Skip to content
This repository has been archived by the owner on Dec 31, 2020. It is now read-only.

Latest commit

 

History

History
1569 lines (1527 loc) · 81 KB

CHANGELOG.md

File metadata and controls

1569 lines (1527 loc) · 81 KB

CHANGELOG

2.1.4 (13 Mar 2013):

2.1.3 (21 Feb 2013):

2.1.2 (20 Feb 2013):

2.1.1 (06 Feb 2013):

2.1.0 (29 Jan 2013):

Potential Breakage

Includes a fix to the classes Zend\Filter\Encrypt and Zend\Filter\Decrypt which may pose a small break for end-users. Each requires an encryption key be passed to either the constructor or the setKey() method now; this was done to improve the security of each class.

Zend\Session includes a new Zend\Session\Storage\SessionArrayStorage class, which acts as a direct proxy to the $_SESSION superglobal. The SessionManager class now uses this new storage class by default, in order to fix an error that occurs when directly manipulating nested arrays of $_SESSION in third-party code. For most users, the change will be seamless. Those affected will be those (a) directly accessing the storage instance, and (b) using object notation to access session members:

$foo = null;
/** @var $storage Zend\Session\Storage\SessionStorage */
if (isset($storage->foo)) {
    $foo = $storage->foo;
}

If you are using array notation, as in the following example, your code remains forwards compatible:

$foo = null;

/** @var $storage Zend\Session\Storage\SessionStorage */
if (isset($storage['foo'])) {
    $foo = $storage['foo'];
}

If you are not working directly with the storage instance, you will be unaffected.

For those affected, the following courses of action are possible:

  • Update your code to replace object property notation with array notation, OR
  • Initialize and register a Zend\Session\Storage\SessionStorage object explicitly with the session manager instance.

2.0.8 (13 Mar 2013):

2.0.7 (29 Jan 2013):

Potential Breakage

Includes a fix to the classes Zend\Filter\Encrypt and Zend\Filter\Decrypt which may pose a small break for end-users. Each requires an encryption key be passed to either the constructor or the setKey() method now; this was done to improve the security of each class.

2.0.6 (19 Dec 2012):

2.0.5 (29 Nov 2012):

2.0.4 (20 Nov 2012):

2.0.3 (17 Oct 2012):

2.0.2 (21 Sep 2012):

2.0.1 (20 Sep 2012):