mirror of
https://github.com/24eme/signaturepdf.git
synced 2023-08-25 09:33:08 +02:00
53 KiB
53 KiB
CHANGELOG
3.7.3
- NEW: added auto_increment detection, bcosca/fatfree#1192, bcosca/fatfree#1093, bcosca/fatfree#1175, #290
- added SMTP dialog error handling, #317
- Fix: Check active transaction before rollback/commit (PHP8 issue)
- refactored increment/decrement operator to preceed variables
- added error output in CLI mode, bcosca/fatfree#1185
- Set PORT to 80 when SERVER_PORT is an empty string
- Fix: unescape dbname when extracting from dsn, #316
- Fix: handling of PDO prepare() errors
- Fix: edge case in DB\SQL->schema(): PK not detected in PgSQL when the column is also a FK bcosca/fatfree#1207
- Fix: Escape literal hyphens in regex character classes, bcosca/fatfree#1206
- Fix: error highlighting
- Fix: pagination with order by on virtual fields
- Fixed a couple PHPDOC issues
3.7.2 (28 May 2020)
- CHANGED, View->sandbox: disable escaping when rendering as text/plain, bcosca/fatfree#654
- update HTTP protocol checks, bcosca/fatfree#1190
- Base->clear: close vulnerability on variable compilation, bcosca/fatfree#1191
- DB\SQL\Mapper: fix empty ID after insert, bcosca/fatfree#1175
- DB\SQL\Mapper: fix using correct key variable for grouped sql pagination sets
- Fix return type of 'count' in Cursor->paginate(), bcosca/fatfree#1187
- Bug fix, Web->minify: fix minification of ES6 template literals, bcosca/fatfree#1178
- Bug fix, config: refactoring custom section parser regex, bcosca/fatfree#1149
- Bug fix: token resolve on non-alias reroute paths, ref. 221f0c9
- Websocket: Improved event handler usage
- optimized internal get calls
- only use cached lexicon when a $ttl was given
- only use money_format up until php7.4, bcosca/fatfree#1174
3.7.1 (30. December 2019)
- Base->build: Add support for brace-enclosed route tokens
- Base->reroute, fix duplicate fragment issue on non-alias routes
- DB\SQL\Mapper: fix empty check for pkey when reloading after insert
- Web->minify: fix minification with multiple files, bcosca/fatfree#1152, #bcosca/fatfree#1169
3.7.0 (26. November 2019)
- NEW: Matrix, added select and walk methods for array processing and validation tools
- NEW: Added configurable file locking via LOCK var
- NEW: json support for dictionary files
- NEW: $die parameter on ONREROUTE hook
- NEW: Added SameSite cookie support for php7.3+ (JAR.samesite), bcosca/fatfree#1165
- NEW, DB\SQL\Mapper: added updateAll method to batch-update multiple records at once
- CHANGED, DB\SQL\Mapper: Throw error on update/erase if the table has no primary key, #285
- Cache, Redis: Added ability to set a Redis password, #287
- DB\SQL\Session: make datatype of data column configurable, bcosca/fatfree#1130
- DB\SQL\Mapper: only add adhoc fields in count queries that are used for grouping
- DB\SQL\Mapper: fixed inserting an already loaded record again (duplicating), bcosca/fatfree#1093
- Magic (Mappers): fix isset check on existing properties
- SMTP: added support for Bounce mail recipient ("Sender" header)
- OAuth2: make query string encode type configurable, #268 #269
- Web: Added more cyrillic letters to diacritics, bcosca/fatfree#1158
- Web: Fixed url string falsely detected as comment section 9ac8e615
- Web: added file inspection for mime-type detection, #270, bcosca/fatfree#1138
- WS: Fixed processing all queued data frames inside the buffer, #277
- WS: Allow packet size override
- Markdown: Support mixed
strong
anditalic
elements, #276 - Markdown: Keep spaces around
=
sign in ini code blocks - Added route alias key name validation, #243
- Added fragment argument to alias method, #282
- Allow adding fragment to reroute, #1156
- Added additional HTTP status codes, #283
- Added X-Forwarded-For IP to log entries, bcosca/fatfree#1042
- Bug fix: broken custom date/time formatting, bcosca/fatfree#1147
- Bug fix: duplicate UI path rendering edge-case in Views and minify, bcosca/fatfree#1152
- Bug fix: unicode chars in custom config section keys, bcosca/fatfree#1149
- Bug fix: ensure valid reroute path in location header, bcosca/fatfree#1140
- Bug fix: use dictionary path for lexicon caching-hash
- Bug fix, php7.3: number format ternary, bcosca/fatfree#1142
- fix PHPdoc and variable inspection, bcosca/fatfree#865, bcosca/fatfree#1128
3.6.5 (24 December 2018)
- NEW: Log, added timestamp to each line
- NEW: Auth, added support for custom compare method, #116
- NEW: cache tag support for mongo & jig mapper, ref #166
- NEW: Allow PHP functions as template token filters
- Web: Fix double redirect bug when running cURL with open_basedir disabled
- Web: Cope with responses from HTTP/2 servers
- Web->filler: remove very first space, when $std is false
- Web\OAuth2: Cope with HTTP/2 responses
- Web\OAuth2: take Content-Type header into account for json decoding, #250 #251
- Web\OAuth2: fixed empty results on some endpoints #250
- DB\SQL\Mapper: optimize mapper->count memory usage
- DB\SQL\Mapper: New table alias operator
- DB\SQL\Mapper: fix count() performance on non-grouped result sets, bcosca/fatfree#1114
- DB\SQL: Support for CTE in postgreSQL, bcosca/fatfree#1107, bcosca/fatfree#1116, bcosca/fatfree#1021
- DB\SQL->log: Remove extraneous whitespace
- DB\SQL: Added ability to add inline comments per SQL query
- CLI\WS, Refactoring: Streamline socket server
- CLI\WS: Add option for dropping query in OAuth2 URI
- CLI\WS: Add URL-safe base64 encoding
- CLI\WS: Detect errors in returned JSON values
- CLI\WS: Added support for Sec-WebSocket-Protocol header
- Matrix->calendar: Allow unix timestamp as date argument
- Basket: Access basket item by _id #260
- SMTP: Added TLS 1.2 support bcosca/fatfree#1115
- SMTP->send: Respect $log argument
- Base->cast: recognize binary and octal numbers in config
- Base->cast: add awareness of hexadecimal literals
- Base->abort: Remove unnecessary Content-Encoding header
- Base->abort: Ensure headers have not been flushed
- Base->format: Differentiate between long- and full-date (with localized weekday) formats
- Base->format: Conform with intl extension's number output
- Enable route handler to override Access-Control headers in response to OPTIONS request, #257
- Augment filters with a var_export function
- Bug fix php7.3: Fix template parse regex to be compatible with strict PCRE2 rules for hyphen placement in a character class
- Bug fix, Cache->set: update creation time when updating existing cache entries
- Bug fix: incorrect ICU date/time formatting
- Bug fix, Jig: lazy write on empty data
- Bug fix: Method uppercase to avoid route failure #252
- Fixed error description when (PSR-11)
CONTAINER
fails to resolve a class #253 - Mitigate CSRF predictability/vulnerability
- Expose Mapper->factory() method
3.6.4 (19 April 2018)
- NEW: Added Dependency Injection support with CONTAINER variable #221
- NEW: configurable LOGGABLE error codes #1091
- NEW: JAR.lifetime option, #178
- Template: reduced Prefab calls
- Template: optimized reflection for better derivative support, bcosca/fatfree#1088
- Template: optimized parsing for template attributes and tokens
- DB\Mongo: fixed logging with mongodb extention
- DB\Jig: added lazy-loading #7e1cd9b9b89
- DB\Jig\Mapper: Added group feature, bcosca/fatfree#616
- DB\SQL\Mapper: fix PostgreSQL RETURNING ID when no pkey is available, bcosca/fatfree#1069, #230
- DB\SQL\Mapper: disable order clause auto-quoting when it's already been quoted
- Web->location: add failsafe for geoip_region_name_by_code() #GB:Bxyn9xn9AgAJ
- Web->request: Added proxy support #e936361b
- Web->mime: Added JFIF format
- Markdown: handle line breaks in paragraph blocks, bcosca/fatfree#1100
- config: reduced cast calls on parsing config sections
- Patch empty SERVER_NAME bcosca/fatfree#1084
- Bugfix: unreliable request headers in Web->request() response bcosca/fatfree#1092
- Fixed, View->render: utilizing multiple UI paths, bcosca/fatfree#1083
- Fixed URL parsing with PHP 5.4 #247
- Fixed PHP 7.2 warnings when session is active prematurely, #238
- Fixed setcookie $expire variable type #240
- Fixed expiration time when updating an existing cookie
3.6.3 (31 December 2017)
- PHP7 fix: remove deprecated (unset) cast
- Web->request: restricted follow_location to 3XX responses only
- CLI mode: refactored arguments parsing
- CLI mode: fixed query string encoding
- SMTP: Refactor parsing of attachments
- SMTP: clean-up mail headers for multipart messages, #1065
- config: fixed performance issues on parsing config files
- config: cast command parameters in config entries to php type & constant, #1030
- config: reduced registry calls
- config: skip hive escaping when resolving dynamic config vars, #1030
- Bug fix: Incorrect cookie lifetime computation, #1070, #1016
- DB\SQL\Mapper: use RETURNING option instead of a sequence query to get lastInsertId in PostgreSQL, #1069, #230
- DB\SQL\Session: check if _agent is too long for SQL based sessions #236
- DB\SQL\Session: fix Session handler table creation issue on SQL Server, #899
- DB\SQL: fix oracle db issue with empty error variable, #1072
- DB\SQL\Mapper: fix sorting issues on SQL Server, #1052 #225
- Prevent directory traversal attacks on filesystem based cache #1073
- Bug fix, Template: PHP constants used in include with attribute, #983
- Bug fix, Template: Numeric value in expression alters PHP_EOL context
- Template: use existing linefeed instead of PHP_EOL, #1048
- Template: make newline interpolation handling configurable #223
- Template: add beforerender to Preview
- fix custom FORMATS without modifiers
- Cache: Refactor Cache->reset for XCache
- Cache: loosen reset cache key pattern, #1041
- XCache: suffix reset only works if xcache.admin.enable_auth is disabled
- Added HTTP 103 as recently approved by the IETF
- LDAP changes to for AD flexibility #227
- Hide debug trace from ajax errors when DEBUG=0 #1071
- fix View->render using potentially wrong cache entry
3.6.2 (26 June 2017)
- Return a status code > 0 when dying on error #220
- fix SMTP line width #215
- Allow using a custom field for ldap user id checking #217
- NEW: DB\SQL->exists: generic method to check if SQL table exists
- Pass handler to route handler and hooks #1035
- pass carriage return of multiline dictionary keys
- Better Web->slug customization
- fix incorrect header issue #211
- fix schema issue on databases with case-sensitive collation, fixes #209
- Add filter for deriving C-locale equivalent of a number
- Bug fix: @LANGUAGE remains unchanged after override
- abort: added Header pre-check
- Assemble URL after ONREROUTE
- Add reroute argument to skip script termination
- Invoke ONREROUTE after headers are sent
- SQLite switch to backtick as quote
- Bug fix: Incorrect timing in SQL query logs
- DB\SQL\Mapper: Cast return value of count to integer
- Patched $_SERVER['REQUEST_URI'] to ensure it contains a relative URI
- Tweak debug verbosity
- fix php carriage return issue in preview->build #205
- fixed template string resolution #205
- Fixed unexpected default seed on CACHE set #1028
- DB\SQL\Mapper: Optimized field escaping on options
- Optimize template conversion to PHP file
3.6.1 (2 April 2017)
- NEW: Recaptcha plugin #194
- NEW: MB variable for detecting multibyte support
- NEW: DB\SQL: Cache parsed schema for the TTL duration
- NEW: quick erase flag on Jig/Mongo/SQL mappers #193
- NEW: Allow OPTIONS method to return a response body #171
- NEW: Add support for Memcached (bcosca/fatfree#997)
- NEW: Rudimentary preload resource (HTTP2 server) support via template push()
- NEW: Add support for new MongoDB driver #177
- Changed: template filter are all lowercase now
- Changed: Fix template lookup inconsistency: removed base dir from UI on render
- Changed: count() method now has an options argument #192
- Changed: SMTP, Spit out error message if any
- \DB\SQL\Mapper: refactored row count strategy
- DB\SQL\Mapper: Allow non-scalar values to be assigned as mapper property
- DB\SQL::PARAM_FLOAT: remove cast to float (#106 and bcosca/fatfree#984) (#191)
- DB\SQL\mapper->erase: allow empty string
- DB\SQL\mapper->insert: fields reset after successful INSERT
- Add option to debounce Cursor->paginate subset #195
- View: Don't delete sandboxed variables (#198)
- Preview: Optimize compilation of template expressions
- Preview: Use shorthand tag for direct rendering
- Preview->resolve(): new tweak to allow template persistence as option
- Web: Expose diacritics translation table
- SMTP: Enable logging of message body only when $log argument is 'verbose'
- SMTP: Convert headers to camelcase for consistency
- make cache seed more flexible, #164
- Improve trace details for DEBUG>2
- Enable config() to read from an array of input files
- Improved alias and reroute regex
- Make camelCase and snakeCase Unicode-aware
- format: Provision for optional whitespaces
- Break APCu-BC dependence
- Old PHP 5.3 cleanup
- Debug log must include HTTP query
- Recognize X-Forwarded-Port header (bcosca/fatfree#1002)
- Avoid use of deprecated mcrypt module
- Return only the client's IP when using the
X-Forwarded-For
header to deduce an IP address - Remove orphan mutex locks on termination (#157)
- Use 80 as default port number to avoid issues when
$_SERVER['SERVER_PORT']
is not existing - fread replaced with readfile() for simple send() usecase
- Bug fix: request URI with multiple leading slashes, #203
- Bug fix: Query generates wrong adhoc field value
- Bug fix: SMTP stream context issue #200
- Bug fix: child pseudo class selector in minify, bcosca/fatfree#1008
- Bug fix: "Undefined index: CLI" error (#197)
- Bug fix: cast Cache-Control expire time to int, bcosca/fatfree#1004
- Bug fix: Avoid issuance of multiple Content-Type headers for nested templates
- Bug fix: wildcard token issue with digits (bcosca/fatfree#996)
- Bug fix: afterupdate ignored when row does not change
- Bug fix: session handler read() method for PHP7 (need strict string) #184 #185
- Bug fix: reroute mocking in CLI mode (#183)
- Bug fix: Reroute authoritative relative references (#181)
- Bug fix: locales order and charset hyphen
- Bug fix: base stripped twice in router (#176)
3.6.0 (19 November 2016)
- NEW: [cli] request type
- NEW: console-friendly CLI mode
- NEW: lexicon caching
- NEW: Silent operator skips startup error check (#125)
- NEW: DB\SQL->trans()
- NEW: custom config section parser, i.e. [conf > Foo::bar]
- NEW: support for cache tags in SQL
- NEW: custom FORMATS
- NEW: Mongo mapper fields whitelist
- NEW: WebSocket server
- NEW: Base->extend method (#158)
- NEW: Implement framework variable caching via config, i.e. FOO = "bar" | 3600
- NEW: Lightweight OAuth2 client
- NEW: SEED variable, configurable app-specific hashing prefix (#149, bcosca/fatfree#951, bcosca/fatfree#884, bcosca/fatfree#629)
- NEW: CLI variable
- NEW: Web->send, specify custom filename (#124)
- NEW: Web->send, added flushing flag (#131)
- NEW: Indexed route wildcards, now exposed in PARAMS['*']
- Changed: PHP 5.4 is now the minimum version requirement
- Changed: Prevent database wrappers from being cloned
- Changed: Router works on PATH instead of URI (#126) NB: PARAMS.0 no longer contains the query string
- Changed: Removed ALIASES autobuilding (#118)
- Changed: Route wildcards match empty strings (#119)
- Changed: Disable default debug highlighting, HIGHLIGHT is false now
- General PHP 5.4 optimizations
- Optimized config parsing
- Optimized Base->recursive
- Optimized header extraction
- Optimized cache/expire headers
- Optimized session_start behaviour (bcosca/fatfree#673)
- Optimized reroute regex
- Tweaked cookie removal
- Better route precedence order
- Performance tweak: reduced cache calls
- Refactored lexicon (LOCALES) build-up, much faster now
- Added turkish locale bug workaround
- Geo->tzinfo Update to UTC
- Added Xcache reset (bcosca/fatfree#928)
- Redis cache: allow db name in dsn
- SMTP: Improve server emulation responses
- SMTP: Optimize transmission envelope
- SMTP: Implement mock transmission
- SMTP: Various bug fixes and feature improvements
- SMTP: quit on failed authentication
- Geo->weather: force metric units
- Base->until: Implement CLI interoperability
- Base->format: looser plural syntax
- Base->format: Force decimal as default number format
- Base->merge: Added $keep flag to save result to the hive key
- Base->reroute: Allow array as URL argument for aliasing
- Base->alias: Allow query string (or array) to be appended to alias
- Permit reroute to named routes with URL query segment
- Sync COOKIE global on set()
- Permit non-hive variables to use JS dot notation
- RFC2616: Use absolute URIs for Location header
- Matrix->calendar: Check if calendar extension is loaded
- Markdown: require start of line/whitespace for text processing (#136)
- DB[SQL|Jig|Mongo]->log(FALSE) disables logging
- DB\SQL->exec: Added timestamp toggle to db log
- DB\SQL->schema: Remove unnecessary line terminators
- DB\SQL\Mapper: allow array filter with empty string
- DB\SQL\Mapper: optimized handling for key-less tables
- DB\SQL\Mapper: added float support (#106)
- DB\SQL\Session: increased default column sizes (#148, bcosca/fatfree#931, bcosca/fatfree#950)
- Web: Catch cURL errors
- Optimize Web->receive (bcosca/fatfree#930)
- Web->minify: fix arbitrary file download vulnerability
- Web->request: fix cache control max-age detection (bcosca/fatfree#908)
- Web->request: Add request headers & error message to return value (bcosca/fatfree#737)
- Web->request: Refactored response to HTTP request
- Web->send flush while sending big files
- Image->rgb: allow hex strings
- Image->captcha: Check if GD module supports TrueType
- Image->load: Return FALSE on load failure
- Image->resize: keep aspect ratio when only width or height was given
- Updated OpenID lib (bcosca/fatfree#965)
- Audit->card: add new mastercard "2" BIN range (bcosca/fatfree#954)
- Deprecated: Bcrypt class
- Preview->render: optimized detection to remove short open PHP tags and allow xml tags (#133)
- Display file and line number in exception handler (bcosca/fatfree#967)
- Added error reporting level to Base->error and ERROR.level (bcosca/fatfree#957)
- Added optional custom cache instance to Session (#141)
- CLI-aware mock()
- XFRAME and PACKAGE can be switched off now (#128)
- Bug fix: wrong time calculation on memcache reset (#170)
- Bug fix: encode CLI parameters
- Bug fix: Close connection on abort explicitly (#162)
- Bug fix: Image->identicon, Avoid double-size sprite rotation (and possible segfault)
- Bug fix: Image->render and Image->dump, removed unnecessary 2nd argument (#146)
- Bug fix: Magic->offsetset, access property as array element (#147)
- Bug fix: multi-line custom template tag parsing (bcosca/fatfree#935)
- Bug fix: cache headers on errors (bcosca/fatfree#885)
- Bug fix: Web, deprecated CURLOPT_SSL_VERIFYHOST in curl
- Bug fix: Web, Invalid user error constant (bcosca/fatfree#962)
- Bug fix: Web->request, redirections for domain-less location (#135)
- Bug fix: DB\SQL\Mapper, reset changed flag after update (#142, #152)
- Bug fix: DB\SQL\Mapper, fix changed flag when using assignment operator #143 #150 #151
- Bug fix: DB\SQL\Mapper, revival of the HAVING clause
- Bug fix: DB\SQL\Mapper, pgsql with non-integer primary keys (bcosca/fatfree#916)
- Bug fix: DB\SQL\Session, quote table name (bcosca/fatfree#977)
- Bug fix: snakeCase returns word starting with underscore (bcosca/fatfree#927)
- Bug fix: mock does not populate PATH variable
- Bug fix: Geo->weather API key (#129)
- Bug fix: Incorrect compilation of array element with zero index
- Bug fix: Compilation of array construct is incorrect
- Bug fix: Trailing slash redirection on UTF-8 paths (#121)
3.5.1 (31 December 2015)
- NEW: ttl attribute in template tag
- NEW: allow anonymous function for template filter
- NEW: format modifier for international and custom currency symbol
- NEW: Image->data() returns image resource
- NEW: extract() get prefixed array keys from an assoc array
- NEW: Optimized and faster Template parser with full support for HTML5 empty tags
- NEW: Added support for {@token} encapsulation syntax in routes definition
- NEW: DB\SQL->exec(), automatically shift to 1-based query arguments
- NEW: abort() flush output
- Added referenced value to devoid()
- Template token filters are now resolved within Preview->token()
- Web->_curl: restrict redirections to HTTP
- Web->minify(), skip importing of external files
- Improved session and error handling in until()
- Get the error trace array with the new $format parameter
- Better support for unicode URLs
- Optimized TZ detection with date_default_timezone_get()
- format() Provide default decimal places
- Optimize code: remove redundant TTL checks
- Optimized timeout handling in Web->request()
- Improved PHPDoc hints
- Added missing russian DIACRITICS letters
- DB\Cursor: allow child implementation of reset()
- DB\Cursor: Copyfrom now does an internal call to set()
- DB\SQL: Provide the ability to disable SQL logging
- DB\SQL: improved query analysis to trigger fetchAll
- DB\SQL\Mapper: added support for binary table columns
- SQL,JIG,MONGO,CACHE Session handlers refactored and optimized
- SMTP Refactoring and optimization
- Bug fix: SMTP, Align quoted_printable_encode() with SMTP specs (dot-stuffing)
- Bug fix: SMTP, Send buffered optional headers to output
- Bug fix: SMTP, Content-Transfer-Encoding for non-TLS connections
- Bug fix: SMTP, Single attachment error
- Bug fix: Cursor->load not always mapping to first record
- Bug fix: dry SQL mapper should not trigger 'load'
- Bug fix: Code highlighting on empty text
- Bug fix: Image->resize, round dimensions instead of cast
- Bug fix: whitespace handling in $f3->compile()
- Bug fix: TTL of
View
andPreview
(Template
) - Bug fix: token filter regex
- Bug fix: Template, empty attributes
- Bug fix: Preview->build() greedy regex
- Bug fix: Web->minify() single-line comment on last line
- Bug fix: Web->request(), follow_location with cURL and open_basedir
- Bug fix: Web->send() Single quotes around filename not interpreted correctly by some browsers
3.5.0 (2 June 2015)
- NEW: until() method for long polling
- NEW: abort() to disconnect HTTP client (and continue execution)
- NEW: SQL Mapper->required() returns TRUE if field is not nullable
- NEW: PREMAP variable for allowing prefixes to handlers named after HTTP verbs
- NEW: [configs] section to allow config includes
- NEW: Test->passed() returns TRUE if no test failed
- NEW: SQL mapper changed() function
- NEW: fatfree-core composer support
- NEW: constants() method to expose constants
- NEW: Preview->filter() for configurable token filters
- NEW: CORS variable for Cross-Origin Resource Sharing support, #731
- Change in behavior: Switch to htmlspecialchars for escaping
- Change in behavior: No movement in cursor position after erase(), #797
- Change in behavior: ERROR.trace is a multiline string now
- Change in behavior: Strict token recognition in href attribute
- Router fix: loose method search
- Better route precedence order, #12
- Preserve contents of ROUTES, #723
- Alias: allow array of parameters
- Improvements on reroute method
- Fix for custom Jig session files
- Audit: better mobile detection
- Audit: add argument to test string as browser agent
- DB mappers: abort insert/update/erase from hooks, #684
- DB mappers: Allow array inputs in copyfrom()
- Cache,SQL,Jig,Mongo Session: custom callback for suspect sessions
- Fix for unexpected HIVE values when defining an empty HIVE array
- SQL mapper: check for results from CALL and EXEC queries, #771
- SQL mapper: consider SQL schema prefix, #820
- SQL mapper: write to log before execution to enable tracking of PDOStatement error
- Add SQL Mapper->table() to return table name
- Allow override of the schema in SQL Mapper->schema()
- Improvement: Keep JIG table as reference, #758
- Expand regex to include whitespaces in SQL DB dsn, #817
- View: Removed reserved variables $fw and $implicit
- Add missing newlines after template expansion
- Web->receive: fix for complex field names, #806
- Web: Improvements in socket engine
- Web: customizable user_agent for all engines, #822
- SMTP: Provision for Content-ID in attachments
- Image + minify: allow absolute paths
- Promote framework error to E_USER_ERROR
- Geo->weather switch to OpenWeather
- Expose mask() and grab() methods for routing
- Expose trace() method to expose the debug backtrace
- Implement recursion strategy using IteratorAggregate, #714
- Exempt whitespace between % and succeeding operator from being minified, #773
- Optimized error detection and ONERROR handler, fatfree-core#18
- Tweak error log output
- Optimized If-Modified-Since cache header usage
- Improved APCu compatibility, #724
- Bug fix: Web::send fails on filename with spaces, #810
- Bug fix: overwrite limit in findone()
- Bug fix: locale-specific edge cases affecting SQL schema, #772
- Bug fix: Newline stripping in config()
- Bug fix: bracket delimited identifier for sybase and dblib driver
- Bug fix: Mongo mapper collection->count driver compatibility
- Bug fix: SQL Mapper->set() forces adhoc value if already defined
- Bug fix: Mapper ignores HAVING clause
- Bug fix: Constructor invocation in call()
- Bug fix: Wrong element returned by ajax/sync request
- Bug fix: handling of non-consecutive compound key members
- Bug fix: Virtual fields not retrieved when group option is present, #757
- Bug fix: group option generates incorrect SQL query, #757
- Bug fix: ONERROR does not receive PARAMS on fatal error
3.4.0 (1 January 2015)
- NEW: [redirects] section
- NEW: Custom config sections
- NEW: User-defined AUTOLOAD function
- NEW: ONREROUTE variable
- NEW: Provision for in-memory Jig database (#727)
- Return run() result (#687)
- Pass result of run() to mock() (#687)
- Add port suffix to REALM variable
- New attribute in tag to extend hive
- Adjust unit tests and clean up templates
- Expose header-related methods
- Web->request: allow content array
- Preserve contents of ROUTES (#723)
- Smart detection of PHP functions in template expressions
- Add afterrender() hook to View class
- Implement ArrayAccess and magic properties on hive
- Improvement on mocking of superglobals and request body
- Fix table creation for pgsql handled sessions
- Add QUERY to hive
- Exempt E_NOTICE from default error_reporting()
- Add method to build alias routes from template, fixes #693
- Fix dangerous caching of cookie values
- Fix multiple encoding in nested templates
- Fix node attribute parsing for empty/zero values
- Apply URL encoding on BASE to emulate v2 behavior (#123)
- Improve Base->map performance (#595)
- Add simple backtrace for fatal errors
- Count Cursor->load() results (#581)
- Add form field name to Web->receive() callback arguments
- Fix missing newlines after template expansion
- Fix overwrite of ENCODING variable
- limit & offset workaround for SQL Server, fixes #671
- SQL Mapper->find: GROUP BY SQL compliant statement
- Bug fix: Missing abstract method fields()
- Bug fix: Auto escaping does not work with mapper objects (#710)
- Bug fix: 'with' attribute in tag raise error when no token inside
- View rendering: optional Content-Type header
- Bug fix: Undefined variable: cache (#705)
- Bug fix: Routing does not work if project base path includes valid special URI character (#704)
- Bug fix: Template hash collision (#702)
- Bug fix: Property visibility is incorrect (#697)
- Bug fix: Missing Allow header on HTTP 405 response
- Bug fix: Double quotes in lexicon files (#681)
- Bug fix: Space should not be mandatory in ICU pluralization format string
- Bug fix: Incorrect log entry when SQL query contains a question mark
- Bug fix: Error stack trace
- Bug fix: Cookie expiration (#665)
- Bug fix: OR operator (||) parsed incorrectly
- Bug fix: Routing treatment of * wildcard character
- Bug fix: Mapper copyfrom() method doesn't allow class/object callbacks (#590)
- Bug fix: exists() creates elements/properties (#591)
- Bug fix: Wildcard in routing pattern consumes entire query string (#592)
- Bug fix: Workaround bug in latest MongoDB driver
- Bug fix: Default error handler silently fails for AJAX request with DEBUG>0 (#599)
- Bug fix: Mocked BODY overwritten (#601)
- Bug fix: Undefined pkey (#607)
3.3.0 (8 August 2014)
- NEW: Attribute in tag to extend hive
- NEW: Image overlay with transparency and alignment control
- NEW: Allow redirection of specified route patterns to a URL
- Bug fix: Missing AND operator in SQL Server schema query (Issue #576)
- Count Cursor->load() results (Feature request #581)
- Mapper copyfrom() method doesn't allow class/object callbacks (Issue #590)
- Bug fix: exists() creates elements/properties (Issue #591)
- Bug fix: Wildcard in routing pattern consumes entire query string (Issue #592)
- Tweak Base->map performance (Issue #595)
- Bug fix: Default error handler silently fails for AJAX request with DEBUG>0 (Issue #599)
- Bug fix: Mocked BODY overwritten (Issue #601)
- Bug fix: Undefined pkey (Issue #607)
- Bug fix: beforeupdate() position (Issue #633)
- Bug fix: exists() return value for cached keys
- Bug fix: Missing error code in UNLOAD handler
- Bug fix: OR operator (||) parsed incorrectly
- Add input name parameter to custom slug function
- Apply URL encoding on BASE to emulate v2 behavior (Issue #123)
- Reduce mapper update() iterations
- Bug fix: Routing treatment of * wildcard character
- SQL Mapper->find: GROUP BY SQL compliant statement
- Work around bug in latest MongoDB driver
- Work around probable race condition and optimize cache access
- View rendering: Optional Content-Type header
- Fix missing newlines after template expansion
- Add form field name to Web->receive() callback arguments
- Quick reference: add RAW variable
3.2.2 (19 March 2014)
- NEW: Locales set automatically (Feature request #522)
- NEW: Mapper dbtype()
- NEW: before- and after- triggers for all mappers
- NEW: Decode HTML5 entities if PHP>5.3 detected (Feature request #552)
- NEW: Send credentials only if AUTH is present in the SMTP extension response (Feature request #545)
- NEW: BITMASK variable to allow ENT_COMPAT override
- NEW: Redis support for caching
- Enable SMTP feature detection
- Enable extended ICU custom date format (Feature request #555)
- Enable custom time ICU format
- Add option to turn off session table creation (Feature request #557)
- Enhanced template token rendering and custom filters (Feature request #550)
- Avert multiple loads in DB-managed sessions (Feature request #558)
- Add EXEC to associative fetch
- Bug fix: Building template tokens breaks on inline OR condition (Issue #573)
- Bug fix: SMTP->send does not use the $log parameter (Issue #571)
- Bug fix: Allow setting sqlsrv primary keys on insert (Issue #570)
- Bug fix: Generated query for obtaining table schema in sqlsrv incorrect (Bug #565)
- Bug fix: SQL mapper flag set even when value has not changed (Bug #562)
- Bug fix: Add XFRAME config option (Feature request #546)
- Bug fix: Incorrect parsing of comments (Issue #541)
- Bug fix: Multiple Set-Cookie headers (Issue #533)
- Bug fix: Mapper is dry after save()
- Bug fix: Prevent infinite loop when error handler is triggered (Issue #361)
- Bug fix: Mapper tweaks not passing primary keys as arguments
- Bug fix: Zero indexes in dot-notated arrays fail to compile
- Bug fix: Prevent GROUP clause double-escaping
- Bug fix: Regression of zlib compression bug
- Bug fix: Method copyto() does not include ad hoc fields
- Check existence of OpenID mode (Issue #529)
- Generate a 404 when a tokenized class doesn't exist
- Fix SQLite quotes (Issue #521)
- Bug fix: BASE is incorrect on Windows
3.2.1 (7 January 2014)
- NEW: EMOJI variable, UTF->translate(), UTF->emojify(), and UTF->strrev()
- Allow empty strings in config()
- Add support for turning off php://input buffering via RAW (FALSE by default)
- Add Cursor->load() and Cursor->find() TTL support
- Support Web->receive() large file downloads via PUT
- ONERROR safety check
- Fix session CSRF cookie detection
- Framework object now passed to route handler contructors
- Allow override of DIACRITICS
- Various code optimizations
- Support log disabling (Issue #483)
- Implicit mapper load() on authentication
- Declare abstract methods for Cursor derivatives
- Support single-quoted HTML/XML attributes (Feature request #503)
- Relax property visibility of mappers and derivatives
- Deprecated: {{~ ~}} instructions and {{* }} comments; Use {~ ~} and { *} instead
- Minor fix: Audit->ipv4() return value
- Bug fix: Backslashes in BASE not converted on Windows
- Bug fix: UTF->substr() with negative offset and specified length
- Bug fix: Replace named URL tokens on render()
- Bug fix: BASE is not empty when run from document root
- Bug fix: stringify() recursion
3.2.0 (18 December 2013)
- NEW: Automatic CSRF protection (with IP and User-Agent checks) for sessions mapped to SQL-, Jig-, Mongo- and Cache-based backends
- NEW: Named routes
- NEW: PATH variable; returns the URL relative to BASE
- NEW: Image->captcha() color parameters
- NEW: Ability to access MongoCuror thru the cursor() method
- NEW: Mapper->fields() method returns array of field names
- NEW: Mapper onload(), oninsert(), onupdate(), and onerase() event listeners/triggers
- NEW: Preview class (a lightweight template engine)
- NEW: rel() method derives path from URL relative to BASE; useful for rerouting
- NEW: PREFIX variable for prepending a string to a dictionary term; Enable support for prefixed dictionary arrays and .ini files (Feature request #440)
- NEW: Google static map plugin
- NEW: devoid() method
- Introduce clean(); similar to scrub(), except that arg is passed by value
- Use $ttl for cookie expiration (Issue #457)
- Fix needs_rehash() cost comparison
- Add pass-by-reference argument to exists() so if method returns TRUE, a subsequent get() is unnecessary
- Improve MySQL support
- Move esc(), raw(), and dupe() to View class where they more appropriately belong
- Allow user-defined fields in SQL mapper constructor (Feature request #450)
- Re-implement the pre-3.0 template resolve() feature
- Remove redundant instances of session_commit()
- Add support for input filtering in Mapper->copyfrom()
- Prevent intrusive behavior of Mapper->copyfrom()
- Support multiple SQL primary keys
- Support custom tag attributes/inline tokens defined at runtime (Feature request #438)
- Broader support for HTTP basic auth
- Prohibit Jig _id clear()
- Add support for detailed stringify() output
- Add base directory to UI path as fallback
- Support Test->expect() chaining
- Support __tostring() in stringify()
- Trigger error on invalid CAPTCHA length (Issue #458)
- Bug fix: exists() pass-by-reference argument returns incorrect value
- Bug fix: DB Exec does not return affected row if query contains a sub-SELECT (Issue #437)
- Improve seed generator and add code for detecting of acceptable limits in Image->captcha() (Feature request #460)
- Add decimal format ICU extension
- Bug fix: 404-reported URI contains HTTP query
- Bug fix: Data type detection in DB->schema()
- Bug fix: TZ initialization
- Bug fix: paginate() passes incorrect argument to count()
- Bug fix: Incorrect query when reloading after insert()
- Bug fix: SQL preg_match error in pdo_type matching (Issue #447)
- Bug fix: Missing merge() function (Issue #444)
- Bug fix: BASE misdefined in command line mode
- Bug fix: Stringifying hive may run infinite (Issue #436)
- Bug fix: Incomplete stringify() when DEBUG<3 (Issue #432)
- Bug fix: Redirection of basic auth (Issue #430)
- Bug fix: Filter only PHP code (including short tags) in templates
- Bug fix: Markdown paragraph parser does not convert PHP code blocks properly
- Bug fix: identicon() colors on same keys are randomized
- Bug fix: quotekey() fails on aliased keys
- Bug fix: Missing _id in Jig->find() return value
- Bug fix: LANGUAGE/LOCALES handling
- Bug fix: Loose comparison in stringify()
3.1.2 (5 November 2013)
- Abandon .chm help format; Package API documentation in plain HTML; (Launch lib/api/index.html in your browser)
- Deprecate BAIL in favor of HALT (default: TRUE)
- Revert to 3.1.0 autoload behavior; Add support for lowercase folder names
- Allow Spring-style HTTP method overrides
- Add support for SQL Server-based sessions
- Capture full X-Forwarded-For header
- Add protection against malicious scripts; Extra check if file was really uploaded
- Pass-thru page limit in return value of Cursor->paginate()
- Optimize code: Implement single-pass escaping
- Short circuit Jig->find() if source file is empty
- Bug fix: PHP globals passed by reference in hive() result (Issue #424)
- Bug fix: ZIP mime type incorrect behavior
- Bug fix: Jig->erase() filter malfunction
- Bug fix: Mongo->select() group
- Bug fix: Unknown bcrypt constant
3.1.1 (13 October 2013)
- NEW: Support OpenID attribute exchange
- NEW: BAIL variable enables/disables continuance of execution on non-fatal errors
- Deprecate BAIL in favor of HALT (default: FALSE)
- Add support for Oracle
- Mark cached queries in log (Feature Request #405)
- Implement Bcrypt->needs_reshash()
- Add entropy to SQL cache hash; Add uuid() method to DB backends
- Find real document root; Simplify debug paths
- Permit OpenID required fields to be declared as comma-separated string or array
- Pass modified filename as argument to user-defined function in Web->receive()
- Quote keys in optional SQL clauses (Issue #408)
- Allow UNLOAD to override fatal error detection (Issue #404)
- Mutex operator precedence error (Issue #406)
- Bug fix: exists() malfunction (Issue #401)
- Bug fix: Jig mapper triggers error when loading from CACHE (Issue #403)
- Bug fix: Array index check
- Bug fix: OpenID verified() return value
- Bug fix: Basket->find() should return a set of results (Issue #407); Also implemented findone() for consistency with mappers
- Bug fix: PostgreSQL last insert ID (Issue #410)
- Bug fix: $port component URL overwritten by _socket()
- Bug fix: Calculation of elapsed time
3.1.0 (20 August 2013)
- NEW: Web->filler() returns a chunk of text from the standard Lorem Ipsum passage
- Change in behavior: Drop support for JSON serialization
- SQL->exec() now returns value of RETURNING clause
- Add support for $ttl argument in count() (Issue #393)
- Allow UI to be overridden by custom $path
- Return result of PDO primitives: begintransaction(), rollback(), and commit()
- Full support for PHP 5.5
- Flush buffers only when DEBUG=0
- Support class->method, class::method, and lambda functions as Web->basic() arguments
- Commit session on Basket->save()
- Optional enlargement in Image->resize()
- Support authentication on hosts running PHP-CGI
- Change visibility level of Cache properties
- Prevent ONERROR recursion
- Work around Apache pre-2.4 VirtualDocumentRoot bug
- Prioritize cURL in HTTP engine detection
- Bug fix: Minify tricky JS
- Bug fix: desktop() detection
- Bug fix: Double-slash on TEMP-relative path
- Bug fix: Cursor mapping of first() and last() records
- Bug fix: Premature end of Web->receive() on multiple files
- Bug fix: German umlaute to its corresponding grammatically-correct equivalent
3.0.9 (12 June 2013)
- NEW: Web->whois()
- NEW: Template tags
- Improve CACHE consistency
- Case-insensitive MIME type detection
- Support pre-PHP 5.3.4 in Prefab->instance()
- Refactor isdesktop() and ismobile(); Add isbot()
- Add support for Markdown strike-through
- Work around ODBC's lack of quote() support
- Remove useless Prefab destructor
- Support multiple cache instances
- Bug fix: Underscores in OpenId keys mangled
- Refactor format()
- Numerous tweaks
- Bug fix: MongoId object not preserved
- Bug fix: Double-quotes included in lexicon() string (Issue #341)
- Bug fix: UTF-8 formatting mangled on Windows (Issue #342)
- Bug fix: Cache->load() error when CACHE is FALSE (Issue #344)
- Bug fix: send() ternary expression
- Bug fix: Country code constants
3.0.8 (17 May 2013)
- NEW: Bcrypt lightweight hashing library\
- Return total number of records in superset in Cursor->paginate()
- ONERROR short-circuit (Enhancement #334)
- Apply quotes/backticks on DB identifiers
- Allow enabling/disabling of SQL log
- Normalize glob() behavior (Issue #330)
- Bug fix: mbstring 2-byte text truncation (Issue #325)
- Bug fix: Unsupported operand types (Issue #324)
3.0.7 (2 May 2013)
- NEW: route() now allows an array of routing patterns as first argument; support array as first argument of map()
- NEW: entropy() for calculating password strength (NIST 800-63)
- NEW: AGENT variable containing auto-detected HTTP user agent string
- NEW: ismobile() and isdesktop() methods
- NEW: Prefab class and descendants now accept constructor arguments
- Change in behavior: Cache->exists() now returns timestamp and TTL of cache entry or FALSE if not found (Feature request #315)
- Preserve timestamp and TTL when updating cache entry (Feature request #316)
- Improved currency formatting with C99 compliance
- Suppress unnecessary program halt at startup caused by misconfigured server
- Add support for dashes in custom attribute names in templates
- Bug fix: Routing precedene (Issue #313)
- Bug fix: Remove Jig _id element from document property
- Bug fix: Web->rss() error when not enough items in the feed (Issue #299)
- Bug fix: Web engine fallback (Issue #300)
- Bug fix: and formatting
- Bug fix: Text rendering of text with trailing punctuation (Issue #303)
- Bug fix: Incorrect regex in SMTP
3.0.6 (31 Mar 2013)
- NEW: Image->crop()
- Modify documentation blocks for PHPDoc interoperability
- Allow user to control whether Base->rerouet() uses a permanent or temporary redirect
- Allow JAR elements to be set individually
- Refactor DB\SQL\Mapper->insert() to cope with autoincrement fields
- Trigger error when captcha() font is missing
- Remove unnecessary markdown regex recursion
- Check for scalars instead of DB\SQL strings
- Implement more comprehensive diacritics table
- Add option for disabling 401 errors when basic auth() fails
- Add markdown syntax highlighting for Apache configuration
- Markdown->render() deprecated to remove dependency on UI variable; Feature replaced by Markdown->convert() to enable translation from markdown string to HTML
- Optimize factory() code of all data mappers
- Apply backticks on MySQL table names
- Bug fix: Routing failure when directory path contains a tilde (Issue #291)
- Bug fix: Incorrect markdown parsing of strong/em sequences and inline HTML
- Bug fix: Cached page not echoed (Issue #278)
- Bug fix: Object properties not escaped when rendering
- Bug fix: OpenID error response ignored
- Bug fix: memcache_get_extended_stats() timeout
- Bug fix: Base->set() doesn't pass TTL to Cache->set()
- Bug fix: Base->scrub() ignores pass-thru * argument (Issue #274)
3.0.5 (16 Feb 2013)
- NEW: Markdown class with PHP, HTML, and .ini syntax highlighting support
- NEW: Options for caching of select() and find() results
- NEW: Web->acceptable()
- Add send() argument for forcing downloads
- Provide read() option for applying Unix LF as standard line ending
- Bypass lexicon() call if LANGUAGE is undefined
- Load fallback language dictionary if LANGUAGE is undefined
- map() now checks existence of class/methods for non-tokenized URLs
- Improve error reporting of non-existent Template methods
- Address output buffer issues on some servers
- Bug fix: Setting DEBUG to 0 won't suppress the stack trace when the content type is application/json (Issue #257)
- Bug fix: Image dump/render additional arguments shifted
- Bug fix: ob_clean() causes buffer issues with zlib compression
- Bug fix: minify() fails when commenting CSS @ rules (Issue #251)
- Bug fix: Handling of commas inside quoted strings
- Bug fix: Glitch in stringify() handling of closures
- Bug fix: dry() in mappers returns TRUE despite being hydrated by factory() (Issue #265)
- Bug fix: expect() not handling flags correctly
- Bug fix: weather() fails when server is unreachable
3.0.4 (29 Jan 2013)
- NEW: Support for ICU/CLDR pluralization
- NEW: User-defined FALLBACK language
- NEW: minify() now recognizes CSS @import directives
- NEW: UTF->bom() returns byte order mark for UTF-8 encoding
- Expose SQL\Mapper->schema()
- Change in behavior: Send error response as JSON string if AJAX request is detected
- Deprecated: afind*() methods
- Discard output buffer in favor of debug output
- Make _id available to Jig queries
- Magic class now implements ArrayAccess
- Abort execution on startup errors
- Suppress stack trace on DEBUG level 0
- Allow single = as equality operator in Jig query expressions
- Abort OpenID discovery if Web->request() fails
- Mimic PHP RECURSION in stringify()
- Modify Jig parser to allow wildcard-search using preg_match()
- Abort execution after error() execution
- Concatenate cached/uncached minify() iterations; Prevent spillover caching of previous minify() result
- Work around obscure PHP session id regeneration bug
- Revise algorithm for Jig filter involving undefined fields (Issue #230)
- Use checkdnsrr() instead of gethostbyname() in DNSBL check
- Auto-adjust pagination to cursor boundaries
- Add Romanian diacritics
- Bug fix: Root namespace reference and sorting with undefined Jig fields
- Bug fix: Greedy receive() regex
- Bug fix: Default LANGUAGE always 'en'
- Bug fix: minify() hammers cache backend
- Bug fix: Previous values of primary keys not saved during factory() instantiation
- Bug fix: Jig find() fails when search key is not present in all records
- Bug fix: Jig SORT_DESC (Issue #233)
- Bug fix: Error reporting (Issue #225)
- Bug fix: language() return value
3.0.3 (29 Dec 2013)
- NEW: [ajax] and [sync] routing pattern modifiers
- NEW: Basket class (session-based pseudo-mapper, shopping cart, etc.)
- NEW: Test->message() method
- NEW: DB profiling via DB->log()
- NEW: Matrix->calendar()
- NEW: Audit->card() and Audit->mod10() for credit card verification
- NEW: Geo->weather()
- NEW: Base->relay() accepts comma-separated callbacks; but unlike Base->chain(), result of previous callback becomes argument of the next
- Numerous performance tweaks
- Interoperability with new MongoClient class
- Web->request() now recognizes gzip and deflate encoding
- Differences in behavior of Web->request() engines rectified
- mutex() now uses an ID as argument (instead of filename to make it clear that specified file is not the target being locked, but a primitive cross-platform semaphore)
- DB\SQL\Mapper field _id now returned even in the absence of any auto-increment field
- Magic class spinned off as a separate file
- ISO 3166-1 alpha-2 table updated
- Apache redirect emulation for PHP 5.4 CLI server mode
- Framework instance now passed as argument to any user-defined shutdown function
- Cache engine now used as storage for Web->minify() output
- Flag added for enabling/disabling Image class filter history
- Bug fix: Trailing routing token consumes HTTP query
- Bug fix: LANGUAGE spills over to LOCALES setting
- Bug fix: Inconsistent dry() return value
- Bug fix: URL-decoding
3.0.2 (23 Dec 2013)
- NEW: Syntax-highlighted stack traces via Base->highlight(); boolean HIGHLIGHT global variable can be used to enable/disable this feature
- NEW: Template engine tag
- NEW: Image->captcha()
- NEW: DNSBL-based spammer detection (ported from 2.x)
- NEW: paginate(), first(), and last() methods for data mappers
- NEW: X-HTTP-Method-Override header now recognized
- NEW: Base->chain() method for executing callbacks in succession
- NEW: HOST global variable; derived from either $_SERVER['SERVER_NAME'] or gethostname()
- NEW: REALM global variable representing full canonical URI
- NEW: Auth plug-in
- NEW: Pingback plug-in (implements both Pingback 1.0 protocol client and server)
- NEW: DEBUG verbosity can now reach up to level 3; Base->stringify() drills down to object properties at this setting
- NEW: HTTP PATCH method added to recognized HTTP ReST methods
- Web->slug() now trims trailing dashes
- Web->request() now allows relative local URLs as argument
- Use of PARAMS in route handlers now unnecessary; framework now passes two arguments to route handlers: the framework object instance and an array containing the captured values of tokens in route patterns
- Standardized timeout settings among Web->request() backends
- Session IDs regenerated for additional security
- Automatic HTTP 404 responses by Base->call() now restricted to route handlers
- Empty comments in ini-style files now parsed properly
- Use file_get_contents() in methods that don't involve high concurrency
3.0.1 (14 Dec 2013)
- Major rewrite of much of the framework's core features