Skip to content
This repository
Browse code

Merge branch 'hotfix/3622'

Close #3622
  • Loading branch information...
commit 2b1792ac35f20ec4e4552c508f3318ba6f638485 2 parents 02d00c3 + 642c0f0
Matthew Weier O'Phinney weierophinney authored

Showing 1 changed file with 52 additions and 0 deletions. Show diff stats Hide diff stats

  1. +52 0 CHANGELOG.md
52 CHANGELOG.md
Source Rendered
@@ -315,6 +315,50 @@
315 315 #2884
316 316 (https://github.com/zendframework/zf2/issues/3606)
317 317
  318 +### Potential Breakage
  319 +
  320 +Includes a fix to the classes `Zend\Filter\Encrypt`
  321 +and `Zend\Filter\Decrypt` which may pose a small break for end-users. Each
  322 +requires an encryption key be passed to either the constructor or the
  323 +setKey() method now; this was done to improve the security of each
  324 +class.
  325 +
  326 +`Zend\Session` includes a new `Zend\Session\Storage\SessionArrayStorage`
  327 +class, which acts as a direct proxy to the $_SESSION superglobal. The
  328 +SessionManager class now uses this new storage class by default, in
  329 +order to fix an error that occurs when directly manipulating nested
  330 +arrays of $_SESSION in third-party code. For most users, the change will
  331 +be seamless. Those affected will be those (a) directly accessing the
  332 +storage instance, and (b) using object notation to access session
  333 +members:
  334 +
  335 + $foo = null;
  336 + /** @var $storage Zend\Session\Storage\SessionStorage */
  337 + if (isset($storage->foo)) {
  338 + $foo = $storage->foo;
  339 + }
  340 +
  341 +If you are using array notation, as in the following example, your code
  342 +remains forwards compatible:
  343 +
  344 + $foo = null;
  345 +
  346 + /** @var $storage Zend\Session\Storage\SessionStorage */
  347 + if (isset($storage['foo'])) {
  348 + $foo = $storage['foo'];
  349 + }
  350 +
  351 +If you are not working directly with the storage instance, you will be
  352 +unaffected.
  353 +
  354 +For those affected, the following courses of action are possible:
  355 +
  356 + * Update your code to replace object property notation with array
  357 + notation, OR
  358 + * Initialize and register a Zend\Session\Storage\SessionStorage object
  359 + explicitly with the session manager instance.
  360 +
  361 +
318 362 ## 2.0.7 (29 Jan 2013):
319 363
320 364 - 1992: [2.1] Adding simple Zend/I18n/Loader/Tmx
@@ -640,6 +684,14 @@
640 684 exceptions
641 685 (https://github.com/zendframework/zf2/issues/3604)
642 686
  687 +### Potential Breakage
  688 +
  689 +Includes a fix to the classes `Zend\Filter\Encrypt`
  690 +and `Zend\Filter\Decrypt` which may pose a small break for end-users. Each
  691 +requires an encryption key be passed to either the constructor or the
  692 +setKey() method now; this was done to improve the security of each
  693 +class.
  694 +
643 695 ## 2.0.6 (19 Dec 2012):
644 696
645 697 - 2885: Zend\Db\TableGateway\AbstractTableGateway won't work with Sqlsrv

0 comments on commit 2b1792a

Please sign in to comment.
Something went wrong with that request. Please try again.