Release notes

Version 2.1.rc1 open source edition

This version does not include the examples. It is meant to run on PHP5 only. If you retieved this page from a http server that supports PHP, Click here to try it out.

This version does not include pntUnit and the unit tests.

What's new

Since 2.0.0a

Remarks for upgrading existing applications

For 2.1.rc1:

For 2.1.0 See the release notes of the upgrade release you can download from the phpPeanuts website. (For 2.1.rc1 an upgrade version is not made availabe.

Known bugs and limitations

  1. Applications are not protected against cross frame scripting. For this reason CRSF protection needs to be extended to all request from login by per-request tokens using encription-strength random numbers. (This is only relevalnt for applications using authentication/authorization - the extension for this is not included in the open source version)
  2. Includes quoted parameters in SQL (should only use parameterized queries)
  3. With older versions of PHP and/or MySQL the character set can not be set on the connection in such a way that the quoting functions of MySQL take the character set into account. This may be a problem with UTF-8 and if may have security implications, possibly including SQL injection vurnerabilities. To avoid this requires:
    - MySQL >= 5.0.7 or if you're using MySQL 4, then >= 4.1.13.
    - PntMySqlDaro: PHP 5.0.7 or later
    - PntPdoDao: PHP 5.3.6 or later
    - PntMySqliDao (not included in the open source version): PHP 5.0.5 or later
  4. Though the framework has DAO classes that are successfully used as the database abstraction layer with MySQL and SqLite, the use with other databases may require some additional refactoring. Please inform us about eventual problems and solutions with the use of other databases. (Known: Oracle versions below 9 do not support standard explicit JOIN syntax, but producing JOIN instuctions is not delegated to DAO objects and can not be easily refactored to do so.)
  5. The AGPL license requires you to make the source of applications using this version of phpPeanuts available to any users outside your own organization, and allow them forward it to the rest of the world. An extended commercial edition is available on request under developers licenses that do not include obligations to publish derived works etc. For more info see the Support menu of the phpPeanuts website.