Skip to content
This repository has been archived by the owner on Jan 31, 2020. It is now read-only.

Latest commit

 

History

History
530 lines (319 loc) · 11.9 KB

CHANGELOG.md

File metadata and controls

530 lines (319 loc) · 11.9 KB
Raw

Changelog

All notable changes to this project will be documented in this file, in reverse chronological order by release.

2.9.2 - TBD

Added

  • Nothing.

Changed

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • Nothing.

2.9.1 - 2019-10-28

Added

  • Nothing.

Changed

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #123 fixes a bug preventing two first hash functions from hash_algos() (usually md2 and md4) from being used in SessionConfig::setHashFunction.

2.9.0 - 2019-09-20

Added

  • #115 adds support for PHP 7.3.

Changed

  • Nothing.

Deprecated

  • Nothing.

Removed

  • #115 removes support for zend-stdlib v2 releases.

Fixed

  • Nothing.

2.8.7 - 2019-09-19

Added

  • Nothing.

Changed

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #122 fixes type check for configuration of session storage. Allows input to be an instance of ArrayAccess or an array.

2.8.6 - 2019-08-11

Added

  • Nothing.

Changed

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #120 fixes issue "Commands out of sync; you can't run this command now" with DbTableGateway save handler while using Mysqli adapter.

  • #106 fixes issue with Garbage collection of MongoDB save handler where maxlifetime is provided in seconds.

  • #114 fixes Validator\Id compatibility with PHP 7.1. INI setting session.sid_bits_per_character can be now used with PHP 7.1+ instead of session.hash_bits_per_character (used with PHP versions prior to 7.1).

    In some very specific situations this can lead to an issue with previously generated sessions. See issue #121.

  • #118 avoid unnecessary phpinfo() call when register own save handler which is an object.

2.8.5 - 2018-02-22

Added

  • Nothing.

Changed

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #108 fixes a dependency conflict in composer.json which prevented phpunit/phpunit 6.5 or newer from being installed together with zendframework/zend-session.

2.8.4 - 2018-01-31

Added

  • Nothing.

Changed

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #107 fixes an error raised by ini_set() within SessionConfig::setStorageOption() that occurs for certain INI values that cannot be set if the session is active. When this situation occurs, the class performs a session_write_close(), sets the new INI value, and then restarts the session. As such, we recommend that you either set production INI values in your production php.ini, and/or always pass your fully configured session manager to container instances you create.

  • #105 fixes an edge case whereby if the special __ZF session value is a non-array value, initializing the session would result in errors.

  • #102 fixes an issue introduced with 2.8.0 with AbstractContainer::offsetGet. Starting in 2.8.0, if the provided $key did not exist, the method would raise an error regarding an invalid variable reference; this release provides a fix that resolves that issue.

2.8.3 - 2017-12-01

Added

  • Nothing.

Changed

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #101 fixes an issue created with the 2.8.2 release with regards to setting a session save path for non-files save handlers; prior to this patch, incorrect validations were run on the path provided, leading to unexpected exceptions being raised.

2.8.2 - 2017-11-29

Added

  • Nothing.

Changed

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #85 fixes an issue with how the expiration seconds are handled when a long-running request occurs. Previously, when called, it would use the value of $_SERVER['REQUEST_TIME'] to calculate the expiration time; this would cause failures if the expiration seconds had been reached by the time the value was set. It now correctly uses the current time().

  • #99 fixes how Zend\Session\Config\SessionConfig handles attaching save handlers to ensure it will honor any handlers registered with the PHP engine (e.g., redis, rediscluster, etc.).

2.8.1 - 2017-11-28

Added

  • #92 adds PHP 7.2 support.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #57 and #93 provide a fix for when data found in the session is a Traversable; such data is now cast to an array before merging with new data.

2.8.0 - 2017-06-19

Added

  • #78 adds support for PHP 7.1, and specifically the following options:
    • session.sid_length
    • session.sid_bits_per_character

Changed

  • #73 modifies the SessionManagerFactory to take into account the $requestedName; if the $requestedName is the name of a class that implements ManagerInterface, that class will be instantiated instead of SessionManager, but using the same arguments ($config, $storage, $savehandler, $validators, $options).

  • #78 updates the SessionConfig class to emit deprecation notices under PHP 7.1+ when a user attempts to set INI options no longer supported by PHP 7.1+, including:

    • session.entropy_file
    • session.entropy_length
    • session.hash_function
    • session.hash_bits_per_character

Deprecated

  • Nothing.

Removed

  • #78 removes support for PHP 5.5.

  • #78 removes support for HHVM.

Fixed

  • Nothing.

2.7.4 - 2017-06-19

Added

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #66 fixes how the Cache save handler's destroy() method works, ensuring it does not attempt to remove an item by $id if it does not already exist in the cache.
  • #79 updates the signature of AbstractContainer::offsetGet() to match Zend\Stdlib\ArrayObject and return by reference, fixing an issue when running under PHP 7.1+.

2.7.3 - 2016-07-05

Added

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #51 provides a fix to the DbTableGateway save handler to prevent infinite recursion when attempting to destroy an expired record during initial read operations.
  • #45 updates the SessionManager::regenerateId() method to only regenerate the identifier if a session already exists.

2.7.2 - 2016-06-24

Added

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #46 provides fixes to each of the Cache and DbTaleGateway save handlers to ensure they work when used under PHP 7.

2.7.1 - 2016-05-11

Added

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #38 ensures that the value from session.gc_maxlifetime is cast to an integer before assigning it as the lifetime value in the MongoDB adapter, ensuring sessions may be deleted.

2.7.0 - 2016-04-12

Added

  • #23 provides a new Id validator to ensure that the session identifier is not malformed. This validator is now enabled by default; to disable it, pass ['attach_default_validators' => false] as the fifth argument to SessionManager, or pass an options array with that value under the session_manager configuration key.
  • #34 adds the option to use exporeAfterSeconds with the MongoDB save handler.
  • #37 exposes the package as a standalone config-provider/component, adding:
    • Zend\Session\ConfigProvider, which maps the default services offered by the package, including the ContainerAbstractServiceFactory.
    • Zend\Session\Module, which does the same, but for zend-mvc contexts.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #34 updates the component to use ext/mongodb + the MongoDB PHP client library, instead of ext/mongo, for purposes of the MongoDB save handler, allowing the component to be used with modern MongoDB installations.

2.6.2 - 2016-02-25

Added

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #32 provides a better polfill for the ValidatorChain to ensure it can be represented in auto-generated classmaps (e.g., via composer dump-autoload --optimize and/or composer dump-autoload --classmap-authoritative).

2.6.1 - 2016-02-23

Added

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #29 extracts the constructor defined in Zend\Session\Validator\ValidatorChainTrait and pushes it into each of the ValidatorChainEM2 and ValidatorChainEM3 implementations, to prevent colliding constructor definitions due to inheritance + trait usage.

2.6.0 - 2016-02-23

Added

  • #29 adds two new classes: Zend\Session\Validator\ValidatorChainEM2 and ValidatorChainEM3. Due to differences in the EventManagerInterface::attach() method between zend-eventmanager v2 and v3, and the fact that ValidatorChain overrides that method, we now need an implementation targeting each major version. To provide a consistent use case, we use a polyfill that aliases the appropriate version to the Zend\Session\ValidatorChain class.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #29 updates the code to be forwards compatible with the v3 releases of zend-eventmanager and zend-servicemanager.
  • #7 Mongo save handler was using sprintf formatting without sprintf.

2.5.2 - 2015-07-29

Added

  • Nothing.

Deprecated

  • Nothing.

Removed

  • Nothing.

Fixed

  • #3 Utilize SaveHandlerInterface vs. our own.

  • #2 detect session exists by use of PHP_SESSION_ACTIVE