Skip to content

Latest commit

 

History

History
387 lines (317 loc) · 27.1 KB

CHANGELOG.md

File metadata and controls

387 lines (317 loc) · 27.1 KB
Raw

Changelog

v1.3

Full List of core changes since 1.2

Removed code (because it was deprecated in v1.2)

  • Controller: Deprecated $response property has been removed from all base controller classes. All controller actions now HAVE TO return their results, either a Response object, or something that can be cast to string. If you are still on pre v1.2 controller code, your application will NO LONGER work after the upgrade to v1.3.

Code deprecated in v1.3 (to be removed in v1.4)

  • Orm: Model method values() has been deprecated. Use set() instead.

Security related

  • PHPSecLib: Has been updated to v0.2.2.
  • HTMLawed: Has been updated to v1.1.12.

System changes

  • Debug_: You can now modify the default display behaviour of dump() through Debug::$js_toggle_open.
  • Upload: Now allows you to set custom messages in validation callbacks.
  • Config: Config::load now always returns the loaded configuration.
  • Pagination: Now uses anchors for all pagination enties, which allows for better styling.

Specific classes

  • Arr: Arr::pluck has been added.
  • Arr: Arr::remove_prefixed has been added.
  • Arr: Arr::insert_assoc has been added.
  • Asset: Has been updated to work better on Windows.
  • Asset: Asset::find_file has been added.
  • Asset: Asset::add_type has been added.
  • DB: DB::in_transaction has been added.
  • DB: Added support for compressed MySQL connections through the new compress config key.
  • Error: PHP notices/warnings/errors are now caught and thrown as an Exception.
  • Event: The Event class has been converted to be instance based.
  • Fieldset: You can now choose to overwrite existing options when using set_options.
  • File: download() has been made to work when shutdown events are defined that set headers.
  • Image: New option on load() to force a file extension.
  • Format: CSV file handling has been improved.
  • Log: Now supports custom log levels.
  • Log: Now allows you to configure an array of specific log levels to log.
  • Migrate: Now supports multiple package paths.
  • Mongo_Db: Mongo_Db::get_collection has been added.
  • Pagination: Added attrs keys to the configuration to define custom anchor attributes.
  • Redis: Added support for connection timeouts through the new timeout config key.
  • Str: Str::starts_with has been added.
  • Str: Str::ends_with has been added.
  • Str: Str::is_json has been added.
  • Str: Str::is_html has been added.
  • Str: Str::is_serialized has been added.

Packages

  • Auth: get_profile_fields() now allows you to fetch a single profile field.
  • Email: New NoOp email driver allows testing without sending emails out.
  • Oil: Now returns a non-zero exit code on failures.
  • Oil: Added support for PHPunit clover, text and phpformat Code Coverage methods.
  • Orm: New model method register_observer() and unregister_observer() to define new observers at runtime.
  • Orm: Added support for where and order_by clauses to relation conditions.
  • Orm: set() method has been updated to provide the same API as Model_Crud.
  • Orm: PK's are now typecast on retrieval if a type has been defined in the properties.
  • Orm: Update query code has been improved for better support of PostgreSQL.
  • Parse: Smarty driver now supports the plugin_dir path.

v1.2

Full List of core changes since 1.1

Removed code (because it was deprecated in v1.1)

  • All factory() methods. The have been replaced by forge().
  • Agent::is_mobile(). Replaced by is_mobiledevice().
  • Arr::element(). Replaced by get().
  • Arr::elements(). Replaced by get().
  • Arr::replace_keys(). Replaced by replace_key().
  • Controller::render(). Is no longer used as actions need to return a Response object now.
  • Database_Connection::transactional(). Was already a NOOP.
  • DB::transactional(). Called Database_Connection::transactional().
  • Fieldset::errors(). Replaced by error().
  • Fieldset::repopulate(). Undocumented parameter was removed, functionality is offered by populate().
  • Fuel::find_file(). Replaced by Finder::search().
  • Fuel::list_files(). Replaced by Finder::instance()->list_files().
  • Fuel::add_path(). Was used by find_file(), no longer needed.
  • Fuel::get_paths(). Was used by find_file(), no longer needed.
  • Fuel::add_package(). Replaced by Package::load().
  • Fuel::remove_package(). Replaced by Package::unload().
  • Fuel_Exception class. Replaced by FuelException.
  • Input::get_post(). Replaced by param().
  • Lang::line(). Replaced by get().
  • Request404Exception class. Is replaced by HttpNotFoundException.
  • Uri properties $uri and $segments are now protected. Use Uri::get() and Uri::get_segment() or Uri::get_segments().
  • Validation::errors(). Replaced by error().
  • Viewmodel property $_template. Is replaced by $_view.
  • Viewmodel::set_template(). Replaced by set_view().

Code deprecated in v1.2 (to be removed in v1.3)

  • Pagination: Class will be removed and replaced by a new Paginate class.
  • Fuel::add_module(). Is replaced by Module::load().
  • Fuel::module_exists(). Is replaced by Module::exists().
  • Theme::asset(). Replaced by asset_path().
  • Theme::info(). Replaced by get_info().
  • Theme::all_info(). Replaced by load_info().

Security related

  • Security class now requires you to define the security.output_filter application config setting. An exception is thrown if it isn't present.
  • Security::htmlentities() now defaults to use ENT_QUOTES instead of ENT_COMPAT as flag. This is configurable in the second argument for the method and the default can be overwritten in config as security.htmlentities_flags.

System changes

  • Controller: action methods, or the controllers after() method if present, now must return a Response object.
  • Controller: before() and after() methods are now optional, as documented.
  • Controller_Hybrid: combines Controller_Template and Controller_Rest in a single base controller for mixed HTTP and REST responses.
  • Controller_Rest: added a fallback to "action_" when no HTTP method action is found.
  • Controller_Rest: you can now define custom HTTP status codes.
  • Controller_Template: the $auto_render setting has been removed, to prevent rendering return whatever you want to use instead.
  • Database: The PDO driver now supports list_columns().
  • Module: new Module class to load or unload modules.
  • Uri: the URL extension is no longer part of the URI. A new extension() method allows you to fetch it.
  • Request: Request_Curl now properly deals with succesful requests that return a 4xx or 5xx HTTP status.
  • Request: Request_Curl and Request_Soap now supports returning header information. A get_headers() has been added to fetch them manually.
  • Router: can now be configured to treat URI's without regards to case.

Specific classes

  • Arr: Arr::to_assoc() now throws a BadMethodCallException on bad input.
  • Arr: Arr::assoc_to_keyval() now requires all parameters and first parameter must be an array or implement Iterator.
  • Arr: Added reverse_flatten(), is_assoc() and insert_before_key() methods.
  • Arr: Added in_array_recursive() to do a recursive in_array() lookup.
  • Asset: Separated into the static front (Asset) and dynamic instance (Asset_Instance).
  • Asset: Separated into the static front (Asset) and dynamic instance (Asset_Instance).
  • Asset: css(), js() and img() methods are now chainable.
  • Asset: you can now specify a URL as location, for CDN support.
  • Asset: new fail_silently config value allows you to skip missing assets.
  • Cli: now supports ANSICON on Windows for colored commandline output.
  • Config: is now driver based to support php, ini, yaml and json type configs.
  • Config: now allow you to load a file by FQFN.
  • Cookie: all cookie data can now be fetched like Input class does.
  • Date: All fuel notices have been replaced by UnexpectedValueExceptions.
  • Date: On windows an extra fallback has been added for the create_from_string() method.
  • Date: new display_timezone()' and get_timezone_abbr()`, and changes to support working with multiple timezones.
  • DB: cache() now has the option not to cache empty resultsets.
  • DB: where() do now support closures to specify the where clause.
  • DB: Update now supports limit() and order_by().
  • DB: now tries to reconnect when a disconnected DB connection is detected.
  • DButil: create_database() now supports 'IF NOT EXIST'.
  • DButil: Better support for the CONSTRAINT keyword.
  • DButil: new add_foreign_key() and drop_foreign_key() methods.
  • Event: shutdown events are now also executed after exit and die statements.
  • Fieldset: added set_fieldset_tag() to define the fieldset tag. Fieldset: added add_before() and add_after() methods to insert a new field before/after a specific field.
  • Fieldset_Field: added add_description() method and {description} tag to templates.
  • Fieldset_Field: added add_error_message() method to create error message overwrites per field.
  • File: download() now allows you to continue processing after calling it.
  • Form: Separated into the static front (Form) and dynamic instance (Form_Instance).
  • Inflector: now supports Hungarian accepted characters when converting to ascii.
  • Input: method() now supports the X-HTTP-Method-Override header.
  • Input: new json() and xml() methods to fetch json or xml from the HTTP request body.
  • Lang: load() method now supports overwriting when merging language files.
  • Lang: now allow you to load a file by FQFN.
  • Lang: is now driver based to support php, ini, yaml and json type language files.
  • Lang: language files can now be saved (as php, ini, yaml or json) using save().
  • Migrate: now tracks individual migrations, so they don't have to have a sequence number anymore.
  • Model_Crud: now supports created_at and updated_at fields, like ORM\Model does.
  • Model_Crud: now has full callback support.
  • Model_Crud: you can now run validation separately (::validates) and skip validation when saving a model.
  • Profiler: profiler logging methods are now NO-OP's when the profiler is not loaded.
  • Profiler: now writes it's output under the page content, instead of using an overlay.
  • Session: Added session task to create and remove sessions table.
  • Session: New sessions are not saved until there is data present in the session.
  • Theme: Separated into the static front (Theme) and dynamic instance (Theme_Instance).
  • Theme: now supports installation outside the docroot (for views).
  • Theme: now uses the Asset class to load theme assets.
  • Theme: instances now support templates, template partials and partial chrome templates.
  • Validation: You can now disable fallback to global input using the 'validation.global_input_fallback' config setting.

Packages

  • Auth: Auth login drivers no have a validate_user method to validate a user/password without setting up a logged-in session.
  • Auth: SimpleAuth SimpleUserUpdateExceptions are now numbered to be able to identify the exact error after catching the exception.
  • Email: Now handles SMTP timeouts properly.
  • Email: You can now specify the return address.
  • Email: Now handles BCC lists correctly when using SMTP.
  • Email: Respects new lines in alt body better.
  • Email: You can now specify the return address.
  • Oil: Use phpunit.xml from APPPATH if present when running unit tests.
  • Oil: Reinstated oil package command to install packages from git repositories.
  • Oil: You can define the environment the command has to run in using the -env commandline switch.
  • Oil: Scaffolding now supports both Model_Crud and Orm\Model.
  • Oil: Scaffolding now supports adding created-at and updated-at.
  • Oil: Scaffolding now supports skipping the creation of a migration file using -no-migration.
  • Oil: There is now a core task to generate the table for the database session store.
  • Orm: New model method is_fetched() checks if relation data is fetched without triggering a new query.
  • Orm: Validation section of the properties has a new key skip to indicate the field should not be validated.

v1.1

Full List of core changes since 1.0.1

System changes

  • Deprication of Request::show_404(), replaced with throw new HttpNotFoundException that has a handle method to show the 404
  • Support for handle() method that is run when an exception isn't caught before Error::exception_handler() catches it.
  • Support for special _404_ route now in public/index.php thus no longer part of the core but still supported as a 'official default'
  • Closures are now also supported in routes, thus routing to a Closure instead of a controler/method uri. Also added support for any type of callable in Route extensions you write yourself.
  • Closure support in all getters & setters: if you get a value and also input a default the default can also be a Closure and you'll get the result of that. For setters the input can also be a closure and the result of the Closure will be set. (except for View::set() as one might want to pass a closure to the View)
  • Moved the Environment setting from the app/config/config.php file to the app/bootstrap.php file.
  • All factory() methods have been renamed to forge(). This name better states the method's function. The factory() methods are still there for backwards compatibility, but are deprecated and will log warning messages when used.
  • The $this->response Response object is now deprecated. Your action methods should return either a string, View object, ViewModel object or a Response object.
  • Added the fuel/app/vendor directory to the default install.
  • You can now have an unlimited number of sub-directories for your controllers. (e.g. classes/controller/admin/users/groups.php with a class name of Controller_Admin_Users_Groups would be at site.com/admin/users/groups)
  • There is no longer a default controller for directories. It used to be that going to something like site.com/admin would bring up Controller_Admin_Admin in classes/controller/admin/admin.php. Now you must place that controller at it's expected location classes/controller/admin.php with a name of Controller_Admin.
  • A Controller::after() method now gets passed the response of the controller, it must return that response (or modified) as well.
  • Added new function get_real_class() to which you can pass a classname and it will return the actual class, to be used on classes of which you're not sure whether it is an alias or not.
  • Module routes are prepended to the routes array when Fuel detects the fist URI segment as a module, therefor parsing them before an (:any) route in the app config.
  • Config is now environment aware and allows partial/full overwriting of the base config from subdirectories in the config dir named after the environment.
  • Added a new Theme class. It allows you to easily add Theme support to your applications.
  • Fuel_Exception has been renamed to FuelException
  • Fuel::find_file() and related methods are now deprecated. Use the Finder class instead (e.g. Finder::search()).
  • Migrations are now supported in Modules and Packages
  • Routing has 3 new shortcuts:
    • :almun matches all utf-8 alphabetical and numeric characters
    • :num matches all numeric characters.
    • :alpha matches all utf-8 alphabetical characters
  • Put the Autoloader class into Fuel\Core to allow extending it, it must now be required in the app bootstrap file which is also the location where you must require your own extension.

Security related

  • Added Fuel's own response object class Fuel\Core\Response to default whitelist in app/config/config.php of objects that aren't encoded on output by the View when passed.
  • The security.auto_encode_view_data config option in app/config/config.php has been renamed to security.auto_filter_output.
  • stdClass was part of the default whitelisted classes from output encoding, this was a bug and it has been removed.

Specific classes

  • Arr: Added methods Arr::get(), Arr::set() and Arr::prepend().
  • Arr: Arr::element() and Arr::elements() have been deprecated. Use the new Arr::get() instead.
  • Database: Using transactions will no longer prevent exceptions, exceptions are thrown and should be handled by the dev. The Database_Transaction class has been deprecated as it has little use because of this change.
  • File: File::read_dir() (and related methods on Area and Directory handler) now return dirnames with directory separator suffix
  • Fieldset_Field: Parsing of validation rules has been moved from Fieldset_Field::add_rule() to Validaton::_find_fule(), from the outside the method still works the same but notices for inactive rules are now only shown when running the validation.
  • Form: Added inline error reporting, which must first be switched on in config and will replace an {error_msg} tag
  • Form: New default form template which puts it inside a table.
  • Fuel: Added Fuel::value() which checks if the given value is a Closure, and returns the result of the Closure if it is, otherwise, simply the value.
  • Image: No longer throws Fuel_Exception for any type of exception but instead RuntimeException, InvalidArguementException and OutOfBoundsException where appropriate.
  • Input: Input::post(null) doesn't work to get full post array anymore, just Input::post() without params - same for all other Input methods
  • Input: Input::get_post() has been deprecated and replaced by Input::param(). It now also includes PUT and DELETE variables.
  • Input / Uri: Uri::detect() moved to Input::uri() as it is part of the input and thus should be part of the input class
  • Request: You can now also do external requests through the Request class, for now only a curl driver: Request::forge('http//url', 'curl') or Request::forge('http//url', array('driver' => 'curl', 'method' => 'post', 'params' => array()).
  • Validation: Validation::errors() is depricated and replaced by singular form Validation::error() to be more in line with other class methods
  • Validation: New 3rd parameter added to Validation::run() that allows adding callables for the duration of the run.
  • View: The view class has been refactored and works much better now. Output filtering is vastly improved.
  • View: View::capture() has been split into two protected instance methods: process_file() and get_data(). You will need to update your View class extensions.
  • View: View::$auto_encode has been removed. It has been replaced but auto_filter, which is per-view instance.
  • ViewModel: Refactored the class internals to work more transparently with the View.
  • ViewModel: Deprecated $this->_template and renamed it to $this->_view.
  • ViewModel: Updated to work with the refactored View class. Added $this->bind().
  • ViewModel: Deprecated $this->set_template() and renamed it to $this->set_view().
  • Html: Removed (not deprecated) the following methods: Html::h(), Html::br(), Html::hr(), Html::nbs(), Html::title(), Html::header(). You should simply write the HTML yourself.
  • Config: Added Config file drivers for PHP, INI, JSON and Yaml. They are detected by file extension (e.g. Config::load('foo.yml') will load and parse the Yaml).

Packages

  • Auth: Renamed default table name from simpleusers to users.
  • Auth: Added config options for DB connection and table columns used for fetching the user.
  • Auth: Removed default config for groups & roles in simpleauth.php config file, only commented out examples left.
  • Orm: Lots of tweaks to Observer_Validation related to changes to Validation & Fieldset_Field classes. Also changed it to only save properties that are actually changed.
  • Orm: The ValidationFailed thrown when the Observer_Validation fails now includes a reference to the Fieldset instance that failed: $valfailed->get_fieldset();
  • Orm: Added support for changing the type of join used when fetching relations, example: Model_Example::query()->related('something', array('join_type' => 'inner'))->get();
  • Orm: Observers are no longer singleton but one instance per model with per model settings, check docs for more info.
  • Parser: Added Parser package to the default install.
  • Parser: Mustache is now part of the Parser package by default. Version 0.7.1.
  • Email: The Email package is added.

v1.0

Core

Full Changelog

Auth

Full Changelog

Oil

Full Changelog

Orm

Full Changelog

v1.0-RC3

Core

Full Changelog

Auth

Full Changelog

Oil

Full Changelog

Orm

Full Changelog

v1.0-RC2.1

Core

  • Fixed a security issue where the URI was not being properly sanitized.

v1.0-RC2

Core

  • oil refine install now makes the config directory writable. (Dan Horrigan)
  • Added auto-id to select fields (Kelly Banman)
  • Fixed typo in ::analyze_table (Frank de Jonge)
  • replaced the regex that processes :segment in the Route class. closes #33. (Harro Verton)
  • Closes #31: logic error caused the Crypt class to update the config when nothing is changed. (Harro Verton)
  • Fixed up XML output so that singular versions of basenode names are used when a numeric value is provided as a key.XML doesn't like numeric keys and item, item, item is boring. Also moved formatting logic out of the REST library. (Phil Sturgeon)
  • Added Format::to_php(). (Phil Sturgeon)
  • Updated Form config file to work with the Form class we've had for the past 3 months (oops). Fixes #93 (Jelmer Schreuder)
  • Fixes #115: Form::button() now produces a <button> tag instead of <input> (Harro Verton)
  • Fixed #116: Throw an error if File::update can't open the file for write (Harro Verton)
  • Added a check to File::open_file() to make sure $resource is a valid resource before we attempt to flock() (Harro Verton)
  • Fixed badly named variable in profiler. (Phil Sturgeon)
  • Show full file paths in the Install task. No security concern if you're already in the terminal. (Phil Sturgeon)
  • Fixed bug in \Date::create_from_string() where the date produced would always be exactly one month behind the actual date. (Ben Corlett)
  • updated the Crypt class to make the generation of the random keys more secure (Harro Verton)
  • fixed error in Fuel::find_file(), causing a PHP notice on repeated finds (Harro Verton)
  • The DBUtil class now respects the table prefix if set (Fixes #103). (Dan Horrigan)
  • If an empty string is passed to Format::factory('', 'xml') it will no longer error, just return an empty array. (Phil Sturgeon)
  • Added PHPSecLib to vendor to provide encryption features if no crypto is available in PHP. (Harro Verton)
  • Rewritten the crypto class to use AES256 encryption, and a HMAC-SHA256 tamper validation hash. (Harro Verton)
  • Added Redis to the bootstrap. (Jelmer Schreuder)
  • Made Inflector::camelize() return camelcased result again but the Inflector::classify() won't use it anymore and still respect underscores. (Jelmer Schreuder)
  • Allow setting labels as array including attributes instead of just tring in form->add (Jeffery Utter)
  • Fix Date class. strptime returns years since 1900 not 1901. Dates were a year in the future. (Jeffery Utter)
  • Options wasn't being passed when adding a radio.. thus it wasn't making all the separate fields. (Jeffery Utter)
  • fixes bug #96: advanced regex must use non greedy match to properly match segments (Harro Verton)
  • fixes bug #99: PHP notice due to not-initialized property (Harro Verton)
  • Using memory_get_peak_usage() instead of memory_get_usage() for more reliable memory reporting. (Jelmer Schreuder)
  • Form generation: Fixed issue with "type" attribute set for textareas and selects. Also prevented empty for="" attributes by ignoring null values. (Jelmer Schreuder)
  • Moved page link creation into separate method for more flexibility (Kelly Banman)
  • fixed broken database profiling (Harro Verton)
  • Input::real_ip() now returns "0.0.0.0" if IP detection fails (Harro Verton)
  • Bugfix: hidden inputs created with the Fieldset class caused unending loops. (Jelmer Schreuder)
  • Fixed a bug that caused the image library to refuse all image types. (Alexander Hill)
  • Corrected typos in the image class. (Alexander Hill)
  • Fuel::find_file() now caches files found per request URI, instead of a global cache. (Harro Verton)
  • Fixed a bug in the response constructor. Response body was not setting. (Dan Horrigan)
  • Bugfix: Fieldset::build() didn't match Form::build() for which it should be an alias. (Jelmer Schreuder)
  • Changed Controller_Rest formatting methods from private to protected so they can be extended (Tom Arnfeld)
  • Improved the Fieldset::repopulate() method to also take a Model or array instead of using the POST values. Will accept any array, ArrayAccess instance, Orm\Model or object with public properties. (Jelmer Schreuder)

Auth

  • Fixed an issue with the casing of the Simple-driver classnames. (Jelmer Schreuder)
  • Fixed small bug in Auth check method. (Jelmer Schreuder)
  • Bugfix: ACL rights merging went wrong because the base was a string instead of an array. (Jelmer Schreuder)

Oil

  • Updated scaffolding to work better with the new ORM package. Fix #81.
  • Suppress the error message for PHPUnit in oil, if it can't load the file from include it should just error as usual. (Phil Sturgeon)
  • Fixed PHPUnit, said it wasn't installed when it was. (Phil Sturgeon)
  • Fix #85: Scaffolding still referred to ActiveRecord instead of Orm. (Phil Sturgeon)

Orm

  • Added to_array() method to export current object as an array. Improved ArrayAccess and Iterable implementation to work with relations. (Jelmer Schreuder)
  • Finished the unfinished __clone() method. (Jelmer Schreuder)
  • Fixes #84 - now an exception is thrown when an invalid Model classname is given to a relation. (Jelmer Schreuder)
  • Implemented __isset() and __unset() magic methods for Orm\Model (Jelmer Schreuder)
  • Moved Query object creation into its own method to allow the more accurate Model_Example::query()->where()->get(). (Jelmer Schreuder)
  • order_by() didn't return $this with array input. (Jelmer Schreuder)
  • Fixed issue with constructing new models without adding properties. (Jelmer Schreuder)