Yii Framework 1.x https://www.yiiframework.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

630 lines
26 KiB

Upgrading Instructions for Yii Framework v1.1
The following upgrading instructions are cumulative. That is,
if you want to upgrade from version A to version C and there is
version B between A and C, you need to following the instructions
for both A and B.
General upgrade instructions
- Make a backup.
- Clean up your 'assets' folder.
- Replace 'framework' dir with the new one or point GIT to a fresh
release and update.
- Check if everything is OK, if not — revert from backup and post
issues to Yii issue tracker.
Upgrading from v1.1.24
No significant changes were made.
Upgrading from v1.1.23
- jQueryUI was updated to 1.12 and contains possible breaking changes.
Upstream the base theme changed to a more modern theme with some colors, less gradients and some other improvements.
The old default theme "Smoothness" is still included and configured as the Yii default for backwards compatibility.
If you wish, you can apply the new base theme using the CWidgetFactory application component for example:
return [
'components' => [
'widgetFactory' => [
'widgets' => [
'CJuiDatePicker' => [ // list your widgets derived from CJuiWidget here
'theme' => 'base',
For further details check the [jQuery UI upgrade guide](https://jqueryui.com/upgrade-guide/1.12/)
Upgrading from v1.1.22
No significant changes were made.
Upgrading from v1.1.21
No significant changes were made.
Upgrading from v1.1.20
No significant changes were made.
Upgrading from v1.1.19
No significant changes were made.
Upgrading from v1.1.18
If you are outputting validation errors directly without using `CHtml` or `CActiveForm`, make sure
to encode them properly depending on context you are outputting them into.
Upgrading from v1.1.17
No significant changes were made.
Upgrading from v1.1.16
- If you're using CApcCache with APCu, set `useApcu` to `true` in the component config.
- Undocumented usage of regular expressions outside parameters in URL rules was considered a bug (#3348). Regular
expressions are now escaped properly so if you rely on previous behavior, please update your code.
Upgrading from v1.1.15
- CFileValidator now clears attribute after validation in case attribute is marked as `safe` in `rules()` which is default.
The reason is that file uploads were often handled incorrectly by using real database attribute which lead to ability to
write arbitrary data into database column.
If you've followed [wiki article about uploading files](http://www.yiiframework.com/wiki/2/how-to-upload-a-file-using-a-model/),
you need to mark attribute as `unsafe`:
public function rules()
return array(
array('image', 'file', 'types'=>'jpg, gif, png', 'safe' => false), // <--- here
- CErrorHandler now runs errorAction for errors, which appear via AJAX request.
If you use CErrorHandler::errorAction, make sure it handles AJAX request properly.
- The possibility to use callables for values of CDetailView introduced a problem with string being interpreted as
PHP functions. CDetailView now only allows anonymous functions to be called, all other values will be taken as value.
- We updated the `framework/utils/mimeTypes.php` with more file extensions from the http apache project.
Due to this fact some of the assignments have changed so if you rely on the mimeType detection of `CFileHelper`
you need to check if your code works with the new mime type assignments.
You can use a custom `mimeTypes.php` file to bring back the old behavior if needed by specifying the second parameter
of `CFileHelper::getMimeTypeByExtension($file, $magicFile='path/to/your/mimeTypes.php')`.
- We upgraded the bundled jQuery version to 1.11.1. Previous version was 1.8.3.
There were breaking changes in the jQuery API which you can find in the jQuery blog:
<http://jquery.com/upgrade-guide/1.9/#changes-of-note-in-jquery-1-9>. The [jquery-migrate plugin](https://github.com/jquery/jquery-migrate/)
can help checking your code for deprecated functionality.
- jQueryUI was updated. Check the upgrade guides for [1.10](http://jqueryui.com/upgrade-guide/1.10) and
- The implementation of `CSecurityManager::encrypt()` and `decrypt()` were changed to be more secure.
If you use these methods to encrypt your data, you should take the following steps to use the new version:
1. Decrypt existing data that were encrypted using `legacyDecrypt()`.
2. Change key via application config (encryptionKey property of securityManager component) to the one that conforms
to recommendations.
3. Encrypt the data using `encrypt()`.
You can disable key validation by setting validateEncryptionKey property of securityManager component to false but
if it strongly not recommended.
- Namespaced controllers in subdirectories should now have subdirectory in namespace. Previously it was possible to
use the same namespace for both controllers in root directory and subdirectories.
Upgrading from v1.1.14
No significant changes, 1.1.15 was a security fix release.
Upgrading from v1.1.13
- CUploadedFile::getInstancesByName() now cannot handle a single file upload. Either change your upload field name to
be something like `ImageUpload[]` or, to keep backwards compatibility in your app, handle it like the following:
$this->ImageUpload = CUploadedFile::getInstancesByName('ImageUpload');
if (empty($this->ImageUpload)) {
$this->ImageUpload = array(CUploadedFile::getInstanceByName('ImageUpload'));
- CActiveRecord::count() now respects group by and having. If your code relied
on ignoring it your application may break and should be updated.
- Vendors: phlymail's Net_IDNA was replaced by PEAR Net_IDNA2. The latter library is better maintained than the former.
In case your code relies on bundled phlymail's Net_IDNA you should change it a bit. Old way of encoding IDNs:
$idnaConvert=new idna_convert();
$idna=new Net_IDNA2();
- CAPTCHA appearance has been changed. Non-free Duality.ttf font (used by CCaptchaAction) replaced by open/free
SpicyRice.ttf. New font is distributed under SIL Open Font License version 1.1. Do not forget to adjust font path
in case your application relies on Duality.ttf font file.
- CSecurityManager::computeHMAC() method is now public and third parameter has been added. You must change signature
of this method in the extended child class to fit new circumstances. Otherwise an E_STRICT error will be issued.
- CClientScript::registerScriptFile() and CClientScript::registerScript() methods signature changed.
Update your subclasses that override registerScriptFile() or registerScript() if any.
- CActiveRecord::refreshMetaData() now clears meta data for all objects of the particular Active Record class.
Also CActiveRecord::refreshMetaData() will not create new meta data at once - new CActiveRecordMetaData instance
will be created on the first demand.
- Oracle related note: in case you're using COciSchema::resetSequence() or CDbSchema::resetSequence() methods with
the Oracle database, keep in mind that its behavior has changed to be consistent with the same methods for
the other database management systems. Please refer to its documentation for more details and don't forget
to adjust your code respectively.
- Signature of the CJuiInputWidget::resolveNameID() method has changed. If you're overriding this method you must
change your code to fit it. This method now accepts two parameters, it means you have to adjust code of the
overlapped descendant method signature as follows:
protected function resolveNameID($nameProperty='name',$attributeProperty='attribute')
And ancestor method call to:
- In case you've used your own relation types extended from `CHasOneRelation` or
`CHasManyRelation` make sure you update these to reflect moving `through` property
from both these to `CActiveRelation`.
- CSecurityManager::generateRandomKey() has been deprecated in favor of CSecurityManager::generateRandomString().
Try not to use it anymore and avoid CSecurityManager::generateRandomKey() method in your code.
Upgrading from v1.1.12
- Both jQuery and jQueryUI were updated. Check [jQuery UI upgrade guide](http://jqueryui.com/upgrade-guide/1.9/)
and [jQuery release notes](http://blog.jquery.com/2012/08/09/jquery-1-8-released/).
- We completed the behavior of CFormatter::sizeFormat() which has been introduced in Yii 1.1.11. If you are using it with your own translation file
you have to move your translations to the `yii` category in `yii.php` file which is handled by the application component `coreMessages`.
We also fixed the default translation strings to be correct English and apply to choice format, so you have to adjust your translation file keys.
- Be sure to clean all your existing cache during the upgrade. The cache values from CDbCommand has been
changed to an array to be able to store false values (returned when no records are found).
- Make sure all your event handlers in behaviors are public methods, as we are not supporting protected methods as event handlers anymore.
- We fixed the calls to CActiveRecord::beforeFind() for consistency so that beforeFind() now always gets called for every relation
on eager loading even if the main query does not return a result. This has been the case for all CActiveRecord::find*()-methods
already but now also applies for findBySql() and findAllBySql().
- Criteria modification in CActiveRecord::beforeFind() did not apply to the query when model was loaded in a relational context.
Since version 1.1.13 changes to query criteria made in beforeFind() now also apply to the query when model is loaded in a relational context.
The main problem here is that you can not use the `t`-alias for your table anymore, you have to change your code to
use the table alias currently in use as this is different in relational context.
You can get that alias by calling `$this->getTableAlias();` in your active record class
or `$this->owner->getTableAlias()` in behavior context.
$criteria->condition = 't.myfield = 1';
You need to change that to:
$alias = $this->owner->getTableAlias();
$criteria->condition = $alias.'.myfield = 1';
- Make sure you are using `CCaptcha::checkRequirements()` method for checking whether CAPTCHA could be rendered successfully in your environment.
`extension_loaded('gd')` expression is not enough and wrong because CAPTCHA could be rendered via ImageMagick with fallback to GD since 1.1.13
(thus checking code is not simple as it seems).
- In case you're using MSSQL driver make sure authentication credentials you use have permissions to use
`sys.extended_properties` system view. This is critical for retrieving additional metadata on tables.
Upgrading from v1.1.11
- Changes in CCookieCollection::add() (introduced in 1.1.11) were reverted as they were triggering E_STRICT on some old PHP-versions
If your application relies on these newly added changes. You should change your code from
$cookies->add(new CHttpCookie($name, $value));
$cookies[$name] = new CHttpCookie($name, $value);
- CActiveRecord::resetScope() method signature changed. Please update your subclasses that override resetScope() if any.
Upgrading from v1.1.10
- API of public method CConsoleCommand::confirm() changed. If you are overriding this method make sure to update your code.
The method now has a 2nd parameter for the default value which will be used if no selection is made, so you have to
adjust the signature to fit
public function confirm($message,$default=false)
and the parent call to
- API of protected method CConsoleCommand::afterAction() changed, if you are overriding this method make sure to update your code.
method now has a 3rd parameter for application exit code, so you have to adjust the signature to fit
protected function afterAction($action,$params,$exitCode=0)
and the parent call to
- CDateFormat::format() now will return null if the parameter $time is null. Previously it would return 1/1/1970.
- If you are using CJavaScript::encode in your application with parameter coming
from user input, set second argument to true:
CJavaScript::encode($userInput, true);
It will disable prefixing parameters with "js:". If you need to pass JavaScript
expression it's now preferrable to wrap these with CJavaScriptExpression:
CJavaScript::encode(new CJavaScriptExpression('alert("Yii!");'), true);
Note that second "safe" parameter doesn't affect CJavaScriptExpression in any way.
Upgrading from v1.1.9
- Previously xSendFile() was returning false if the file was not found.
This has been removed to allow relative file paths. If you are relying on this check,
you will need to do it manually before calling xSendFile().
Upgrading from v1.1.8
- CConfiguration::createObject, CController::paginate and CHtml::getActiveId deprecated since 1.0.x were removed. Use
Yii::createComponent, new CPagination directly and CHtml::activeId respectively.
- In CErrorHandler::handleException() the checking for ajax call has been removed
as it was preventing to customize the display of the exception during an ajax call.
- Previously in case of validation error the CSS "error" class was not added to the row container at all when
checkBoxList or radioButtonList where used. This is fixed now and proper "error" CSS class is added to the row
container but in case of validation error, all labels from the list are shown in red because of the CSS rule.
To fix this and display only the attribute label in red:
in <projectdir>/css/form.css the line:
div.form div.error label
should be changed to
div.form div.error label:first-child
- If you've used "through" ActiveRecord option in your relation definitions it's good to update code as shown below.
Old style of defining this option still works but is now deprecated.
class Group extends CActiveRecord
public function relations()
return array(
class Group extends CActiveRecord
public function relations()
return array(
Upgrading from v1.1.7
- CDbAuthManager will now quote columns and tables referenced in its SQL code.
If your auth tables were created in a case-insensitive fashion (e.g. on PostgreSQL)
while your DBMS is case-sensitive, this change may cause DB query errors.
To fix this issue, you will have to rename the table names and columns, or re-create
the auth tables by following the SQL code given in framework/web/auth/*.sql.
- jQuery was upgraded to 1.6.1. Check your client side code and if you have issues consider
downgrading to 1.5.1 or 1.4.4.
Upgrading from v1.1.6
- Make sure you are using latest stable PHPUnit 3.5 if you are using unit tests.
Upgrading from v1.1.5
- In CActiveRecord::relations(), if a relation involves composite foreign keys, the foreign key
columns must be separated by commas now. Previously, the columns can be separated by either
commas or spaces. If your mode code are generated by Gii or yiic shell, you do not need to
worry about this.
- CLDR data was updated to a newest available version so data formats, month
names and other regional data can be changed.
Upgrading from v1.1.4
- CHtml will no longer render null attributes for HTML tags. This means if $htmlOptions is
array('class'=>null), it will no longer render the 'class' attribute in the HTML tag.
it would render the class attribute as class="". We expect this will not cause much trouble
in upgrading. However, in case problems happen, you may set the attribute to be an empty string
to solve them.
- Now by default CWebLogRoute does not render logs in FireBug for ajax calls.
To get logs rendered for ajax calls in FireBug set CWebLogRoute::ignoreAjaxInFireBug to false
- The implementation of CCache::flush() was changed a little. Child classes should now implement
a flushValues() method. If you use any custom cache class with flush functionality, you should
rename the flush method accordingly.
- The prompt and empty options used in CHtml methods will NOT be HTML-encoded anymore. It will now
always convert ">" and "<" into "&gt;" and "lt;", respectively. This should be sufficient in most
cases. But if your application uses some other special characters, or if you allow user inputs
to be used as prompt and empty text labels, please call CHtml::encode() explicitly on these option
Upgrading from v1.1.3
- Zii was merged into Yii so if you are using SVN to keep framework
up to date, you'll need to delete 'framework/zii' and then update it.
Upgrading from v1.1.2
- When using the skin feature, you now need to explicitly configure
the 'enableSkin' property of 'widgetFactory' application component
to be true. Also, if you have configured the 'widgets' property, you
should rename it to be 'skinnableWidgets'. These changes are due to
the introduction of the global widget customization feature.
Please see the guide (the "Theming" section) for more details.
- CAutoComplete is now deprecated and will be removed in Yii 1.2. Consider
using CJuiAutoComplete.
- Now it's not possible to reuse CActiveFinder. So if you have code like this:
$finder = Post::model()->with('comments');
$posts1 = $finder->findAll();
$posts2 = $finder->findAll();
you should rewrite it to:
$posts1 = Post::model()->with('comments');
$posts2 = Post::model()->with('comments');
- The 'condition' declared in the scopes of the related AR classes will now
be put in the 'ON' clause of the JOIN statement when performing relational AR queries.
Upgrading from v1.1.1
Upgrading from v1.1.0
- CHtml::beginForm() will automatically generate hidden fields to represent
the parameters in the query string when the form uses GET method.
To avoid submitting duplicated query parameters, you may use createUrl()
to explicitly specify the action of the form. You may also need to remove
the hidden fields that you previously render for the same purpose.
- The code generated by yiic tool is changed. If you are using yiic tool
to generate new CRUD code on a previously generated skeleton, you are recommended
to run "yiic webapp" again to re-generate the skeleton. Make sure you backup
your work before you do this.
- CMenu now renders the 'active' CSS class for the 'li' tag instead of the
hyperlink tag. You should adjust your CSS code accordingly if you use CMenu
in your application.
- CUrlManager::parsePathInfo() is changed to be non-static. If you override
this method or your existing code calls this method directly (neither is common),
you need to change your code accordingly.
- CController::forward() will exit the application by default now. If you want
to keep the old behavior, you may pass false as the second parameter.
- The jQuery copy included in the framework has been upgraded to version 1.4.2.
This may cause some incompatibility problems to your existing jQuery code or plugins.
If you want to keep using version 1.3.2, you may do so by configuring
CClientScript::scriptMap property.
- The default theme for JQuery UI widgets was changed from 'smoothness' to 'base'.
If you are using 'smoothness', you will need to manually download this theme from
jqueryui.com and configure the 'theme' property of the JQuery UI widgets accordingly.
Upgrading from v1.1rc
- CRudColumn is renamed as CButtonColumn
- CDataColumn.dataField and dataExpression are renamed as name and value, respectively
- The alias name for the primary table in an AR query is fixed to be 't'
Upgrading from v1.1b
Upgrading from v1.1a
- CSort::attributes is changed. Now the array keys refer to attribute names
and array values refer to virtual attribute definitions. Please read the
API documentation for this property to learn more details. This change will
affect your code only when you explicitly specify this property.
Upgrading from v1.0.x
- Application and module parameter names are changed to be case-sensitive.
In 1.0.x, they are case-insensitive.
- For tabular input, using Field[$i] is not valid anymore. Attribute names
should look like [$i]Field in order to support array-typed fields
(e.g. [$i]Field[$index]).
- Please read the Guide for further details on how to upgrade from v1.0.x to v1.1.
Upgrading from v1.0.12
Upgrading from v1.0.11
Upgrading from v1.0.10
Upgrading from v1.0.9
Upgrading from v1.0.8
- ActiveRecord lazy loading is changed for optimization purpose. Previously,
when lazy loading occurs, the related table will be joined with the primary
table. Now, the related table will be queried without joining the primary table.
As a result, if you are using lazy loading and the corresponding relation
declaration includes reference to the primary table, the query will fail.
To fix this problem, please specify the lazy loading query options with the
actual primary table column values.
Upgrading from v1.0.7
- A directory imported using Yii::import() will have precedence over
any existing include paths. For example, if we import 'application.models.*',
then the corresponding directory will be searched before any other
existing include paths. This also means, a directory imported later will
have precedence over directories imported earlier. Previously, this order
was reversed. This change may affect you if you have several classes with
the same name and they are imported via different directories. You will need
to adjust the import order of these directories to make sure your existing
applications are not broken due to this change.
Upgrading from v1.0.6
- Default named scope will no longer be applied to INSERT, UPDATE and
DELETE queries. It is only applied to SELECT queries. You should be aware
of this change if you override CActiveRecord::defaultScope() in your code.
- The signature of CWebUser::logout() is changed. If you override this method,
you will need to modify your method declaration accordingly.
Upgrading from v1.0.5
Upgrading from v1.0.4
- CWebUser::checkAccess() takes an additional parameter to allow caching
the access check results. If you override this method, you will need to
modify your method declaration accordingly. Because the new parameter will
enable caching the access check results by default, please double check
your code containing this method call to make sure the behavior is as expected.
- CDateParser has been renamed to CDateTimeParser
Upgrading from v1.0.3
- The signature of CWebModule::init() is modified. Its parameter is removed.
If your application uses modules, you have to modify your module class
files accordingly.
Upgrading from v1.0.2
- Controllers that are organized in subdirectories are now referenced
using the ID format "path/to/xyz". Previously it was "path.to.xyz".
If you use "path.to.xyz" in your application, you have to modify it
to "path/to/xyz".
- CHtml::coreScript() is removed. If you used this in your application,
please use the following alternative:
Upgrading from v1.0.1
- Due to the introduction of the scenario-based massive assignment feature,
we removed CActiveRecord::protectedAttributes(). Please use safeAttributes()
to specify which attributes are safe to be massively assigned.
For more details about scenario-based assignment and validation,
please read the following tutorial section:
- The signature of CModel::validate() has been changed to:
CModel::validate($scenario='', $attributes=null)
That is, the order of the two parameters has been swapped. If your application
contains code that invokes the validate() method (of either a CFormModel
or a CActiveRecord object) with some parameter, please make sure you fix
the parameter order.
- The usage of CActiveRecord::with() and the 'with' option in relations
has been changed. In order to query child relations, we should specify the 'with'
parameter/option like the following now:
Post::model()->with(array('comments', 'author.profile'))->findAll();
Previously, this should be written as:
Post::model()->with(array('comments', 'author'=>'profile'))->findAll();
If your code does not involve child relations (like 'profile' in the above),
nothing needs to be changed.
This change has been introduced in order to support dynamic relational
query options. For example, we can specify that comments be sorted in
descending order (assuming in the relations() method it is specified as
ascending order):
'comments'=>array('order'=>'createTime DESC'),
Upgrading from v1.0.0
- An $scenario parameter is added to both CModel::beforeValidate() and afterValidate().
If you override these methods in your child classes (form models, AR classes),
make sure you change the method signature accordingly.