CodeIgniter

New in CodeIgniter 2.2.1 (February 11th, 2015)

What is new in version 3.0.5:

• The framework is released under the MIT license
• The database drivers have had extensive refactoring
• PDO is fully functional with subdrivers
• There is a new Session library
• There is a new Encryption library
• The unit testing has been beefed up, and code coverage improved
• PHP 5.4 or newer is recommended, but CI will still work on PHP 5.2.4

What is new in version 3.0.4:

• The framework is released under the MIT license
• The database drivers have had extensive refactoring
• PDO is fully functional with subdrivers
• There is a new Session library
• There is a new Encryption library
• The unit testing has been beefed up, and code coverage improved
• PHP 5.4 or newer is recommended, but CI will still work on PHP 5.2.4

What is new in version 3.0.3:

• The framework is released under the MIT license
• The database drivers have had extensive refactoring
• PDO is fully functional with subdrivers
• There is a new Session library
• There is a new Encryption library
• The unit testing has been beefed up, and code coverage improved
• PHP 5.4 or newer is recommended, but CI will still work on PHP 5.2.4

What is new in version 3.0.0:

• The framework is released under the MIT license
• The database drivers have had extensive refactoring
• PDO is fully functional with subdrivers
• There is a new Session library
• There is a new Encryption library
• The unit testing has been beefed up, and code coverage improved
• PHP 5.4 or newer is recommended, but CI will still work on PHP 5.2.4

What is new in version 2.2.1 / 3.0rc2:

• Improved security in xss_clean().
• Updated timezones in Date Helper.

What is new in version 2.2.0:

• The xor_encode() method in the Encrypt Class has been removed. The Encrypt Class now requires the Mcrypt extension to be installed.
• The Session Library now uses HMAC authentication instead of a simple MD5 checksum.

What is new in version 2.1.4:

• Improved security in xss_clean().

What is new in version 2.1.3:

• Bug fixes:
• File-based Caching method get_metadata() used a non-existent array key to look for the TTL value.
• Session Library method sess_destroy() didn't destroy the userdata array.
• Bug where the Profiler Library issued an E_WARNING error if Session userdata contains objects.
• Migration Library ignored the $config['migration_path'] setting.
• Input Library allowed unconditional spoofing of HTTP clients' IP addresses through the HTTP_CLIENT_IP header.
• Input Library ignored HTTP_X_CLUSTER_CLIENT_IP and HTTP_X_CLIENT_IP headers when checking for proxies.
• csrf_verify() used to set the CSRF cookie while processing a POST request with no actual POST data, which resulted in validating a request that should be considered invalid.
• A bug in the Security Library where a CSRF cookie was created even if $config['csrf_protection'] is set tot FALSE.
• Input Library triggered csrf_verify() on CLI requests.

What is new in version 2.1.2:

• Improved security in xss_clean().

What is new in version 2.1.1:

• Improved MIME type detection in the File Uploading Library.
• url_title() performance and output improved. You can now use any string as the word delimiter. Backwards compatible with ‘dash' or ‘underscore' as words delimiters.
• Added support for IPv6 IP addresses.
• A wrong array key was used in the Upload library to check for mime-types.
• form_open() compared $action against site_url() instead of base_url()
• CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.
• Windows paths were ignored when using the Image Manipulation Class to create a new file.
• When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found.
• CSRF cookie value was allowed to be any (non-empty) string before being written to the output, making code injection a risk.
• PDO put a ‘dbname' argument in it's connection string regardless of the database platform in use, which made it impossible to use SQLite.
• CI_DB_pdo_result::num_rows() was not returning properly value with SELECT queries, cause it was relying on PDOStatement::rowCount().

What is new in version 2.1.0:

• Fixed a potential parameter injection flaw in the Security Library and strengthened the XSS filter for HTML5 vulnerabilites.
• Callback validation rules can now accept parameters like any other validation rule.
• Added html_escape() to the Common functions to escape HTML output for preventing XSS easliy.

What is new in version 2.0.2:

• This is a security maintenance release and is a recommended update for all sites. The security fix patches a small vulnerability in the cross site scripting filter. We also took the opportunity to iterate on some of our other filtering code. As a result, the Security library is now a core component.

What is new in version 2.0.0:

• Support for PHP 4 is gone, PHP 5.1 is now a requirement.
• CSRF Protection built into the form helper
• Drivers
• Application Packages
• Scaffolding, having been deprecated for a number of versions, has been removed.
• Removed the deprecated Validation Class.
• Plugins have been removed, in favor of Helpers.
• Added routing overrides to the main index.php file, enabling the normal routing to be overridden on a per "index" file basis.
• Added $route[‘404_override'] to allow 404 pages to be handled by controllers.
• 50+ bugs fixed.

What is new in version 1.7.3:

• Version 1.7.3 is a security maintenance release, including a previously patched file Upload class, and a new security fix to prevent possible directory traversal in certain circumstances (back ported from a fix made to CodeIgniter 2.0 at BitBucket). There are no other significant changes.

What is new in version 1.7.2:

• Libraries:
• Added a new Cart Class.
• Added the ability to pass $config['file_name'] for the File Uploading Class and rename the uploaded file.
• Changed order of listed user-agents so Safari would more accurately report itself. (#6844)
• Database:
• Switched from using gettype() in escape() to is_* methods, since future PHP versions might change its output.
• Updated all database drivers to handle arrays in escape_str()
• Added escape_like_str() method for escaping strings to be used in LIKE conditions
• Updated Active Record to utilize the new LIKE escaping mechanism.
• Added reconnect() method to DB drivers to try to keep alive / reestablish a connection after a long idle.
• Modified MSSQL driver to use mssql_get_last_message() for error messages.
• Helpers:
• Added form_multiselect() to the Form helper.
• Modified form_hidden() in the Form helper to accept multi-dimensional arrays.
• Modified form_prep() in the Form helper to keep track of prepped fields to avoid multiple prep/mutation from subsequent calls which can occur when using Form Validation and form helper functions to output form fields.
• Modified directory_map() in the Directory helper to allow the inclusion of hidden files, and to return FALSE on failure to read directory.
• Modified the Smiley helper to work with multiple fields and insert the smiley at the last known cursor position.
• General:
• Compatible with PHP 5.3.0
• Modified show_error() to allow sending of HTTP server response codes.
• Modified show_404() to send 404 status code, removing non-CGI compatible header() statement from error_404.php template.
• Added set_status_header() to the Common functions to allow use when the Output class is unavailable.
• Added is_php() to Common functions to facilitate PHP version comparisons.
• Added 2 CodeIgniter "cheatsheets" (thanks to DesignFellow.com for this contribution).

Requirements:

• PHP 5.2.4 or higher