Code Igniter 4.4.7
3 April 2024
Code Igniter version 4.4.7 is now available (security release).
What's New in Code Igniter 4.4.7
Security
- Language: Language class DoS Vulnerability was fixed. See the Security advisory for more information.
- URI Security: The feature to check if URIs do not contain not permitted strings has been added. This check is equivalent to the URI Security found in CodeIgniter 3. This is enabled by default, but upgraded users need to add a setting to enable it.
- Filters: A bug where URI paths processed by Filters were not URL-decoded has been fixed.
Breaking Changes
*: Time::difference() DST bug by @kenjis in #8661
Bug Fixes
- [Validation] FileRules cause error if getimagesize() returns false by @kenjis in #8592
- isWriteType() to recognize CTE; always excluding RETURNING by @markconnellypro in #8599
- duplicate Cache-Control header with Session by @kenjis in #8601
- [DebugBar] scroll to top by @ddevsr in #8595
- Model::shouldUpdate() logic by @kenjis in #8614
- esc() for 'raw' context by @Cleric-K in #8633
- Model::set() does not accept object by @kenjis in #8670
- fix incorrect CURLRequest allow_redirects description by @kenjis in #8653
Refactoring
- replace PHP_VERSION by PHP_VERSION_ID by @justbyitself in #8618
- apply early return pattern by @justbyitself in #8621
- move footer info to top in error_exception.php by @kenjis in #8626