Releases: lonnieezell/Bonfire
CI v2.2.1 and v3 Support, Improved Offline Mode, Improved Documentation, and more
See the Changelog and Upgrade Notes for more details.
Improved separation of Bonfire code, CI 2.2, Sparks and Composer support, and more
See full changelog for this release: https://github.com/ci-bonfire/Bonfire/blob/d3ecde89fee71f44995e4d22dd2fc28b0a8b845e/bonfire/docs/changelog.md
The highlights:
- Better separation of Bonfire code from your application's code
- Works with Sparks
- Enable Composer auto-loading by setting
'composer_autoload'
to true (or the path to the autoload.php file) in /application/config/config.php - Updated documentation system includes search functionality and allows splitting user and dev-related docs
- Added a custom MySQLi driver (
'bfmysqli'
) to support more features (including backup). Leaves the driver supplied by CodeIgniter alone in case you've acquired a mysqli driver elsewhere or future CI releases improve the driver.
New folder structure, phpass, new docs system, CI 2.1.4, Bootstrap 2.3.2, PHP 5.3 (minimum), Apache 2.4 support
See full changelog for this release: https://github.com/ci-bonfire/Bonfire/blob/795ad8e315bc93ea4647d3d8e82bee05ab33e5e2/bonfire/docs/changelog.md
The highlights:
- Minimum PHP version changed to 5.3
- New folder structure and phpass library for user password hashes to improve security
- Updated CodeIgniter to 2.1.4
- Updated Bootstrap to 2.3.2
- Updated .htaccess to support Apache 2.4
- Updated jwerty to 0.3.1
- New documentation (docs) system which includes support for packaging documentation with your application/modules using Markdown-formatted text files.
Upgrade notes
Migrations should be set to auto-run in the application config file so that the new password hash is enforced before you try to login the first time after updating. The migrations force all users to create new passwords so that the newer encryption methods are used.
The "ban" button in the users page is working now, and the permission Site.Signin.Allow has been removed. If you created a custom role which banned logins by excluding this permission, they will now be able to log in.
If you attempt to downgrade to 0.6.*, Bonfire will at best restore Site.Signin.Allow to the Administrator role. No other role will be able to log in. This was written with developers in mind, not downgrading a production system. (But it would be interesting to hear any feedback).
The comment recommending IS_AJAX
as a security check has been removed. IS_AJAX
is not effective as a security check. It may have happened to prevent CSRF on AJAX methods, but Bonfire now supports CodeIgniter CSRF protection (see upgrade notes for 0.6.1). For other purposes, you may prefer to avoid the Bonfire-specific constant in favour of the standard CodeIgniter method $this->input->is_ajax_request()
.
Because the MY_Controller file no longer ships with Bonfire, you should make a backup of your current MY_Controller file, if you have made any changes. This file will be renamed to Base_Controller.php. Any changes you made should then be redistributed over the new Controller files in application/core.
If you use the $table class var within any of your module's model files, you will need to change that reference to $table_name.
If your module calls the activity_model for logging purposes, you will need to either switch the code to the new log_activity() helper method or load the acvitity_model explicitly.
All templates that use the current Template::yield() function must be updated to Template::content() due to the addition of generators in PHP 5.5.