Download CodeIgniter 2.1.0

CodeIgniter is a PHP framework for developing web applications. The program is published under a own license, which bears many similarities to the Apache and BSD licenses. For more information, please refer to the instructions. The developers have released version 2.1.0 and provided it with the following announcement:

Version 2.1.0

General Changes:

• Fixed a potential parameter injection flaw in the Security Library and strengthened the XSS filter for HTML5 vulnerabilites.
• Callback validation rules can now accept parameters like any other validation rule.
• Added html_escape() to the Common functions to escape HTML output for preventing XSS easliy.

Helpers:

• Added increment_string() to String Helper to turn “foo” into “foo-1” or “foo-1” into “foo-2”.
• Altered form helper – made action on form_open_multipart helper function call optional. Fixes (#65)
• url_title() will now trim extra dashes from beginning and end.
• Improved speed of String Helper’s random_string() method

Database:

• Added a CUBRID driver to the Database driver. Thanks to the CUBRID team for supplying this patch.
• Added a PDO driver to the Database driver.
• Typecast limit and offset in the Database driver to integers to avoid possible injection.
• Added additional option ‘none’ for the optional third argument for $this->db->like() in the Database driver.
• Added $this->db->insert_batch() support to the OCI8 (Oracle) driver.

libraries:

• Changed $this->cart->insert() in the Cart library to return the Row ID if a single item was inserted successfully.
• Added support to set an optional parameter in your callback rules of validation using the Form Validation library.
• Added a Migration library to assist with applying incremental updates to your database schema.
• Driver children can be located in any package path.
• Added is_unique to the Form Validation library.
• Added $config[‘use_page_numbers’] to the Pagination library, which enables real page numbers in the URI.
• Added TLS and SSL Encryption for SMTP.

core:

• Changed private functions in URI library to protected so MY_URI can override them.
• Removed CI_CORE boolean constant from CodeIgniter.php (there are no longer different Reactor and Core versions).

Bug fixes for 2.1.0:

• Fixed #378 Robots identified as regular browsers by the User Agent class.
• If a config class was loaded first then a library with the same name is loaded, the config would be ignored.
• Fixed a bug (Reactor #19) where 1) the 404_override route was being ignored in some cases, and 2) auto-loaded libraries were not available to the 404_override controller when a controller existed but the requested method did not.
• Fixed a bug (Reactor #89) where MySQL export would fail if the table had hyphens or other non alphanumeric/underscore characters.
• Fixed a bug (#200) where MySQL queries would be malformed after calling $this->db->count_all() then $this->db->get()
• Fixed bug #105 that stopped query errors from being logged unless database debugging was enabled
• Fixed a bug (#160) – Removed unneeded array copy in the file cache driver.
• Fixed a bug (#150) – field_data() now correctly returns column length.
• Fixed a bug (#8) – load_class() now looks for core classes in APPPATH first, allowing them to be replaced.
• Fixed a bug (#24) – ODBC database driver called incorrect parent in __construct().
• Fixed a bug (#85) – OCI8 (Oracle) database escape_str() function did not escape correctly.
• Fixed a bug (#344) – Using schema found in Saving Session Data to a Database, system would throw error “user_data does not have a default value” when deleting then creating a session.
• Fixed a bug (#112) – OCI8 (Oracle) driver didn’t pass the configured database character set when connecting.
• Fixed a bug (#182) – OCI8 (Oracle) driver used to re-execute the statement whenever num_rows() is called.
• Fixed a bug (#82) – WHERE clause field names in the DB update_string() method were not escaped, resulting in failed queries in some cases.
• Fixed a bug (#89) – Fix a variable type mismatch in DB display_error() where an array is expected, but a string could be set instead.
• Fixed a bug (#467) – Suppress warnings generated from get_magic_quotes_gpc() (deprecated in PHP 5.4)
• Fixed a bug (#484) – First time _csrf_set_hash() is called, hash is never set to the cookie (in Security.php).
• Fixed a bug (#60) – Added _file_mime_type() method to the File Uploading Library in order to fix a possible MIME-type injection (also fixes bug #394).
• Fixed a bug (#537) – Support for all wav type in browser.
• Fixed a bug (#576) – Using ini_get() function to detect if apc is enabled or not.
• Fixed invalid date time format in Date helper and XMLRPC library.