Software Update: Yii PHP Framework 2.0.16

Spread the love

Yii is a component based PHP framework, with very good performance according to the developers, which makes it particularly suitable for developing large-scale web applications. The framework contains many options, such as mvc, dao/ActiveRecord, I18N/L10N, caching, jQuery-based AJAX support, scaffolding, input validation, widgets, events and theming. For more information, please refer to this page. The developers have released version 2.0.16 and the release notes for that release are as follows:

Yii 2.0.16 has been released

We are very pleased to announce the release of Yii Framework version 2.0.16. Please refer to the instructions at to install or upgrade to this version. Version 2.0.16 is a minor release of Yii 2.0 which contains more than a hundred enhancements and bug fixes including security fixes.

Yii 2.0 reached feature freeze more than a year ago, meaning that the 2.0 branch will only receive bug fixes. That was done in order to allow the Yii Team to focus on the upcoming Yii 3 rewrite. There’s more on Yii 3 at the very end of this announcement.

There are minor changes that may affect your existing applications, so make sure to check the UPGRADE.md file.

Huge thanks to all Yii community members who contribute to the framework. It wouldn’t have been possible without you. Additional thanks to translators who are keeping international documentation up to date. There are many active Yii communities so if you need help or want to share your experience, feel free to join them. You can also discuss this news on our forum.

Below we summarize some of the enhancements and changes that slipped into this release. A complete list of changes can be found in the CHANGELOG.

Active Record
A behavior for optimistic locking was added by Salem Ouerdani, @tunecino. Optimistic locking allows multiple users to access the same record for edits and avoids potential conflicts. In case when a user attempts to save the record upon some staled data (because another user has modified the data), a StaleObjectException exception will be thrown, and the update or deletion is skipped. The locking itself was implemented from the first versions of Yii but using it properly wasn’t easy. Now it is. You can find details in the guide section on optimistic locks and in OptimisticLockBehavior itself.

migrations
Console migration generator defaults were changed so that the migrations are generated with table prefixes used. If you want to disable this behavior, set yii\console\controllers\MigrateController::useTablePrefix to false via console command mappings.

Databases

  • The MySQL driver now supports fractional seconds for time types (require MySQL >= 5.6.4).
  • The Oracle driver now supports resetting sequences.

Helpers

  • yii\helpers\Inflector now works correctly with UTF-8.
  • Added yii\mutex\FileMutex::$isWindows for Windows file shares on Unix guest machines.
  • yii\helpers\UnsetArrayValue, yii\helpers\ReplaceArrayValue object can now be restored after serialization using var_export() function.

GridView
Added $filterOnFocusOut option that allows to toggle if filtering should be triggered when filter field is losing focus.

jQuery
jQuery 3.3 is now allowed to be installed.

Mutex

  • Increased frequency of lock tries for yii\mutex\FileMutex::acquireLock() when $timeout is provided.
  • Added support for $timeout in yii\mutex\PgsqlMutex::acquire().

Security fixes
Two security issues were fixed in this release:

  • CVE-2018-14578: CSRF token check bypassing in \yii\web\Request::getMethod()
  • CVE-2018-19454: Excess logging of sensitive information in \yii\log\Target

Project templates

  • Codeception configs were cleaned up in both basic and advanced project templates.
  • A basic Docker configuration was added to the Advanced project template, allowing you to quickly start developing.
  • Advanced template tests require newer version of Codeception that works starting with PHP 7.0. Old applications will work with older versions of Codeception so there’s no need for upgrade if you don’t want it.

A bit about Yii 3.0
Yii 3 will be the next major version of the Yii framework. A separate announcement will be made subsequently, but here’s a brief overview of the future:
A new architecture: The Yii framework has been split into several packages. This will allow you to pick the packages you need to compose your Yii application instead of installing one package that provides everything.
JavaScript-agnostic: With the reorganization of the source code, Yii will no longer tie you to a specific JavaScript framework. Core features of Yii have been rewritten to be jQuery-free.
PSR Compatibility: Yii 3 will embrace the PHP-FIG recommendations, and implement many PSRs: Logging, Caching, DI, etc.
Yii 3.0 is currently being developed. We will make separate announcements when it reaches alpha stability.

Version number 2.0.16
Release status Final
Operating systems script language
Website Yii PHP Framework
Download
License type Conditions (GNU/BSD/etc.)
You might also like