过browser()对浏览器Chrome和Flock的检测。
- 在Unit Test Class中现在有一个可选的“notes”设置,允许使用$this->unit->set_test_items()分离显示测试结果。
- 在XMLRPC library增加了一个成员变量$xss_clean,使控制可以使用Security library的xss_clean()方法。
- 在FTP library增加了一个download()方法。
- 更改如果上传文件XSS检查失败,do_xss_clean()返回false。
- 在Upload library添加stripslashes() 和trim(),对$_FILES的双引号规范输入。
- 在$this->zip->read_dir('/path/to/directory', FALSE)添加了第二个参数(bool)来消除创建ZIP档案时前面的空文件夹。好比一个压缩文件应该包含一个文件夹和所有内容。
- 在Image Library添加使用GD库的调整尺寸和调整PNG透明度。
- 修改了Session类,如果没有在配置文件里设置“encryption key”的值,则不能使用Session。
- 在Session class增加了一个新的配置项sess_expire_on_close,允许浏览器窗口关闭时,会话自动到期。
- 改进Encryption library的性能,当服务器上Mcrypt可用时。
- 改变了Encryption library默认的加密模式为CBC。
- 新增一个encode_from_legacy()用来转换在CI1.x中加密的数据到2.0。详见升级说明 。
- 修改Form_Validation library,允许在set_rules(), set_message()()和set_error_delimiters()使用方法链接。
- 修改Email Library允许使用方法链接。
- 在input class新增request_headers(), get_request_header() 和 is_ajax_request()。
- 修改User agent library,使is_browser(), is_mobile() 和 is_robot()可以选择检查特定的浏览器或移动设备。
 
- 数据库
    - 数据库配置.
- 在database configuration新增autoinit值。
- 在database configuration新增stricton值。
- 在Database Utilities Class新增database_exists()。
- db->version()发生语义变化,允许对数据库的异常列表和函数返回版本字符串,代替特殊格式的SQL查询。目前,这份名单只包括Oracle和SQLite。
- 修正了一个当在有标识保护的特定表执行函数field_data()发生异常。
- 修正了一个未定义的类变量在数据库驱动中引用的一个错误。
- 修改了有数据库错误时,标识出有问题的文件名和行。
- 删除了已过时的函数:orwhere, orlike, groupby, orhaving, orderby, getwhere。
- 从db utility drivers中删除过时的_drop_database() and _create_database()。
- 改进Postgres数据库驱动的dbforge create_table()。
 
- Helpers
    - Added convert_accented_characters() function to text helper.
- Added accept-charset to the list of inserted attributes of form_open() in the Form Helper.
- Deprecated the dohash() function in favour of do_hash() for naming consistency.
- Non-backwards compatible change made to get_dir_file_info() in the File Helper. No longer recurses by default so as to encourage responsible use (this function can cause server performance issues when used without caution).
- Modified the second parameter of directory_map() in the Directory Helper to accept an integer to specify recursion depth.
- Modified delete_files() in the File Helper to return FALSE on failure.
- Added an optional second parameter to byte_format() in the Number Helper to allow for decimal precision.
- Added alpha, and sha1 string types to random_string() in the String Helper.
- Modified prep_url() so as to not prepend http:// if the supplied string already has a scheme.
- Modified get_file_info in the file helper, changing filectime() to filemtime() for dates.
- Modified smiley_js() to add optional third parameter to return only the javascript with no script tags.
- The img() function of the HTML helper will now generate an empty string as an alt attribute if one is not provided.
- If CSRF is enabled in the application config file, form_open() will automatically insert it as a hidden field.
- Added sanitize_filename() into the Security helper.
- Added ellipsize() to the Text Helper
- Added elements() to the Array Helper
 
- Other Changes
    - Added an optional second parameter to show_404() to disable logging.
- Updated loader to automatically apply the sub-class prefix as an option when loading classes. Class names can be prefixed with the standard "CI_" or the same prefix as the subclass prefix, or no prefix at all.
- Increased randomness with is_really_writable() to avoid file collisions when hundreds or thousands of requests occur at once.
- Switched some DIR_WRITE_MODE constant uses to FILE_WRITE_MODE where files and not directories are being operated on.
- get_mime_by_extension() is now case insensitive.
- Added "default" to the list Reserved Names.
- Added 'application/x-msdownload' for .exe files and ''application/x-gzip-compressed' for .tgz files to config/mimes.php.
- Updated the output library to no longer compress output or send content-length headers if the server runs with zlib.output_compression enabled.
- Eliminated a call to is_really_writable() on each request unless it is really needed (Output caching)
- Documented append_output() in the Output Class.
- Documented a second argument in the decode() function for the Encryption Class.
- Documented db->close().
- Updated the router to support a default route with any number of segments.
- Moved _remove_invisible_characters() function from the Security Library to common functions.
- Added audio/mpeg3 as a valid mime type for MP3.
 
Bug fixes for 2.0.0
- Fixed a bug where you could not change the User-Agent when sending email.
- Fixed a bug where the Output class would send incorrect cached output for controllers implementing their own _output() method.
- Fixed a bug where a failed query would not have a saved query execution time causing errors in the Profiler
- Fixed a bug that was writing log entries when multiple identical helpers and plugins were loaded.
- Fixed assorted user guide typos or examples (#10693, #8951, #7825, #8660, #7883, #6771, #10656).
- Fixed a language key in the profiler: "profiler_no_memory_usage" to "profiler_no_memory".
- Fixed an error in the Zip library that didn't allow downloading on PHP 4 servers.
- Fixed a bug in the Form Validation library where fields passed as rule parameters were not being translated (#9132)
- Modified inflector helper to properly pluralize words that end in 'ch' or 'sh'
- Fixed a bug in xss_clean() that was not allowing hyphens in query strings of submitted URLs.
- Fixed bugs in get_dir_file_info() and get_file_info() in the File Helper with recursion, and file paths on Windows.
- Fixed a bug where Active Record override parameter would not let you disable Active Record if it was enabled in your database config file.
- Fixed a bug in reduce_double_slashes() in the String Helper to properly remove duplicate leading slashes (#7585)
- Fixed a bug in values_parsing() of the XML-RPC library which prevented NULL variables typed as 'string' from being handled properly.
- Fixed a bug were form_open_multipart() didn't accept string attribute arguments (#10930).
- Fixed a bug (#10470) where get_mime_by_extension() was case sensitive.
- Fixed a bug where some error messages for the SQLite and Oracle drivers would not display.
- Fixed a bug where files created with the Zip Library would result in file creation dates of 1980.
- Fixed a bug in the Session library that would result in PHP error when attempting to store values with objects.
- Fixed a bug where extending the Controller class would result in a fatal PHP error.
- Fixed a PHP Strict Standards Error in the index.php file.
- Fixed a bug where getimagesize() was being needlessly checked on non-image files in is_allowed_type().
- Fixed a bug in the Encryption library where an empty key was not triggering an error.
- Fixed a bug in the Email library where CC and BCC recipients were not reset when using the clear() method (#109).
- Fixed a bug in the URL Helper where prep_url() could cause a PHP error on PHP versions < 5.1.2.
- Added a log message in core/output if the cache directory config value was not found.
- Fixed a bug where multiple libraries could not be loaded by passing an array to load->library()
- Fixed a bug in the html helper where too much white space was rendered between the src and alt tags in the img() function.
- Fixed a bug in the profilers _compile_queries() function.
- Fixed a bug in the date helper where the DATE_ISO8601 variable was returning an incorrectly formatted date string.
版本 1.7.2
发布日期:2009年9月11日
Hg Tag: v1.7.2
- Libraries
  - Added a new Cart Class.
- Added the ability to pass $config['file_name'] for the File Uploading Class and rename the uploaded file.
- Changed order of listed user-agents so Safari would more accurately report itself. (#6844)
 
- Database
  - Switched from using gettype() in escape() to is_* methods, since future PHP versions might change its output.
- Updated all database drivers to handle arrays in escape_str()
- Added escape_like_str() method for escaping strings to be used in LIKE conditions
- Updated Active Record to utilize the new LIKE escaping mechanism.
- Added reconnect() method to DB drivers to try to keep alive / reestablish a connection after a long idle.
- Modified MSSQL driver to use mssql_get_last_message() for error messages.
 
- Helpers
  - Added form_multiselect() to the Form helper.
- Modified form_hidden() in the Form helper to accept multi-dimensional arrays.
- Modified form_prep() in the Form helper to keep track of prepped fields to avoid multiple prep/mutation from subsequent calls which can occur when using Form Validation and form helper functions to output form fields.
- Modified directory_map() in the Directory helper to allow the inclusion of hidden files, and to return FALSE on failure to read directory.
- Modified the Smiley helper to work with multiple fields and insert the smiley at the last known cursor position.
 
- General
  - Compatible with PHP 5.3.0
- Modified show_error() to allow sending of HTTP server response codes.
- Modified show_404() to send 404 status code, removing non-CGI compatible header() statement from error_404.php template.
- Added set_status_header() to the Common functions to allow use when the Output class is unavailable.
- Added is_php() to Common functions to facilitate PHP version comparisons.
- Added 2 CodeIgniter "cheatsheets" (thanks to DesignFellow.com for this contribution).
 
1.7.2 修复的 BUG
- Fixed assorted user guide typos or examples (#6743, #7214, #7516, #7287, #7852, #8224, #8324, #8349).
- Fixed a bug in the Form Validation library where multiple callbacks weren't working (#6110)
- doctype helper default value was missing a "1".
- Fixed a bug in the language class when outputting an error for an unfound file.
- Fixed a bug in the Calendar library where the shortname was output for "May".
- Fixed a bug with ORIG_PATH_INFO that was allowing URIs of just a slash through.
- Fixed a fatal error in the Oracle and ODBC drivers (#6752)
- Fixed a bug where xml_from_result() was checking for a nonexistent method.
- Fixed a bug where Database Forge's add_column and modify_column were not looping through when sent multiple fields.
- Fixed a bug where the File Helper was using '/' instead of the DIRECTORY_SEPARATOR constant.
- Fixed a bug to prevent PHP errors when attempting to use sendmail on servers that have manually disabled the PHP popen() function.
- Fixed a bug that would cause PHP errors in XML-RPC data if the PHP data type did not match the specified XML-RPC type.
- Fixed a bug in the XML-RPC class with parsing dateTime.iso8601 data types.
- Fixed a case sensitive string replacement in xss_clean()
- Fixed a bug in form_textarea() where form data was not prepped correctly.
- Fixed a bug in form_prep() causing it to not preserve entities in the user's original input when called back into a form element
- Fixed a bug in _protect_identifiers() where the swap prefix ($swap_pre) was not being observed.
- Fixed a bug where the 400 status header sent with the 'disallowed URI characters' was not compatible with CGI environments.
- Fixed a bug in the typography class where heading tags could have paragraph tags inserted when using auto_typography().
Version 1.7.1
Release Date: February 10, 2009
Hg Tag: 1.7.1
- Libraries
  - Fixed an arbitrary script execution security flaw (#6068) in the Form Validation library (thanks to hkk)
- Changed default current page indicator in the Pagination library to use <strong> instead of <b>
- A "HTTP/1.1 400 Bad Request" header is now sent when disallowed characters are encountered.
- Added <big>, <small>, <q>, and <tt> to the Typography parser's inline elements.
- Added more accurate error reporting for the Email library when using sendmail.
- Removed a strict type check from the rotate() function of the Image Manipulation Class.
- Added enhanced error checking in file saving in the Image library when using the GD lib.
- Added an additional newline between multipart email headers and the MIME message text for better compatibility with a variety of MUAs.
- Made modest improvements to efficiency and accuracy of explode_name() in the Image lib.
 
- Database
  - Added where_in to the list of expected arguments received by delete().
 
- Helpers
  - Added the ability to have optgroups in form_dropdown() within the form helper.
- Added a doctype() function to the HTML helper.
- Added ability to force lowercase for url_title() in the URL helper.
- Changed the default "type" of form_button() to "button" from "submit" in the form helper.
- Changed redirect() in the URL helper to allow redirections to URLs outside of the CI site.
- Updated get_cookie() to try to fetch the cookie using the global cookie prefix if the requested cookie name doesn't exist.
 
- Other Changes
  - Improved security in xss_clean() to help prevent attacks targeting Internet Explorer.
- Added 'application/msexcel' to config/mimes.php for .xls files.
- Added 'proxy_ips' config item to whitelist reverse proxy servers from which to trust the HTTP_X_FORWARDED_FOR header to to determine the visitor's IP address.
- Improved accuracy of Upload::is_allowed_filetype() for images (#6715)
 
Bug fixes for 1.7.1
- Database
  - Fixed a bug when doing 'random' on order_by() (#5706).
- Fixed a bug where adding a primary key through Forge could fail (#5731).
- Fixed a bug when using DB cache on multiple databases (#5737).
- Fixed a bug where TRUNCATE was not considered a "write" query (#6619).
- Fixed a bug where csv_from_result() was checking for a nonexistent method.
- Fixed a bug _protect_identifiers() where it was improperly removing all pipe symbols from items
 
- Fixed assorted user guide typos or examples (#5998, #6093, #6259, #6339, #6432, #6521).
- Fixed a bug in the MySQLi driver when no port is specified
- Fixed a bug (#5702), in which the field label was not being fetched properly, when "matching" one field to another.
- Fixed a bug in which identifers were not being escaped properly when reserved characters were used.
- Fixed a bug with the regular expression used to protect submitted paragraph tags in auto typography.
- Fixed a bug where double dashes within tag attributes were being converted to em dash entities.
- Fixed a bug where double spaces within tag attributes were being converted to non-breaking space entities.
- Fixed some accuracy issues with curly quotes in Typography::format_characters()
- Changed a few docblock comments to reflect actual return values.
- Fixed a bug with high ascii characters in subject and from email headers.
- Fixed a bug in xss_clean() where whitespace following a validated character entity would not be preserved.
- Fixed a bug where HTML comments and <pre> tags were being parsed in Typography::auto_typography().
- Fixed a bug with non-breaking space cleanup in Typography::auto_typography().
- Fixed a bug in database escaping where a compound statement (ie: SUM()) wasn't handled correctly with database prefixes.
- Fixed a bug when an opening quote is preceded by a paragraph tag and immediately followed by another tag.
- Fixed a bug in the Text Helper affecting some locales where word_censor() would not work on words beginning or ending with an accented character.
- Fixed a bug in the Text Helper character limiter where the provided limit intersects the last word of the string.
- Fixed a bug (#6342) with plural() in the Inflection helper with words ending in "y".
- Fixed bug (#6517) where Routed URI segments returned by URI::rsegment() method were incorrect for the default controller.
- Fixed a bug (#6706) in the Security Helper where xss_clean() was using a deprecated second argument.
- Fixed a bug in the URL helper url_title() function where trailing periods were allowed at the end of a URL.
- Fixed a bug (#6669) in the Email class when CRLF's are used for the newline character with headers when used with the "mail" protocol.
- Fixed a bug (#6500) where URI::A_filter_uri() was exit()ing an error instead of using show_error().
- Fixed a bug (#6592) in the File Helper where get_dir_file_info() where recursion was not occurring properly.
- Tweaked Typography::auto_typography() for some edge-cases.
Version 1.7
Release Date: October 23, 2008
Hg Tag: 1.7.0
- Libraries
  - Added a new Form Validation Class. It simplifies setting rules and field names, supports arrays as field names, allows groups of validation rules to be saved in a config file, and adds some helper functions for use in view files. Please note that the old Validation class is now deprecated. We will leave it in the library folder for some time so that existing applications that use it will not break, but you are encouraged to migrate to the new version.
- Updated the Sessions class so that any custom data being saved gets stored to a database rather than the session cookie (assuming you are using a database to store session data), permitting much more data to be saved.
- Added the ability to store libraries in subdirectories within either the main "libraries" or the local application "libraries" folder. Please see the Loader class for more info.
- Added the ability to assign library objects to your own variable names when you use $this->load->library(). Please see the Loader class for more info.
- Added controller class/method info to Profiler class and support for multiple database connections.
- Improved the "auto typography" feature and moved it out of the helper into its own Typography Class.
- Improved performance and accuracy of xss_clean(), including reduction of false positives on image/file tests.
- Improved Parser class to allow multiple calls to the parse() function. The output of each is appended in the output.
- Added max_filename option to set a file name length limit in the File Upload Class.
- Added set_status_header() function to Output class.
- Modified Pagination class to only output the "First" link when the link for page one would not be shown.
- Added support for mb_strlen in the Form Validation class so that multi-byte languages will calculate string lengths properly.
 
- Database
  - Improved Active Record class to allow full path column and table names: hostname.database.table.column. Also improved the alias handling.
- Improved how table and column names are escaped and prefixed. It now honors full path names when adding prefixes and escaping.
- Added Active Record caching feature to "update" and "delete" functions.
- Added removal of non-printing control characters in escape_str() of DB drivers that do not have native PHP escaping mechanisms (mssql, oci8, odbc), to avoid potential SQL errors, and possible sources of SQL injection.
- Added port support to MySQL, MySQLi, and MS SQL database drivers.
- Added driver name variable in each DB driver, based on bug report #4436.
 
- Helpers
  - Added several new "setting" functions to the Form helper that allow POST data to be retrieved and set into forms. These are intended to be used on their own, or with the new Form Validation Class.
- Added current_url() and uri_segments() to URL helper.
- Altered auto_link() in the URL helper so that email addresses with "+" included will be linked.
- Added meta() function to HTML helper.
- Improved accuracy of calculations in Number helper.
- Removed added newlines ("\n") from most form and html helper functions.
- Tightened up validation in the Date helper function human_to_unix(), and eliminated the POSIX regex.
- Updated Date helper to match the world's current time zones and offsets.
- Modified url_title() in the URL helper to remove characters and digits that are part of character entities, to allow dashes, underscores, and periods regardless of the $separator, and to allow uppercase characters.
- Added support for arbitrary attributes in anchor_popup() of the URL helper.
 
- Other Changes
  - Added PHP Style Guide to docs.
- Added sanitization in xss_clean() for a deprecated HTML tag that could be abused in user input in Internet Explorer.
- Added a few openxml document mime types, and an additional mobile agent to mimes.php and user_agents.php respectively.
- Added a file lock check during caching, before trying to write to the file.
- Modified Cookie key cleaning to unset a few troublesome key names that can be present in certain environments, preventing CI from halting execution.
- Changed the output of the profiler to use style attribute rather than clear, and added the id "codeigniter_profiler" to the container div.
 
Bug fixes for 1.7.0
- Fixed bug in xss_clean() that could remove some desirable tag attributes.
- Fixed assorted user guide typos or examples (#4807, #4812, #4840, #4862, #4864, #4899, #4930, #5006, #5071, #5158, #5229, #5254, #5351).
- Fixed an edit from 1.6.3 that made the $robots array in user_agents.php go poof.
- Fixed a bug in the Email library with quoted-printable encoding improperly encoding space and tab characters.
- Modified XSS sanitization to no longer add semicolons after &[single letter], such as in M&M's, B&B, etc.
- Modified XSS sanitization to no longer strip XHTML image tags of closing slashes.
- Fixed a bug in the Session class when database sessions are used where upon session update all userdata would be errantly written to the session cookie.
- Fixed a bug (#4536) in backups with the MySQL driver where some legacy code was causing certain characters to be double escaped.
- Fixed a routing bug (#4661) that occurred when the default route pointed to a subfolder.
- Fixed the spelling of "Dhaka" in the timezone_menu() function of the Date helper.
- Fixed the spelling of "raspberry" in config/smileys.php.
- Fixed incorrect parenthesis in form_open() function (#5135).
- Fixed a bug that was ignoring case when comparing controller methods (#4560).
- Fixed a bug (#4615) that was not setting SMTP authorization settings when using the initialize function.
- Fixed a bug in highlight_code() in the Text helper that would leave a stray </span> in certain cases.
- Fixed Oracle bug (#3306) that was preventing multiple queries in one action.
- Fixed ODBC bug that was ignoring connection params due to its use of a constructor.
- Fixed a DB driver bug with num_rows() that would cause an error with the Oracle driver.
- Fixed MS SQL bug (#4915). Added brackets around database name in MS SQL driver when selecting the database, in the event that reserved characters are used in the name.
- Fixed a DB caching bug (4718) in which the path was incorrect when no URI segments were present.
- Fixed Image_lib class bug #4562. A path was not defined for NetPBM.
- Fixed Image_lib class bug #4532. When cropping an image with identical height/width settings on output, a copy is made.
- Fixed DB_driver bug (4900), in which a database error was not being logged correctly.
- Fixed DB backup bug in which field names were not being escaped.
- Fixed a DB Active Record caching bug in which multiple calls to cached data were not being honored.
- Fixed a bug in the Session class that was disallowing slashes in the serialized array.
- Fixed a Form Validation bug in which the "isset" error message was being trigged by the "required" rule.
- Fixed a spelling error in a Loader error message.
- Fixed a bug (5050) with IP validation with empty segments.
- Fixed a bug in which the parser was being greedy if multiple identical sets of tags were encountered.
版本 1.6.3
发布日期: 2008年6月26日
Hg Tag: v1.6.3
版本1.6.3是一个安全和维护的版本,建议所有用户使用。
- Database
  - Modified MySQL/MySQLi Forge class to give explicit names to keys
- Added ability to set multiple column non-primary keys to the Forge class
- Added ability to set additional database config values in DSN connections via the query string.
 
- Libraries
  - Set the mime type check in the Upload class to reference the global mimes variable.
- Added support for query strings to the Pagination class, automatically detected or explicitly declared.
- Added get_post() to the Input class.
- Documented get() in the Input class.
- Added the ability to automatically output language items as form labels in the Language class.
 
- Helpers
  - Added a Language helper.
- Added a Number helper.
- Form helper refactored to allow form_open() and form_fieldset() to accept arrays or strings as arguments.
 
- Other changes
  - Improved security in xss_clean().
- Removed an unused Router reference in _display_cache().
- Added ability to use xss_clean() to test images for XSS, useful for upload security.
- Considerably expanded list of mobile user-agents in config/user_agents.php.
- Charset information in the userguide has been moved above title for internationalization purposes (#4614).
- Added "Using Associative Arrays In a Request Parameter" example to the XMLRPC userguide page.
- Removed maxlength and size as automatically added attributes of form_input() in the form helper.
- Documented the language file use of byte_format() in the number helper.
 
Bug fixes for 1.6.3
- Added a language key for valid_emails in validation_lang.php.
- Amended fixes for bug (#3419) with parsing DSN database connections.
- Moved the _has_operators() function (#4535) into DB_driver from DB_active_rec.
- Fixed a syntax error in upload_lang.php.
- Fixed a bug (#4542) with a regular expression in the Image library.
- Fixed a bug (#4561) where orhaving() wasn't properly passing values.
- Removed some unused variables from the code (#4563).
- Fixed a bug where having() was not adding an = into the statement (#4568).
- Fixed assorted user guide typos or examples (#4574, #4706).
- Added quoted-printable headers to Email class when the multi-part override is used.
- Fixed a double opening <p> tag in the index pages of each system directory.
Version 1.6.2
Release Date: May 13, 2008
Hg Tag: 1.6.2
- Active Record
  - Added the ability to prevent escaping in having() clauses.
- Added rename_table() into DBForge.
- Fixed a bug that wasn't allowing escaping to be turned off if the value of a query was NULL.
- DB Forge is now assigned to any models that exist after loading (#3457).
 
- Database
  - Added Strict Mode to database transactions.
- Escape behaviour in where() clauses has changed; values in those with the "FALSE" argument are no longer escaped (ie: quoted).
 
- Config
  - Added 'application/vnd.ms-powerpoint' to list of mime types.
- Added 'audio/mpg' to list of mime types.
- Added new user-modifiable file constants.php containing file mode and fopen constants.
- Added the ability to set CRLF settings via config in the Email class.
 
- Libraries
  - Added increased security for filename handling in the Upload library.
- Added increased security for sessions for client-side data tampering.
- The MySQLi forge class is now in sync with MySQL forge.
- Added the ability to set CRLF settings via config in the Email class.
- Unit Testing results are now colour coded, and a change was made to the default template of results.
- Added a valid_emails rule to the Validation class.
- The Zip class now exits within download().
- The Zip class has undergone a substantial re-write for speed and clarity (thanks stanleyxu for the hard work and code contribution in bug report #3425!)
 
- Helpers
  - Added a Compatibility Helper for using some common PHP 5 functions safely in applications that might run on PHP 4 servers (thanks Seppo for the hard work and code contribution!)
- Added form_button() in the Form helper.
- Changed the radio() and checkbox() functions to default to not checked by default.
- Added the ability to include an optional HTTP Response Code in the redirect() function of the URL Helper.
- Modified img() in the HTML Helper to remove an unneeded space (#4208).
- Modified anchor() in the URL helper to no longer add a default title= attribute (#4209).
- The Download helper now exits within force_download().
- Added get_dir_file_info(), get_file_info(), and get_mime_by_extension() to the File Helper.
- Added symbolic_permissions() and octal_permissions() to the File helper.
 
- Plugins
  - Modified captcha generation to first look for the function imagecreatetruecolor, and fallback to imagecreate if it isn't available (#4226).
 
- Other
  Changes
  - Added ability for xss_clean() to accept arrays.
- Removed closing PHP tags from all PHP files to avoid accidental output and potential 'cannot modify headers' errors.
- Removed "scripts" from the auto-load search path. Scripts were deprecated in Version 1.4.1 (September 21, 2006). If you still need to use them for legacy reasons, they must now be manually loaded in each Controller.
- Added a Reserved Names page to the userguide, and migrated reserved controller names into it.
- Added a Common Functions page to the userguide for globally available functions.
- Improved security and performance of xss_clean().
 
Bugfixes for 1.6.2
- Fixed a bug where SET queries were not being handled as "write" queries.
- Fixed a bug (#3191) with ORIG_PATH_INFO URI parsing.
- Fixed a bug in DB Forge, when inserting an id field (#3456).
- Fixed a bug in the table library that could cause identically constructed rows to be dropped (#3459).
- Fixed DB Driver and MySQLi result driver checking for resources instead of objects (#3461).
- Fixed an AR_caching error where it wasn't tracking table aliases (#3463).
- Fixed a bug in AR compiling, where select statements with arguments got incorrectly escaped (#3478).
- Fixed an incorrect documentation of $this->load->language (#3520).
- Fixed bugs (#3523, #4350) in get_filenames() with recursion and problems with Windows when $include_path is used.
- Fixed a bug (#4153) in the XML-RPC class preventing dateTime.iso8601 from being used.
- Fixed an AR bug with or_where_not_in() (#4171).
- Fixed a bug with xss_clean() that would add semicolons to GET URI variable strings.
- Fixed a bug (#4206) in the Directory Helper where the directory resource was not being closed, and minor improvements.
- Fixed a bug in the FTP library where delete_dir() was not working recursively (#4215).
- Fixed a Validation bug when set_rules() is used with a non-array field name and rule (#4220).
- Fixed a bug (#4223) where DB caching would not work for returned DB objects or multiple DB connections.
- Fixed a bug in the Upload library that might output the same error twice (#4390).
- Fixed an AR bug when joining with a table alias and table prefix (#4400).
- Fixed a bug in the DB class testing the $params argument.
- Fixed a bug in the Table library where the integer 0 in cell data would be displayed as a blank cell.
- Fixed a bug in link_tag() of the URL helper where a key was passed instead of a value.
- Fixed a bug in DB_result::row() that prevented it from returning individual fields with MySQL NULL values.
- Fixed a bug where SMTP emails were not having dot transformation performed on lines that begin with a dot.
- Fixed a bug in display_error() in the DB driver that was instantiating new Language and Exception objects, and not using the error heading.
- Fixed a bug (#4413) where a URI containing slashes only e.g. 'http://example.com/index.php?//' would result in PHP errors
- Fixed an array to string conversion error in the Validation library (#4425)
- Fixed bug (#4451, #4299, #4339) where failed transactions will not rollback when debug mode is enabled.
- Fixed a bug (#4506) with overlay_watermark() in the Image library preventing support for PNG-24s with alpha transparency
- Fixed assorted user guide typos (#3453, #4364, #4379, #4399, #4408, #4412, #4448, #4488).
Version 1.6.1
Release Date: February 12, 2008
Hg Tag: 1.6.1
- Active Record
  - Added Active Record Caching.
- Made Active Record fully database-prefix aware.
 
- Database drivers
  - Added support for setting client character set and collation for MySQLi.
 
- Core Changes
  - Modified xss_clean() to be more intelligent with its handling of URL encoded strings.
- Added $_SERVER, $_FILES, $_ENV, and $_SESSION to sanitization of globals.
- Added a Path Helper.
- Simplified _reindex_segments() in the URI class.
- Escaped the '-' in the default 'permitted_uri_chars' config item, to prevent errors if developers just try to add additional characters to the end of the default expression.
- Modified method calling to controllers to show a 404 when a private or protected method is accessed via a URL.
- Modified framework initiated 404s to log the controller and method for invalid requests.
 
- Helpers
  - Modified get_filenames() in the File Helper to return FALSE if the $source_dir is not readable.
 
Bugfixes for 1.6.1
- Deprecated is_numeric as a validation rule. Use of numeric and integer are preferred.
- Fixed bug (#3379) in DBForge with SQLite for table creation.
- Made Active Record fully database prefix aware (#3384).
- Fixed a bug where DBForge was outputting invalid SQL in Postgres by adding brackets around the tables in FROM.
- Changed the behaviour of Active Record's update() to make the WHERE clause optional (#3395).
- Fixed a bug (#3396) where certain POST variables would cause a PHP warning.
- Fixed a bug in query binding (#3402).
- Changed order of SQL keywords in the Profiler $highlight array so OR would not be highlighted before ORDER BY.
- Fixed a bug (#3404) where the MySQLi driver was testing if $this->conn_id was a resource instead of an object.
- Fixed a bug (#3419) connecting to a database via a DSN string.
- Fixed a bug (#3445) where the routed segment array was not re-indexed to begin with 1 when the default controller is used.
- Fixed assorted user guide typos.
Version 1.6.0
Release Date: January 30, 2008
- DBForge
  - Added DBForge to the database tools.
- Moved create_database() and drop_database() into DBForge.
- Added add_field(), add_key(), create_table(), drop_table(), add_column(), drop_column(), modify_column() into DBForge.
 
- Active Record
  - Added protect_identifiers() in Active Record.
- All AR queries are backticked if appropriate to the database.
- Added where_in(), or_where_in(), where_not_in(), or_where_not_in(), not_like() and or_not_like() to Active Record.
- Added support for limit() into update() and delete() statements in Active Record.
- Added empty_table() and truncate_table() to Active Record.
- Added the ability to pass an array of tables to the delete() statement in Active Record.
- Added count_all_results() function to Active Record.
- Added select_max(), select_min(), select_avg() and select_sum() to Active Record.
- Added the ability to use aliases with joins in Active Record.
- Added a third parameter to Active Record's like() clause to control where the wildcard goes.
- Added a third parameter to set() in Active Record that withholds escaping data.
- Changed the behaviour of variables submitted to the where() clause with no values to auto set "IS NULL"
 
- Other Database Related
  - MySQL driver now requires MySQL 4.1+
- Added $this->DB->save_queries variable to DB driver, enabling queries to get saved or not. Previously they were always saved.
- Added $this->db->dbprefix() to manually add database prefixes.
- Added 'random' as an order_by() option , and removed "rand()" as a listed option as it was MySQL only.
- Added a check for NULL fields in the MySQL database backup utility.
- Added "constrain_by_prefix" parameter to db->list_table() function. If set to TRUE it will limit the result to only table names with the current prefix.
- Deprecated from Active Record; getwhere() for get_where(); groupby() for group_by(); havingor() for having_or(); orderby() for order_by; orwhere() for or_where(); and orlike() for or_like().
- Modified csv_from_result() to output CSV data more in the spirit of basic rules of RFC 4180.
- Added 'char_set' and 'dbcollat' database configuration settings, to explicitly set the client communication properly.
- Removed 'active_r' configuration setting and replaced with a global $active_record setting, which is more in harmony with the global nature of the behavior (#1834).
 
- Core changes
  - Added ability to load multiple views, whose content will be appended to the output in the order loaded.
- Added the ability to auto-load Models.
- Reorganized the URI and Routes classes for better clarity.
- Added Compat.php to allow function overrides for older versions of PHP or PHP environments missing certain extensions / libraries
- Added memory usage, GET, URI string data, and individual query execution time to Profiler output.
- Deprecated Scaffolding.
- Added is_really_writable() to Common.php to provide a cross-platform reliable method of testing file/folder writability.
 
- Libraries
  - Changed the load protocol of Models to allow for extension.
- Strengthened the Encryption library to help protect against man in the middle attacks when MCRYPT_MODE_CBC mode is used.
- Added Flashdata variables, session_id regeneration and configurable session update times to the Session class.
- Removed 'last_visit' from the Session class.
- Added a language entry for valid_ip validation error.
- Modified prep_for_form() in the Validation class to accept arrays, adding support for POST array validation (via callbacks only)
- Added an "integer" rule into the Validation library.
- Added valid_base64() to the Validation library.
- Documented clear() in the Image Processing library.
- Changed the behaviour of custom callbacks so that they no longer trigger the "required" rule.
- Modified Upload class $_FILES error messages to be more precise.
- Moved the safe mode and auth checks for the Email library into the constructor.
- Modified variable names in _ci_load() method of Loader class to avoid conflicts with view variables.
- Added a few additional mime type variations for CSV.
- Enabled the 'system' methods for the XML-RPC Server library, except for 'system.multicall' which is still disabled.
 
- Helpers & Plugins
  - Added link_tag() to the HTML helper.
- Added img() to the HTML helper.
- Added ability to "extend" Helpers.
- Added an email helper into core helpers.
- Added strip_quotes() function to string helper.
- Added reduce_multiples() function to string helper.
- Added quotes_to_entities() function to string helper.
- Added form_fieldset(), form_fieldset_close(), form_label(), and form_reset() function to form helper.
- Added support for external urls in form_open().
- Removed support for db_backup in MySQLi due to incompatible functions.
- Javascript Calendar plugin now uses the months and days from the calendar language file, instead of hard-coded values, internationalizing it.
 
- Documentation Changes
  - Added Writing Documentation section for the community to use in writing their own documentation.
- Added titles to all user manual pages.
- Added attributes into <html> of userguide for valid html.
- Added Zip Encoding Class to the table of contents of the userguide.
- Moved part of the userguide menu javascript to an external file.
- Documented distinct() in Active Record.
- Documented the timezones() function in the Date Helper.
- Documented unset_userdata in the Session class.
- Documented 2 config options to the Database configuration page.
 
Bug fixes for Version 1.6.0
- Fixed a bug (#1813) preventing using $CI->db in the same application with returned database objects.
- Fixed a bug (#1842) where the $this->uri->rsegments array would not include the 'index' method if routed to the controller without an implicit method.
- Fixed a bug (#1872) where word_limiter() was not retaining whitespace.
- Fixed a bug (#1890) in csv_from_result() where content that included the delimiter would break the file.
- Fixed a bug (#2542)in the clean_email() method of the Email class to allow for non-numeric / non-sequential array keys.
- Fixed a bug (#2545) in _html_entity_decode_callback() when 'global_xss_filtering' is enabled.
- Fixed a bug (#2668) in the parser class where numeric data was ignored.
- Fixed a bug (#2679) where the "previous" pagination link would get drawn on the first page.
- Fixed a bug (#2702) in _object_to_array that broke some types of inserts and updates.
- Fixed a bug (#2732) in the SQLite driver for PHP 4.
- Fixed a bug (#2754) in Pagination to scan for non-positive num_links.
- Fixed a bug (#2762) in the Session library where user agent matching would fail on user agents ending with a space.
- Fixed a bug (#2784) $field_names[] vs $Ffield_names[] in postgres and sqlite drivers.
- Fixed a bug (#2810) in the typography helper causing extraneous paragraph tags when string contains tags.
- Fixed a bug (#2849) where arguments passed to a subfolder controller method would be incorrectly shifted, dropping the 3rd segment value.
- Fixed a bug (#2858) which referenced a wrong variable in the Image class.
- Fixed a bug (#2875)when loading plugin files as _plugin. and not _pi.
- Fixed a bug (#2912) in get_filenames() in the File Helper where the array wasn't cleared after each call.
- Fixed a bug (#2974) in highlight_phrase() that caused an error with slashes.
- Fixed a bug (#3003) in the Encryption Library to support modes other than MCRYPT_MODE_ECB
- Fixed a bug (#3015) in the User Agent library where more then 2 languages where not reported with languages().
- Fixed a bug (#3017) in the Email library where some timezones were calculated incorrectly.
- Fixed a bug (#3024) in which master_dim wasn't getting reset by clear() in the Image library.
- Fixed a bug (#3156) in Text Helper highlight_code() causing PHP tags to be handled incorrectly.
- Fixed a bug (#3166) that prevented num_rows from working in Oracle.
- Fixed a bug (#3175) preventing certain libraries from working properly when autoloaded in PHP 4.
- Fixed a bug (#3267) in the Typography Helper where unordered list was listed "un.
- Fixed a bug (#3268) where the Router could leave '/' as the path.
- Fixed a bug (#3279) where the Email class was sending the wrong Content-Transfer-Encoding for some character sets.
- Fixed a bug (#3284) where the rsegment array would not be set properly if the requested URI contained more segments than the routed URI.
- Removed extraneous load of $CFG in _display_cache() of the Output class (#3285).
- Removed an extraneous call to loading models (#3286).
- Fixed a bug (#3310) with sanitization of globals in the Input class that could unset CI's global variables.
- Fixed a bug (#3314) which would cause the top level path to be deleted in delete_files() of the File helper.
- Fixed a bug (#3328) where the smiley helper might return an undefined variable.
- Fixed a bug (#3330) in the FTP class where a comparison wasn't getting made.
- Removed an unused parameter from Profiler (#3332).
- Fixed a bug in database driver where num_rows property wasn't getting updated.
- Fixed a bug in the upload library when allowed_files wasn't defined.
- Fixed a bug in word_wrap() of the Text Helper that incorrectly referenced an object.
- Fixed a bug in Validation where valid_ip() wasn't called properly.
- Fixed a bug in Validation where individual error messages for checkboxes wasn't supported.
- Fixed a bug in captcha calling an invalid PHP function.
- Fixed a bug in the cookie helper "set_cookie" function. It was not honoring the config settings.
- Fixed a bug that was making validation callbacks required even when not set as such.
- Fixed a bug in the XML-RPC library so if a type is specified, a more intelligent decision is made as to the default type.
- Fixed an example of comma-separated emails in the email library documentation.
- Fixed an example in the Calendar library for Showing Next/Previous Month Links.
- Fixed a typo in the database language file.
- Fixed a typo in the image language file "suppor" to "support".
- Fixed an example for XML RPC.
- Fixed an example of accept_charset() in the User Agent Library.
- Fixed a typo in the docblock comments that had CodeIgniter spelled CodeIgnitor.
- Fixed a typo in the String Helper (uniquid changed to uniqid).
- Fixed typos in the email Language class (email_attachment_unredable, email_filed_smtp_login), and FTP Class (ftp_unable_to_remame).
- Added a stripslashes() into the Upload Library.
- Fixed a series of grammatical and spelling errors in the language files.
- Fixed assorted user guide typos.
Version 1.5.4
Release Date: July 12, 2007
- Added custom Language files to the autoload options.
- Added stripslashes() to the _clean_input_data() function in the Input class when magic quotes is on so that data will always be un-slashed within the framework.
- Added array to string into the profiler.
- Added some additional mime types in application/config/mimes.php.
- Added filename_security() method to Input library.
- Added some additional arguments to the Inflection helper singular() to compensate for words ending in "s". Also added a force parameter to pluralize().
- Added $config['charset'] to the config file. Default value is 'UTF-8', used in some string handling functions.
- Fixed MSSQL insert_id().
- Fixed a logic error in the DB trans_status() function. It was incorrectly returning TRUE on failure and FALSE on success.
- Fixed a bug that was allowing multiple load attempts on extended classes.
- Fixed a bug in the bootstrap file that was incorrectly attempting to discern the full server path even when it was explicity set by the user.
- Fixed a bug in the escape_str() function in the MySQL driver.
- Fixed a typo in the Calendar library
- Fixed a typo in rpcs.php library
- Fixed a bug in the Zip library, providing PC Zip file compatibility with Mac OS X
- Fixed a bug in router that was ignoring the scaffolding route for optimization
- Fixed an IP validation bug.
- Fixed a bug in display of POST keys in the Profiler output
- Fixed a bug in display of queries with characters that would be interpreted as HTML in the Profiler output
- Fixed a bug in display of Email class print debugger with characters that would be interpreted as HTML in the debugging output
- Fixed a bug in the Content-Transfer-Encoding of HTML emails with the quoted-printable MIME type
- Fixed a bug where one could unset certain PHP superglobals by setting them via GET or POST data
- Fixed an undefined function error in the insert_id() function of the PostgreSQL driver
- Fixed various doc typos.
- Documented two functions from the String helper that were missing from the user guide: trim_slashes() and reduce_double_slashes().
- Docs now validate to XHTML 1 transitional
- Updated the XSS Filtering to take into account the IE [removed]) ability and improved certain deletions to prevent possible exploits
- Modified the Router so that when Query Strings are Enabled, the controller trigger and function trigger values are sanitized for filename include security.
- Modified the is_image() method in the Upload library to take into account Windows IE 6/7 eccentricities when dealing with MIMEs
- Modified XSS Cleaning routine to be more performance friendly and compatible with PHP 5.2's new PCRE backtrack and recursion limits.
- Modified the URL Helper to type cast the $title as a string in case a numeric value is supplied
- Modified Form Helper form_dropdown() to type cast the keys and values of the options array as strings, allowing numeric values to be properly set as 'selected'
- Deprecated the use if is_numeric() in various places since it allows periods. Due to compatibility problems with ctype_digit(), making it unreliable in some installations, the following regular expression was used instead: preg_match("/[^0-9]/", $n)
- Deprecated: APPVER has been deprecated and replaced with CI_VERSION for clarity.
Version 1.5.3
Release Date: April 15, 2007
- Added array to string into the profiler
- Code Igniter references updated to CodeIgniter
- pMachine references updated to EllisLab
- Fixed a bug in the repeater function of string helper.
- Fixed a bug in ODBC driver
- Fixed a bug in result_array() that was returning an empty array when no result is produced.
- Fixed a bug in the redirect function of the url helper.
- Fixed an undefined variable in Loader
- Fixed a version bug in the Postgres driver
- Fixed a bug in the textarea function of the form helper for use with strings
- Fixed doc typos.
Version 1.5.2
Release Date: February 13, 2007
- Added subversion information to the downloads page.
- Added support for captions in the Table Library
- Fixed a bug in the download_helper that was causing Internet Explorer to load rather than download
- Fixed a bug in the Active Record Join function that was not taking table prefixes into consideration.
- Removed unescaped variables in error messages of Input and Router classes
- Fixed a bug in the Loader that was causing errors on Libraries loaded twice. A debug message is now silently made in the log.
- Fixed a bug in the form helper that gave textarea a value attribute
- Fixed a bug in the Image Library that was ignoring resizing the same size image
- Fixed some doc typos.
Version 1.5.1
Release Date: November 23, 2006
- Added support for submitting arrays of libraries in the $this->load->library function.
- Added support for naming custom library files in lower or uppercase.
- Fixed a bug related to output buffering.
- Fixed a bug in the active record class that was not resetting query data after a completed query.
- Fixed a bug that was suppressing errors in controllers.
- Fixed a problem that can cause a loop to occur when the config file is missing.
- Fixed a bug that occurred when multiple models were loaded with the third parameter set to TRUE.
- Fixed an oversight that was not unsetting globals properly in the input sanitize function.
- Fixed some bugs in the Oracle DB driver.
- Fixed an incorrectly named variable in the MySQLi result driver.
- Fixed some doc typos.
Version 1.5.0.1
Release Date: October 31, 2006
- Fixed a problem in which duplicate attempts to load helpers and classes were not being stopped.
- Fixed a bug in the word_wrap() helper function.
- Fixed an invalid color Hex number in the Profiler class.
- Fixed a corrupted image in the user guide.
Version 1.5.0
Release Date: October 30, 2006
- Added DB utility class, permitting DB backups, CVS or XML files from DB results, and various other functions.
- Added Database Caching Class.
- Added transaction support to the database classes.
- Added Profiler Class which generates a report of Benchmark execution times, queries, and POST data at the bottom of your pages.
- Added User Agent Library which allows browsers, robots, and mobile devises to be identified.
- Added HTML Table Class , enabling tables to be generated from arrays or database results.
- Added Zip Encoding Library.
- Added FTP Library.
- Added the ability to extend libraries and extend core classes, in addition to being able to replace them.
- Added support for storing models within sub-folders.
- Added Download Helper.
- Added simple_query() function to the database classes
- Added standard_date() function to the Date Helper.
- Added $query->free_result() to database class.
- Added $query->list_fields() function to database class
- Added $this->db->platform() function
- Added new File Helper: get_filenames()
- Added new helper: Smiley Helper
- Added support for <ul> and <ol> lists in the HTML Helper
- Added the ability to rewrite short tags on-the-fly, converting them to standard PHP statements, for those servers that do not support short tags. This allows the cleaner syntax to be used regardless of whether it's supported by the server.
- Added the ability to rename or relocate the "application" folder.
- Added more thorough initialization in the upload class so that all class variables are reset.
- Added "is_numeric" to validation, which uses the native PHP is_numeric function.
- Improved the URI handler to make it more reliable when the $config['uri_protocol'] item is set to AUTO.
- Moved most of the functions in the Controller class into the Loader class, allowing fewer reserved function names for controllers when running under PHP 5.
- Updated the DB Result class to return an empty array when $query->result() doesn't produce a result.
- Updated the input->cookie() and input->post() functions in Input Class to permit arrays contained cookies that are arrays to be run through the XSS filter.
- Documented three functions from the Validation class that were missing from the user guide: set_select(), set_radio(), and set_checkbox().
- Fixed a bug in the Email class related to SMTP Helo data.
- Fixed a bug in the word wrapping helper and function in the email class.
- Fixed a bug in the validation class.
- Fixed a bug in the typography helper that was incorrectly wrapping block level elements in paragraph tags.
- Fixed a problem in the form_prep() function that was double encoding entities.
- Fixed a bug that affects some versions of PHP when output buffering is nested.
- Fixed a bug that caused CI to stop working when the PHP magic __get() or __set() functions were used within models or controllers.
- Fixed a pagination bug that was permitting negative values in the URL.
- Fixed an oversight in which the Loader class was not allowed to be extended.
- Changed _get_config() to get_config() since the function is not a private one.
- Deprecated "init" folder. Initialization happens automatically now. Please see documentation.
- Deprecated $this->db->field_names() USE $this->db->list_fields()
- Deprecated the $config['log_errors'] item from the config.php file. Instead, $config['log_threshold'] can be set to "0" to turn it off.
Version 1.4.1
Release Date: September 21, 2006
- Added a new feature that passes URI segments directly to your function calls as parameters. See the Controllers page for more info.
- Added support for a function named _output(), which when used in your controllers will received the final rendered output from the output class. More info in the Controllers page.
- Added several new functions in the URI Class to let you retrieve and manipulate URI segments that have been re-routed using the URI Routing feature. Previously, the URI class did not permit you to access any re-routed URI segments, but now it does.
- Added $this->output->set_header() function, which allows you to set server headers.
- Updated plugins, helpers, and language classes to allow your application folder to contain its own plugins, helpers, and language folders. Previously they were always treated as global for your entire installation. If your application folder contains any of these resources they will be used instead the global ones.
- Added Inflector helper.
- Added element() function in the array helper.
- Added RAND() to active record orderby() function.
- Added delete_cookie() and get_cookie() to Cookie helper, even though the input class has a cookie fetching function.
- Added Oracle database driver (still undergoing testing so it might have some bugs).
- Added the ability to combine pseudo-variables and php variables in the template parser class.
- Added output compression option to the config file.
- Removed the is_numeric test from the db->escape() function.
- Fixed a MySQLi bug that was causing error messages not to contain proper error data.
- Fixed a bug in the email class which was causing it to ignore explicitly set alternative headers.
- Fixed a bug that was causing a PHP error when the Exceptions class was called within the get_config() function since it was causing problems.
- Fixed an oversight in the cookie helper in which the config file cookie settings were not being honored.
- Fixed an oversight in the upload class. An item mentioned in the 1.4 changelog was missing.
- Added some code to allow email attachments to be reset when sending batches of email.
- Deprecated the application/scripts folder. It will continue to work for legacy users, but it is recommended that you create your own libraries or models instead. It was originally added before CI had user libraries or models, but it's not needed anymore.
- Deprecated the $autoload['core'] item from the autoload.php file. Instead, please now use: $autoload['libraries']
- Deprecated the following database functions: $this->db->smart_escape_str() and $this->db->fields().
Version 1.4.0
Release Date: September 17, 2006
- Added Hooks feature, enabling you to tap into and modify the inner workings of the framework without hacking the core files.
- Added the ability to organize controller files into sub-folders. Kudos to Marco for suggesting this (and the next two) feature.
- Added regular expressions support for routing rules.
- Added the ability to remap function calls within your controllers.
- Added the ability to replace core system classes with your own classes.
- Added support for % character in URL.
- Added the ability to supply full URLs using the anchor() helper function.
- Added mode parameter to file_write() helper.
- Added support for changing the port number in the Postgres driver.
- Moved the list of "allowed URI characters" out of the Router class and into the config file.
- Moved the MIME type array out of the Upload class and into its own file in the applications/config/ folder.
- Updated the Upload class to allow the upload field name to be set when calling do_upload().
- Updated the Config Library to be able to load config files silently, and to be able to assign config files to their own index (to avoid collisions if you use multiple config files).
- Updated the URI Protocol code to allow more options so that URLs will work more reliably in different environments.
- Updated the form_open() helper to allow the GET method to be used.
- Updated the MySQLi execute() function with some code to help prevent lost connection errors.
- Updated the SQLite Driver to check for object support before attempting to return results as objects. If unsupported it returns an array.
- Updated the Models loader function to allow multiple loads of the same model.
- Updated the MS SQL driver so that single quotes are escaped.
- Updated the Postgres and ODBC drivers for better compatibility.
- Removed a strtolower() call that was changing URL segments to lower case.
- Removed some references that were interfering with PHP 4.4.1 compatibility.
- Removed backticks from Postgres class since these are not needed.
- Renamed display() to _display() in the Output class to make it clear that it's a private function.
- Deprecated the hash() function due to a naming conflict with a native PHP function with the same name. Please use dohash() instead.
- Fixed an bug that was preventing the input class from unsetting GET variables.
- Fixed a router bug that was making it too greedy when matching end segments.
- Fixed a bug that was preventing multiple discrete database calls.
- Fixed a bug in which loading a language file was producing a "file contains no data" message.
- Fixed a session bug caused by the XSS Filtering feature inadvertently changing the case of certain words.
- Fixed some missing prefixes when using the database prefix feature.
- Fixed a typo in the Calendar class (cal_november).
- Fixed a bug in the form_checkbox() helper.
- Fixed a bug that was allowing the second segment of the URI to be identical to the class name.
- Fixed an evaluation bug in the database initialization function.
- Fixed a minor bug in one of the error messages in the language class.
- Fixed a bug in the date helper timespan function.
- Fixed an undefined variable in the DB Driver class.
- Fixed a bug in which dollar signs used as binding replacement values in the DB class would be treated as RegEx back-references.
- Fixed a bug in the set_hash() function which was preventing MD5 from being used.
- Fixed a couple bugs in the Unit Testing class.
- Fixed an incorrectly named variable in the Validation class.
- Fixed an incorrectly named variable in the URI class.
- Fixed a bug in the config class that was preventing the base URL from being called properly.
- Fixed a bug in the validation class that was not permitting callbacks if the form field was empty.
- Fixed a problem that was preventing scaffolding from working properly with MySQLi.
- Fixed some MS SQL bugs.
- Fixed some doc typos.
Version 1.3.3
Release Date: June 1, 2006
- Models do not connect automatically to the database as of this version. More info here.
- Updated the Sessions class to utilize the active record class when running session related queries. Previously the queries assumed MySQL syntax.
- Updated alternator() function to re-initialize when called with no arguments, allowing multiple calls.
- Fixed a bug in the active record "having" function.
- Fixed a problem in the validation class which was making checkboxes be ignored when required.
- Fixed a bug in the word_limiter() helper function. It was cutting off the fist word.
- Fixed a bug in the xss_clean function due to a PHP bug that affects some versions of html_entity_decode.
- Fixed a validation bug that was preventing rules from being set twice in one controller.
- Fixed a calendar bug that was not letting it use dynamically loaded languages.
- Fixed a bug in the active record class when using WHERE clauses with LIKE
- Fixed a bug in the hash() security helper.
- Fixed some typos.
Version 1.3.2
Release Date: April 17, 2006
- Changed the behavior of the validation class such that if a "required" rule is NOT explicitly stated for a field then all other tests get ignored.
- Fixed a bug in the Controller class that was causing it to look in the local "init" folder instead of the main system one.
- Fixed a bug in the init_pagination file. The $config item was not being set correctly.
- Fixed a bug in the auto typography helper that was causing inconsistent behavior.
- Fixed a couple bugs in the Model class.
- Fixed some documentation typos and errata.
Version 1.3.1
Release Date: April 11, 2006
- Added a Unit Testing Library.
- Added the ability to pass objects to the insert() and update() database functions. This feature enables you to (among other things) use your Model class variables to run queries with. See the Models page for details.
- Added the ability to pass objects to the view loading function: $this->load->view('my_view', $object);
- Added getwhere function to Active Record class.
- Added count_all function to Active Record class.
- Added language file for scaffolding and fixed a scaffolding bug that occurs when there are no rows in the specified table.
- Added $this->db->last_query(), which allows you to view your last query that was run.
- Added a new mime type to the upload class for better compatibility.
- Changed how cache files are read to prevent PHP errors if the cache file contains an XML tag, which PHP wants to interpret as a short tag.
- Fixed a bug in a couple of the active record functions (where and orderby).
- Fixed a bug in the image library when realpath() returns false.
- Fixed a bug in the Models that was preventing libraries from being used within them.
- Fixed a bug in the "exact_length" function of the validation class.
- Fixed some typos in the user guide
Version 1.3
Release Date: April 3, 2006
- Added support for Models.
- Redesigned the database libraries to support additional RDBMs (Postgres, MySQLi, etc.).
- Redesigned the Active Record class to enable more varied types of queries with simpler syntax, and advanced features like JOINs.
- Added a feature to the database class that lets you run custom function calls.
- Added support for private functions in your controllers. Any controller function name that starts with an underscore will not be served by a URI request.
- Added the ability to pass your own initialization parameters to your custom core libraries when using $this->load->library()
- Added support for running standard query string URLs. These can be optionally enabled in your config file.
- Added the ability to specify a "suffix", which will be appended to your URLs. For example, you could add .html to your URLs, making them appear static. This feature is enabled in your config file.
- Added a new error template for use with native PHP errors.
- Added "alternator" function in the string helpers.
- Removed slashing from the input class. After much debate we decided to kill this feature.
- Change the commenting style in the scripts to the PEAR standard so that IDEs and tools like phpDocumenter can harvest the comments.
- Added better class and function name-spacing to avoid collisions with user developed classes. All CodeIgniter classes are now prefixed with CI_ and all controller methods are prefixed with _ci to avoid controller collisions. A list of reserved function names can be found here.
- Redesigned how the "CI" super object is referenced, depending on whether PHP 4 or 5 is being run, since PHP 5 allows a more graceful way to manage objects that utilizes a bit less resources.
- Deprecated: $this->db->use_table() has been deprecated. Please read the Active Record page for information.
- Deprecated: $this->db->smart_escape_str() has been deprecated. Please use this instead: $this->db->escape()
- Fixed a bug in the exception handler which was preventing some PHP errors from showing up.
- Fixed a typo in the URI class. $this->total_segment() should be plural: $this->total_segments()
- Fixed some typos in the default calendar template
- Fixed some typos in the user guide
Version 1.2
Release Date: March 21, 2006
- Redesigned some internal aspects of the framework to resolve scoping problems that surfaced during the beta tests. The problem was most notable when instantiating classes in your constructors, particularly if those classes in turn did work in their constructors.
- Added a global function named get_instance() allowing the main CodeIgniter object to be accessible throughout your own classes.
- Added new File Helper: delete_files()
- Added new URL Helpers: base_url(), index_page()
- Added the ability to create your own core libraries and store them in your local application directory.
- Added an overwrite option to the Upload class, enabling files to be overwritten rather than having the file name appended.
- Added Javascript Calendar plugin.
- Added search feature to user guide. Note: This is done using Google, which at the time of this writing has not crawled all the pages of the docs.
- Updated the parser class so that it allows tag pars within other tag pairs.
- Fixed a bug in the DB "where" function.
- Fixed a bug that was preventing custom config files to be auto-loaded.
- Fixed a bug in the mysql class bind feature that prevented question marks in the replacement data.
- Fixed some bugs in the xss_clean function
Version Beta 1.1
Release Date: March 10, 2006
- Added a Calendaring class.
- Added support for running multiple applications that share a common CodeIgniter backend.
- Moved the "uri protocol" variable from the index.php file into the config.php file
- Fixed a problem that was preventing certain function calls from working within constructors.
- Fixed a problem that was preventing the $this->load->library function from working in constructors.
- Fixed a bug that occurred when the session class was loaded using the auto-load routine.
- Fixed a bug that can happen with PHP versions that do not support the E_STRICT constant
- Fixed a data type error in the form_radio function (form helper)
- Fixed a bug that was preventing the xss_clean function from being called from the validation class.
- Fixed the cookie related config names, which were incorrectly specified as $conf rather than $config
- Fixed a pagination problem in the scaffolding.
- Fixed a bug in the mysql class "where" function.
- Fixed a regex problem in some code that trimmed duplicate slashes.
- Fixed a bug in the br() function in the HTML helper
- Fixed a syntax mistake in the form_dropdown function in the Form Helper.
- Removed the "style" attributes form the form helpers.
- Updated the documentation. Added "next/previous" links to each page and fixed various typos.
Version Beta 1.0
Release Date: February 28, 2006
First publicly released version.
