Skip to content

Changelog v1.7.1

Jump to bottom
Harro Verton edited this page Nov 30, 2013 · 6 revisions

This keeps track of important changes to the 1.x branch.

When you decide to upgrade to a new version, pay attention to the changes documented in this changelog, and the upgrade procedures documented.

Important fixes, changes, notes. Read them carefully.

  • The index.php has been updated to make sure the Response body is rendered, and rendered only once. When upgrading to 1.7.1, don't forget to apply these changes!
  • When using the REST controller and returning an array as a response, the controller now checks if the response format is compatible. If not, it will return an error messsage and set a 406 HTTP status when in production mode. In other modes, it will return a warning and a JSON encoded dump of the array.

Backward compatibility notes

None.

Removed code (because it was deprecated in v1.7 or earlier)

None.

Security related

There were one security advisory issued for 1.7, which also impact all previous versions (see http://fuelphp.com/security-advisories). These issues are addressed in 1.7.1, it is strongly advised that you upgrade as soon as possible.

System changes

A new Sanitization interface has been introduced to the core. Objects can implement this interface, and when you pass such an object to a View, the object will not be cleaned, but the individual properties will be cleaned by the object itself when the properties are requested by the view.

ORM and Model_Crud models now implement the sanitization interface by default, and when enabled, they will return a cleaned copy of the property, instead of the property itself. This means you can now pass ORM model objects to Views, without the ORM object being destroyed.

Specific classes

  • Cache_Storage_Redis: Support for non-default Redis DB configs has been fixed.
  • Arr: get() now allows you to get array values using a key that contains a dot.
  • Arr: search() now has a new parameter to enforce a strict search.
  • Asset: css() now accepts the 'type' attribute.
  • DB: Now allows a DB connection to be set, to make sure SQL is compiled using the correct driver.
  • DB: You can now disconnect() and connect(), allowing you to reconnect when the connection has dropped.
  • DBUtil: set_connection() now accepts null to reset the connection instance set previously.
  • DBUtil: add_foreign_key() now has support for custom DB connections.
  • DBUtil: create_index now allows you to create a PRIMARY KEY index.
  • DBUtil: drop_index now allows you to drop a PRIMARY KEY index.
  • File: download() will now be executed after cookies have been written.
  • Form: select() now accepts zero or null as selected value.
  • Format: from_xml() now has support for XML namespaces.
  • Format: to_json() now accepts JSON encoding options, with configured default options.
  • Fuel: Make sure the locale is set before processing 'always_load'.
  • Image: create_hex_color() now correctly processes the alpha value.
  • Image: convert_number() can now deal properly with numbers using a decimal comma.
  • Image: Imagemagick driver now correctly stores the image size in its cache.
  • Input: uri() now always returns the URI with a leading slash.
  • Input: You can now control double decoding of urlencoded forms.
  • Lang: No longer uses a fixed path delimiter, causing issues on Windows.
  • Lang: When multiple languages are defined, the files are now loaded in the correct order.
  • Migrate: Now displays the correct migration version when migrating down.
  • Migrate: Now checks for existence of packages and modules before attempting to migrate them.
  • Model_Crud: Now implements lazy sanitation when an object is passed to a View.
  • Theme: You can now call render() more than once.
  • Uri: When $_GET is reassembled, it will now be security cleaned.

Packages

  • Auth: Problems with direct updates of permission join tables (PK=FK) have been fixed.
  • Auth: The multiple-logins config setting is now ignored unless there actually are multiple login drivers.
  • Email: A background color (#aabbcc) in an img tag is no longer seen as an attachment.
  • Parser: auth_has_access has been added as a Twig function.
  • Oil: Improved error reporting when it is unable to parse the given field definition.
  • Oil: When running a module task, the module path is now added at the front of the finder path list.
  • Oil: Duplicate migration filename detection has been fixed.
  • Oil: Refine will no longer dump the callstack when an exception occurs in production mode.
  • Oil: Generating a drop table migration has been fixed.
  • Orm: Models now implement lazy sanitation when an object is passed to a View.
  • Orm: Missing config for Temporal models has been fixed.
  • Orm: Model_Temporal find_revision() no longer throws an exception when no revision could be found.
  • Orm: The UpdatedAt observer now has the option to mark the object as updated if a related object was changed.
  • Orm: The Slug observer now has the option to define a custom separator.
Clone this wiki locally