CakePHP

New in CakePHP 3.2.1 (January 31st, 2016)

What is new in version 3.2.6 / 2.8.3:

• These releases fix a weakness in Validation::uploadedFile() where file inputs could be manipulated to accept existing files on the server. This could potentially lead to an attacker being able to access sensitive system files. If you are using Validation::uploadedFile() and not checking mime-types or ensuring that the file was in-fact an uploaded file, you should upgrade.

What is new in version 3.2.5 / 2.8.2:

• A regression nested prefix routes being incorrectly inflected has been corrected.

What is new in version 3.2.3 / 2.8.0:

• A regression nested prefix routes being incorrectly inflected has been corrected.

What is new in version 3.2.1 / 2.8.0:

• A regression nested prefix routes being incorrectly inflected has been corrected.

What is new in version 3.1.5 / 2.7.7:

• Lazy Eager Loading
• Additional Filtering Methods
• Additional Template Variables in Templates
• Mailers
• Refreshed Default Application Styles
• Shell Helpers

What is new in version 3.1.0 / 2.7.3:

• Lazy Eager Loading
• Additional Filtering Methods
• Additional Template Variables in Templates
• Mailers
• Refreshed Default Application Styles
• Shell Helpers

What is new in version 3.0.7 / 2.6.7 / 1.3.20:

• AssetFilter now supports a cacheTime option to control the cache headers.
• RulesChecker features for the ORM were separated into a trait. This makes rules easier to reuse in other datasources.
• EventDispatcherInterface was added. This lets you use instanceof instead of method_exists when testing if an object supports events.
• A console output test stub class has been added to help making testing console applications easier.
• Collection::extract() now supports the {*} wildcard when extracting properties.
• Console commands and tasks now support the ability to overwrite all files, removing the need to answer y to each file.
• All tests pass on PHP7.

What is new in version 3.0.4 / 2.6.4 / 1.3.20:

• Cascading deletes on associations with custom aliases should no longer fail.
• XmlView now supports _xmlOptions. This matches the behavior of JsonView.
• EntityTrait::extractOriginal() now behaves consistently with extract(). Both methods now include all named properties, instead of just the unchanged properties. A new method extractOriginalChanged() can be used to extract only the original values of changed attributes.
• Query string parameters are now correctly supported in IntegrationTestCase.
• Collection::isEmpty() and Cake\ORM\Query::isEmpty() was added.
• Forms can now be created without the action attribute.
• Accessing entity data is now more efficient. Entities will cache the result of custom accessors, and invalidate the cache when properties are changed or removed.
• CsrfComponent fails to invalidate requests that are missing both the CSRF token, and CSRF post data.
• When marshalling request data, empty entities could by bypass validation methods with carefully created JSON payloads. RulesChecker validations would not be bypassed by these empty entities.

What is new in version 2.6.2 / 1.3.20 / 3.0.0-RC2:

• TextHelper no longer doubly links urls starting with //
• POT file generation no longer includes the 'POT-Creation-Date' header. It often lead to pointless noise in version control.
• Fixed exception rendering when ExceptionRenderer raised an error.
• Notice errors in PaginatorHelper when no model was set have been fixed.
• ConsoleOutput does not generate errors when used with php://output.
• Redirect responses now use 302 as the default status code instead of 200.
• Plugin bake now generates correct directories for Views/Layouts.
• FormHelper no longer creates invalid maxlength attributes for decimal columns when the text type is forced.

What is new in version 2.6.0:

• stackTrace() has been added as a convenience wrapper function for Debugger::trace(). It directly echos just as debug() does. But only if debug level is on.
• ConsoleOptionParser::removeSubcommand() was added.
• Shell::overwrite() has been added to allow generating progress bars or to avoid outputting too many lines by replacing text that has been already outputted to the screen.
• When using AclBehavior, The model's parentNode() method now gets the type (Aro, Aco) passed as first argument: $model->parentNode($type).
• Schema migrations with MySQL now support an after key when adding a column. This key allows you to specify which column the new one should be added after.
• Model::save() had the atomic option back-ported from 3.0.
• CakeRequest::param() can now read values using :ref:hash-path-syntax like data().
• CakeRequest:setInput() was added.
• HttpSocket::head() was added.
• You can now use the protocol option to override the specific protocol to use when making a request.
• CakeTime::timeAgoInWords() now supports strftime() compatible absolute date formats. This helps make localizing formatted times easier.
• CakeTime::timeAgoInWords() now supports a relativeStringFuture option. This option is a printf compatible string for outputting future relative time date formats. This helps make localizing formatted times easier.
• Hash::get() now raises an exception when the path argument is invalid.
• Hash::nest() now raises an exception when the nesting operation results in no data.
• HtmlHelper::css() had the once option added. It works the same as the once option for HtmlHelper::script(). The default value is false to maintain backwards compatibility.
• The maxlength attribute will now also be applied to textareas, when the corresponding DB field is of type varchar, as per HTML specs.
• New i18n functions have been added. The new functions allow you to include message context which allows you disambiguate possibly confusing message strings. For example 'read' can mean multiple things in English depending on the context. The new __x, __xn, __dx, __dxn, __dxc, __dxcn, and __xc functions provide access to the new features.
• AuthComponent now triggers the Auth.afterIdentify event after successfully identifying a user.
• Model::afterFind() now always uses a consistent format for afterFind(). When $primary is false, the results will always be located under $data[0]['ModelName']. You can set the $this->useConsistentAfterFind = false to restore the original behaviour if your application relies on the old behavior.
• Configure value I18n.preferApp can now be used to control the order of translations. If set to true it will prefer the app translations over any plugins' ones.

What is new in version 2.5.7:

• Unsetting the email address pattern in CakeEmail now works as documented.
• Console tools now exit non-zero on failure.
• Fixed inflection of schema class names in SchemaShell.
• SQLite datasource correctly parses field names out of queries containing subqueries.
• TreeBehavior now works with models that have a default order property defined.
• HttpSocket gracefully handles invalid chunked responses now.
• HttpSocket now honors the version config option, allowing HTTP 1.0 connections to be made.
• Postgres datasource now works with sequences defined outside schemas.
• CakeEmail no longer strips lines that only contain '0'.
• Fix more segfaults in Memcached cache engine.
• Cached file_map no longer regenerates on every request.
• CakePHP is now compatible with the phpunit.phar package.

What is new in version 2.5.6:

• CakeSession::read() returns null on all failure cases.
• Model::isUnique() now works as validator for multiple fields.
• CakeTestCase::getMockForModel() now injects the test datasource for all connection names.
• Digest Auth now handles & , ? in digest auth data.
• FormHelper no longer generates a hidden input for disabled mulitple checkbox inputs.
• Folder::create() now handles relative paths.
• Stack traces now output more context on exceptions.
• Fatal errors now include stack traces if xdebug is enabled.
• Virtual fields no longer incorrectly replace IN clauses.

What is new in version 2.5.5:

• Console applications will not output colours if there is no TTY.
• Files are not overwritten by Folder::copy() when the SKIP flag is used.
• Hash::insert() and Hash::get() now handle 0 as the first path element.
• Improved API documentation.
• Fixed a situation where Hash::remove() would remove data incorrectly.
• UUID columns are now reflected properly by PostgreSQL.
• CakeEmail::reset() now resets the email pattern.
• Hash::expand() and Hash::merge() are now much faster.

What is new in version 2.5.4:

• Improved SMTP auth reply checks.
• Headers are now correctly sent when using ajaxLogin elements with AuthComponent.
• Errors in sample schema files were corrected.
• SecurityComponent no longer puts URLs containing a space into the blackhole callback.
• Year validation now accepts dates from 1800 and later.
• RequestHandlerComponent will unserialize request bodies on DELETE requests.
• Transactions are now rolled back in saveAssociated/saveMany when exceptions are raised.
• Model::afterFind() is no longer called twice for hasOne/belongsTo associations. It is now only called once, with the model alias format.
• Join building now accepts no conditions. When joins are created with no conditions a cross will be created unless where conditions correctly restrict the query.
• SchemaShell now correctly handles the --file and --name switches.
• Generated schema files have more predictable names now. Instead of using the APP_DIR value, they will always used 'App' for application schema files.
• Exceptions arising from race conditions in FileEngine are now ignored.
• CakeTime now returns '' on invalid input.
• Translation functions correctly format placeholders when the first value is null.

What is new in version 2.5.3:

• TextHelper::autoLinkEmail() now links email addresses adjacent to HTML elements.
• 'research' is now pluralized by Inflector properly now.
• 'stadium' is now pluralized by Inflector properly now.
• The schema included for the ACL tables now includes indexes to help improve performance.
• APCEngine cache is now compatible with APCu.
• App::pluginPath() is deprecated. You should use Plugin::path() instead.
• API doc blocks have been improved in many classes.
• Email validation rules in CakeEmail have been relaxed. Both email addresses with UTF-8 characters and IDN domain names are generally deliverable but were failing filter_var().
• CakeResponse::sharable() now sets the public max-age header.
• Model::getDataSource() now correctly switches the schemaName property. This fixes a regression introduced in 2.4.8.
• Validation::inList() no longer accepts hexadecimal values for numeric checks.
• Multi use CSRF tokens now have their expiration updated on each request.
• h() now performs better.

What is new in version 2.5.2:

• cake console command now works when CDPATH is used.
• Inflection of 'feedback' is now correct.
• Incorrect status line parsing in HttpSocketResponse has been fixed.
• Form tampering protection has been fixed when form URL's contain multiple query string parameters.
• Creating disabled select options no longer disables the select element when array(1) is used for the disabled option.
• Trailing star routes can now be reverse routed.
• Older blowfish hashes are now accepted, and can be used with AuthComponent.
• A username of '0' can now be used with AuthComponent.
• Improved API docs.

What is new in version 2.5.1:

• Controller::referer() behaves correctly when local URLs are generated.
• TextHelper::tail() was restored.
• FormHelper security tokens only use the path and query parts of a URL to generate hashes. This fixes problems when absolute URL's were used to create forms.
• Missing component error pages have correct paths now.
• Compatibility with PHP5.6 was improved. 2.5.1 contains the following changes:
• Loading data from models and their associations with multiple datasources works properly now. This fixes a regression added in 2.5.0-beta.
• FormHelper::postLink() had a backwards incompatible signature change in 2.5.0-dev. This method is now backwards compatible.
• CakeEmail now uses the correct mimetype for emails that contain text & html but no attachments. Previously, multipart/mixed was used which caused some clients to incorrectly handle email messages.

What is new in version 2.5.0:

• The Redis cache engine now supports unix_socket.
• PaginatorComponent will no longer do a find('count') for the first page when there are fewer records than the current page limit.
• FormHelper::postLink() fixes from 2.4.9 have been merged in.
• Numerous API documentation improvements.
• TextHelper::tail() was fixed.
• SQLServer::describe() was failing no longer fails when used with fixtures.
• Authentication adapters can be aliased allowing you to use the same adapter multiple times with different password hashing strategies.

What is new in version 2.4.9:

• FormHelper::postLink() now works correctly with SecurityComponent. In 2.4.8 a mistake was made that resulted in incorrect hashes being generated.

What is new in version 2.4.8:

• SQLServer now properly appends the schema name when describing tables.
• Hash::extract() can now match boolean attributes.
• fclose() errors when using shells should no longer happen.
• CakeResponse::file() now throws an exception when paths contain '..'.
• ShellDispatcher now casts argv to an array. This fixes issues when cake console was invoked from a non-cli SAPI.
• TextHelper::autoLink() now correctly links urls with subdomains containing '\_'.
• SecurityComponent form tampering hashes now include the URL including the query string as a hash input.

What is new in version 2.4.7:

• Core fixtures are now included in PEAR packages.
• Limburgish locale was added to L10n.
• MailTransport now includes the last error in the exception raised when mail() fails.
• HtmlHelper::getCrumbList() supports the escape parameter now.
• Describing tables in specific SQLserver schemas now works correctly.
• Improved API docs for several classes.
• URLs are correctly generated when two routing keys start with the same substring.
• Model::deleteAll() works correctly when using MySQL views.
• CakeEmail sets theme on helpers now.
• Hidden inputs generated in radio(), select() and checkbox() have the 'form' attribute set when provided.
• Inflection for words ending in 'aves' was improved.
• CakeTestCase::assertTags() now runs much faster.
• CakeTestCase::assertTags() requires all attributes to be verified now.
• AclShell::delete now removes all matching records.

What is new in version 2.4.6:

• Extract task handles quotes inside validation messages correctly.
• Model::field() now works with fields translated with TranslateBehavior.
• Core tests are no longer part of PEAR packages. This solves issues when the pear package is used as a composer dependency, and an incorrect classmap was generated.
• FormHelper::checkbox() can now generate checkboxes for empty values.
• Postgres can now convert boolean fields to integer when using SchemaShell.
• Changes to how ID's are generated for radio inputs were reverted. These changes caused issues in some applications.
• API documentation has been improved.
• Reverse routing for prefixed actions was improved.
• Temporary associations setup with TranslateBehavior::bindTranslation() are now correctly unbound & restored.
• Clearing data with MemcacheEngine will now work with greater than 100 slabs.
• Validation::decimal() now works with localized floats.
• Invalid data in datetime pickers is now correctly handled.

What is new in version 2.4.5:

• Generated DOM ids for radios and checkboxes should now be collision free when using non-alphanumeric values.
• The postgres driver now quotes schema names. This solves issues with legacy schemas using special characters.
• Translate behavior now correctly handles translated values of '0'.
• Controller baking now provides better feedback when no controllers are generated.
• Datetime inputs will not select year 0 when the selected value is '0000-00-00'. This improves compatibility with MySQL.
• Schema creation with the connection parameter now works as expected.
• URLs are no longer double URL decoded. This fixes lost data when named parameters or path segments contain values that look like URL encoded data.

What is new in version 2.4.4:

• TextHelper::autoLink() now handles email addresses inside URLs correctly.
• Pagination request data is set even when a NotFoundException is raised now.
• Model::deleteAll will only delete distinct records now.
• Router::mapResources() now ensures that the prefix has both the leading and trailing slash.
• An infinite loop condition in CakeSession was fixed. This could be triggered by starting an already invalidated session.
• Hash::numeric() now works as expected with negative numbers and other numeric values.
• The 'my' and 'ym' formats for Validation::date() have been relaxed to allow both 2 and 4 digit year values.
• FormHelper will not infer types incorrectly when type=checkbox is provided.
• Postgres biginteger primary keys now correctly use the bigserial type.
• FormHelper::dateTime() correctly handles times around 12:00:00 when an interval is also used.
• Hash::combine() now throws exceptions when the key and value paths result in arrays of differing lengths.
• CakeRequest::referer() no longer incorrectly reads the HTTP_X_FORWARDED_HOST header.

What is new in version 2.4.3:

• API Documentation improvements.
• Long headers are no longer wrapped with PHP_EOL when sending email with MailTransport. This should solve delivery issues with Qmail, and other SMTP transport agents.
• Model::\_clearCache() has improved performance.
• Model's now work better with schema's containing numeric column names.
• An exception is now raised when a view block is opened while it is already open.
• SchemaShell no longer uses schema.php as the filename when a custom name parameter is provided.
• MKV is a supported content type.
• CookieComponent writes are now more consistent. Previously writing multi-key and single writes were handled very differently. Fixing the write consistency makes deletion data saner and results in fewer cookies being transmitted.
• Empty array data in cookies is now parsed correctly.
• CakeTime::dayAsSQL() now correct supports the timezone parameter.
• COUNT(DISTINCT x) queries work better in SQLServer now.
• Postgres sequence values now use custom primary keys.
• HtmlHelper now correctly encodes URLs generated for meta tags.
• Using FormHelper::postLink() after creating a GET form now works as expected.
• Model::saveAssociated() handles expression objects correctly now.

What is new in version 2.4.2:

• Sqlite::truncate() will verify that the sqlite_sequence table exists before modifying it.
• Label elements now have their for attributes generated correctly for radio inputs.
• Improved API documentation for a number of classes and methods.
• TreeBehavior::recover() now correctly uses the scope conditions.
• Hash::contains() can now look for needle values containing nulls.
• Disabled radio buttons are now generated correctly when integer and string keys are used.
• International domains are now accepted by Validation::url()
• Inflector now handles 'quota' and 'curves' correctly.
• jQueryEngineHelper now treats the 'xhr' option as a callback argument.
• Bake now adds the numeric validator for float fields.

What is new in version 2.4.1:

• Notice errors when loading LC_TIME files should no longer happen.
• TreeBehavior::generateTreeList() now includes the scope defined in the model's actsAs property.
• Support for readline was added to Shell commands. If your environment supports readline, arrow keys will no longer output escape sequences.
• FormHelper::input() will now use attributes defined in the label key.
• Inflection support was improved.
• Performance of CakeTime::timeAgoInWords() was improved.
• Method signatures of Behavior callbacks was corrected. If you are using PHP5.4 you may have to update the method signatures of your behaviors to resolve any E_STRICT errors.
• CROSS JOINs work correctly now.
• SqlServer::value() now correctly handles NULL values.
• Cache::clearGroup() with FileEngine and no prefix behaves as expected now.
• CakeEmail now quotes email aliases that contain non-alphanumeric characters, that have not already been encoded.
• Phone number validation was simplified to fix valid area codes being detected as invalid.

What is new in version 2.3.9:

• Maintenance release 2.3.9 incorporates over 20 bugfixes and some performance improvements.

What is new in version 2.3.8:

• Improved API documentation.
• I18nShell now extracts plugin model validation messages correctly.
• ServerShell now serves static assets with query string parameters.
• ServerShell correctly uses the document_root parameter.
• Inflector can now pluralize additional words.
• File responses using HTTP Range now work correctly.
• A regression introduced to AuthComponent in 2.3.7 for redirectUrl() when an application is running in a subdirectory has been fixed.

What is new in version 2.3.7:

• Cached views now contain their Content-Type header. It is recommended that you flush your view caches when upgrading.
• Return-Path is now excluded on emails delivered via SMTP.
• The automatic created & modified times when saving records are now consistent. There used to be an edge case where they could differ by one second.
• Undocumented, untested features around the IIS_SERVER constant have been removed.
• FormHelper::dateTime() now selects the correct year when creating an input which has a maxYear earlier than the current year.
• Email views now calculate the boundary later in the rendering process fixing issues where View callbacks could append inline images or attachments, resulting in incorrect boundary markers.

What is new in version 2.3.4 / 1.3.16:

• CakePHP 1.2.12, 1.3.16, 2.2.8 and 2.3.4 have just been released to fix a critical issue with how pagination & PaginatorComponent handle sort criteria.

What is new in version 2.3.3:

• Allowing behaviors' beforeSave callback to change the datasource to be used for the actual save.
• Fixing bug in FormHelper where the incorrect meridian would be selected for time fields.
• Solved issues with models not being added when $uses = true.
• Fixed condition parsing in mysql specific cases.
• Added support for key => value cookies in HttpSocket.
• Preventing "maxlength" attribute input element of type "number".
• Fixed incorrect timestamp values when using CakeTime::fromString()

What is new in version 2.3.1:

• The ServerShell now correctly handles plugin and theme assets.
• FormHelper::inputs() now correctly handles plugin models.
• Backwards compatibility for HABTM checkboxes has been improved.
• Schema generation works better with SQLServer now.
• Baking models better detects has and belongs to many associations.
• Security::rijndael() now correctly generates random iv values. It will continue to decrypt values encrypted with a fixed iv. This improves security of encrypted values, by preventing dictionary attacks on the key/value.
• Altering tables with Postgres properly renames fields now.
• Regular expression operators are better supported in Postgres.
• Fatal errors now display when gzip encoding is enabled.

What is new in version 2.2.1 / 2.1.5:

• Security fix: CakePHP 2.1.5 and 2.2.1 have just been released. If using CakePHP's `Xml` class, the user should upgrade as soon as possible.

What is new in version 2.2.0:

• Dispatcher filters, a lightweight way of attaching callbacks as middleware to the dispatcher lifecycle for easier caching or faster action responses.
• New rich api for creating and removing validation rules on the fly for models
• Seamless pagination for custom find types
• Support for real nested database transactions
• Cache groups, a nice way for tagging and mass deleting cache entries using such tags
• Improved logging support, several new utility methods were added to CakeLog
• Configure class can now dump stored values into any persistent storage
• AuthComponent now accepts contain as a key for storing extra user information in session
• Several improvements to CakeEmail, such as custom header charset, custom themes, setting links domain and custom helpers defined at configuration time

What is new in version 2.1.3:

• ControllerTestCase no longer overwrites GET/POST when simulating requests.
• Xml::fromArray() now properly handles out of sequence numeric keys.
• TranslateBehavior and Model::saveAll() now correctly save translations in hasMany associations.
• Router::queryString() now correctly handles appending to existing querystrings.
• Model::saveMany(), saveAssociated() correctly save data that was modified in a beforeValidate() callback.
• View now correctly re-uses the Controller event manager instance.

What is new in version 2.1.2:

• A change to CakeSession was reverted to help solve issues with IE8 and sessions being lost.
• Fixed an issue with SQLServer + boolean columns.
• DboSource::buildJoinStatement() does not add the schema when the table is a subquery.
• SessionComponent::id() always returns the sessionid. It will auto-start the session if necessary.
• Method checking in Model for expression() and calculate() is only done when required now.
• The testsuite now always uses the test datasource. Previously, if you did not include any fixtures and ran tests that required the database, the default connection was used.
• URL fragments are no longer urlencoded. This caused issues with client side frameworks like backbone.
• The return of L10n::get() consistently returns the language.
• HTML escaping for string urls on css() and script() was fixed.
• Warnings from saveAll() with an empty hasMany data set are fixed.
• Validation::decimal() accepts values like 10 and 10.0.
• FormHelper::postButton() no longer makes invisible but

What is new in version 2.1.1:

• Updated the .htaccess files, make sure you update them in you apps as well.
• Set::sort() now correctly sorts when using {s}.path
• Fixed Session.cookieTimeout default behavior
• Made Validation class more strict when checking values in list.
• Used urldecode trailing pass arguments in the URL
• Added missing 'recursive' option to DigestAuthenticate object.

What is new in version 2.1.0:

• Updated minimum PHP version requirement to 5.2.8 due to PHP bugs #44251 and #45748
• Paginator helper now accepts an option to set the default class for the "current" page link
• Extending non-existing views will throw an exception
• Extending views using an absolute path (relative to the View folder) is now possible
• Most view files in the cake core such as home.ctp and the default layout were moved into the app folder.
• Query params are now shown in database log when using prepared statements
• Transaction commands (BEGIN, COMMIT, ROLLBACK) are now shown in database log
• Added Set::nest() and Set::get(). The former is used to created a nested array out of a plain one using an array key as reference. Set::get() is used to access any array value using dot notation.
• Added Router::defaultRouteClass() to get/set the default Route class. This makes it easy to set a global default, useful for slug routes or i18n.

What is new in version 2.0.6:

• Fix reset() missing delivery property.
• Fix incorrect doc block.
• Added decoding of keys for named parameters
• Added test for check nested url
• Fix issue where session would always be regenerated.
• Fixing API docblock
• Fixed bug in CacheHelper where PluginAppController was not being loaded
• Fix correct node lookup when authorize object uses plugin userModel setting, fixes #2464
• Updating minimum PHP version requirement to 5.2.8 due to PHP bugs #44251 and #45748. Closes #2509
• Wrap aliases containing , in ""
• Add test for saveField() + foreign key.
• Fix indentation.
• Fix issues with sparse arrays in ThemeView.
• Remove incorrect parameter in HtmlHelper::script docblock example
• Set encoding in CSS file.
• Preventing datasource creationa and access on models having $useTable = false;
• Add note about PHP's include_path.
• Merge changes from hmic/CakeEmail-2.0
• Set correct default validate option, now matches saveAll/saveMany default value, fixes #2492
• Merge changes from 1.3 to 2.0
• Add test for Validation::url() + sftp.
• Adding test for #GH424
• Reformat long line.
• Update Model::saveAssociated() documentation
• Test case and Fix for: Number::currency() issue
• Removed constant available only in php 5.3 and changed exception type to fix errors on php 5.2. Fixes #2487
• Prevent blackhole auth error where are present multi fields
• Simplify how options are checked.
• Fix prefix = false in connect()
• Updating test to reflect last changes made by pull #413.
• Fixes the MethodNotAllowed when deleting a model from an scaffolding view.ctp page
• Reviewing the logic in the Shell::in($prompt, $options = null, $default = null)
• Fixed broken Controller::setAction() testcase
• Testcase for Controller::setAction()
• Properly set the current action on CakeRequest when invoking Controller::setAction()
• Update UpgradeShell for App classes.
• $action in AclShell::_getParams() defaults to '*', not NULL
• Fix boundaries used in multi-part messages.
• Fixed wrong boundary marker for inline-files, inline-files should start new rel-boundaries, not (outer-)mixed-boundaries.
• Return length 36 for uuid columns in Postgres.describe()
• Replace smart quotes with ASCII equivalents.
• Add additional empty() for tablePrefix.
• Add iPad to the list of mobile clients.
• Ensure the class has a constructor
• Fix errors generated when option['order'] is undefined.
• Fix error with more case-sensitive databases.
• Fix issue with find(count) and translated conditions.

What is new in version 2.1.0-beta:

• Update version number to 2.1.0-beta
• Added default prefix to cache configurations.
• Avoiding class name conflicts
• Merging ThemeView and View class
• Set encoding in CSS file.
• Logging transaction commands in DboSource, fixes #2457
• Preventing datasource creationa and access on models having $useTable = false;
• Added validation guess for not null + text types.
• Added note about PHP's include_path.
• Merged changes from hmic/CakeEmail-2.0
• Set correct default validate option, now matches saveAll/saveMany default value, fixes #2492
• Merged changes from 1.3 to 2.0
• Added sftp to url()
• Added test for Validation::url() + sftp.
• Readability changes
• Not sending the response in beforeRender, better let Dispatcher do its work
• Adding test for #GH424
• Reformat long line.
• Update Model::saveAssociated() documentation
• Test case and Fix for: Number::currency() issue

What is new in version 2.0.5:

• Fixing TMP cleanup code in FolderTest
• Removing _Token from request data.
• Fix ambiguous content types in RequestHandler.
• Adding sort on testresults, to avoid incorrect order returned by MySQL
• Update to assertEquals on Folder tests
• Adding testcase for saving habtm associations with no primary model data set
• Added test cases to include $exceptions with Folder::chmod()
• Added @link to File and Folder utilities
• Added missing @link to docs if available to helpers
• Fixed more strict errors.
• Updated test for debug
• Updated tests for debug()
• Fixed inconsistent debug parameters and empty '(line )'

What is new in version 2.0.4:

• Fixing issue where changing the case for an action in the url would allow the action in the AuthComponent making it accessible to not-logged in users
• Fix issue with dots in request URLs.
• Improved API documentation
• Escape special characters in XML.
• Moving AppShell inside Console/Command for consistency with file location of other App classes. Also making all core shells and tasks extends AppShell instead of Shell.
• Preventing memory leak in PDO when retrieving results from the driver
• Fix protocol relative urls for CSS and JS files.
• Removing _Token from request data.
• Fix ambiguous content types in RequestHandler.

What is new in version 2.0.2:

• Exception messages are shown instead of overridden in debug mode
• Fixes encoding issues with debug().
• Fixed typos in default css
• MimeType audio/ogg added
• Fixes UUID issue in SQLite
• Fixes issue in RequestHandlerComponent.
• Updates generated cache files to include the response object
• Returns correct byte length instead of number of characters in Content-Length

What is new in version 2.0.1:

• Params in router are now correctly urlencoded/urldecoded
• Added automatic Content-Length header to hint browser of the end of the response when using persistent connections
• AuthComponent deny() when called with now parameters will deny all actions
• Prevented unneeded afterFind callback triggering on associated models
• Added Opera Mobi to mobile detectors.
• RedirectRoute will now terminate the script execution after setting the headers

What is new in version 1.3.13:

• Mime type notices have been removed from the EmailComponent. They were causing deliverability issues with SQS and other email services.
• The default Email Message-ID's have been modified to increase compatibilty with spam assassin rules.
• SecurityComponent now works correctly with Model.field.1 style inputs.
• Joins in TranslateBehavior have been updated and optimized.
• Application of configuration/model prefixes has been moved into DboSource. It was previously done inconsistently. If you are using 'joins' in your queries, you should omit calling $db->fullTableName().
• Errors can now have empty messages in FormHelper.
• Incorrect formatting of floats in MySQL introduced in 1.3.12 has been fixed. There were issues with lost precision that are now resolved.
• Permission issues with FileCache introduced in 1.3.12 have been fixed.

What is new in version 2.0.0-RC3:

• Ensured the stability of test cases for the CakePHP core.
• Refactored how the joins key for Model::find() is treated, this means the ability to auto add the table prefix for join tables and cleaner code.
• Making locking file caching the default. Locking files prevents many issues with unserialize() warnings caused by partially written files.
• Now custom Authorization classes can implement their own password hashing. See this article for a clear example.

What is new in version 1.3.11:

• Updating version numbers.
• Adding tests for absolute urls on script elements.
• Added Bake-Banner to home.ctp for baked projects.
• Updating path constant in CodeCoverageManager to better support custom installs.
• Reversing the order fixtures are truncated in order to remove data in a way that better supports foreign keys.
• Removing redundant/always true conditions in Controller::__mergeVars.
• Fixed typo
• Closing forgotten tag.
• Fixing singularization of "curves"
• Fixing issues with ApcEngine and duration = 0 (forever) values.
• Renamed chmod to mode in the comments for function copy.
• Adding early return when connection to MySQL or MySQLi fails.
• Unnecessary str_replace
• Synchronizing home.ctp file in skel directory with the one in default app.
• Hide DB credentials
• Fixing doubly encoded action attributes in FormHelper.
• Adding a test for double escaped form URLs.
• Unnecessary line
• Fixing issue with generic.css and overlapping in view scaffolds. Thanks to 'euromark' for the patch.
• Added App::import('Model', 'ConnectionManager') to cake/libs/sanitize.php to prevent missing class errors.
• Synchronizing default css file in skel directory.
• Updating docblock for Sanitize::stripScripts()
• Add doc block for CakeSchema::_noPrefixTable
• Consolidate table prefix removal.
• Added test for datasource prefixes. Fixed another instance of error in prefix replacement in CakeSchema.
• Fixed schema reading where table name contains the datasource prefix.
• Updating the copyright to 2011.
• Fixing notice errors caused by trying to operate on keys that don't exist.

What is new in version 1.3.10:

• This release contains 10 commits, and 3 bug fixes.
• An addition has been made to check for URL Rewriting capabilities on your web server, providing a helpful message with links to the CakePHP book for assistance to configure URL rewriting.
• The XML class previously incorrectly processed elements with children for slugging, this has also been fixed.

What is new in version 1.3.9:

• An issue introduced in 1.3.8 that caused the -app flag to not work correctly, has been fixed.
• The MySQL driver no longer does joins on delete queries unless a join is required.
• TextHelper::autoLinkEmail() no longer creates links for email addresses missing TLD's
• CakeSocket::write() works better with lazy/slow servers.
• Fixtures are a bit more robust, and field order/missing fields do not cause spurious errors.
• Cookies are recursively deleted when a top-level key is removed.
• Xml::toArray() was updated and support for various XML formats is improved.
• MemcacheEngine now supports persistent connections correctly.

What is new in version 1.3.8:

• Boolean handling for Postgres has been improved.
• Installs using the top level index.php and no url re-writing should work better now.
• DboMysqli no longer incorrectly handles socket and port options.
• Blackholes caused by defining custom name attributes on fields has been fixed.
• The %e time specifier now works on windows.
• Cake console properly runs when started in C:\ on windows.
• Actions starting with their prefix, but lacking a '_' are correctly handled now.
• Can now create submit buttons with no text.

What is new in version 1.3.7:

• Usage of serialize() was removed from SecurityComponent.
• View::element() now correctly uses '.ctp' as a fallback extension.
• View variables are now passed to CacheHelper, making view caches more powerful.
• EmailComponent now registers and un-registers its view class, this fixes issues where helpers needing a view would trigger errors.
• Memcache engine now correctly stores entries with expiry dates greater than 30 days.
• Empty session ids no longer cause errors with database session storage.
• TextHelper::autoLinkEmails works with emails containing '.
• Console test suite now exits with a non zero code on test failure.

What is new in version 1.3.6:

• Applying updates to skel/core.php.
• Fixed the minutes into seconds for session timeout.
• Fixing issue where value in difference array was always the string value instead of the original value.
• Removing dead code in EmailComponent.
• Applying doc block changes to app/config/core.php as well.
• Applying doc block changes from 'teknoid'.
• Adding a test for saving blank fields on a model.
• Applying patch from 'Justas Butkus' to fix CakeSchema::compare()
• Applying patch from 'Utoxin' that removes hardcoded 'app' string from Dispatcher.
• Adding a test for containable modifying return.

What is new in version 1.3.5:

• A warning to inform developers about broken PCRE libs was added to the default home page.
• RequestHandlerComponent now sends content-type and encoding headers for html pages automatically.
• Writing Cache entries with duration 0, would not create non-expiring entries for memcache and apc engines.
• Table names with spaces should now work correctly.
• Compatibility with Postgres 9.0 was improved.
• MemcacheEngine now correctly works with IPv6 addresses.
• Conditions for removing <cake:nocache> tags was relaxed so they are removed even when the CacheHelper is not loaded.
• SecurityComponent and digest auth work correctly with email address usernames.
• Router now correctly handles patterns for the :action parameter.
• Schema generation for connections with prefixes was updated to omit the prefix in the schema, to avoid issues where two prefixes would be appended.

What is new in version 1.3.4:

• Schema files generated for plugins now have $PluginSchema for the classname instead of AppSchema
• Route parameters with - in them should now work as expected.
• Issues related to SessionComponent::destroy() not always removing data were fixed.
• Scaffold works better with Themes.
• String::insert() works better with keys that begin with sub-patterns containing other keys.
• DboMysql now correctly pulls out column + table parameters.
• Issues related to setlocale() and SQL errors caused by locales that use ',' for the decimal separator on floats were fixed.
• EmailComponent now more correctly handles email addresses with name aliase

What is new in version 1.2.8:

• Welsh was added to the supported list of locales in l10n
• Controller::validateErrors now accepts arbitrary model objects. This better reflects the intention of the documentation.
• Calling bindModel/unbindModel multiple times now correctly resets associations.
• TextHelper::autoLink() no longer strtolower()'s the urls, as this created issues with URL shorteners.
• HttpSocket no longer loses auth credentials when multiple requests are made with same object.
• String::insert() will now correctly handle two keys starting with the same subpattern.

Requirements:

• PHP 5.2.8 or higher