From a5b9af951e011684ad529580421f539fbe73e8a2 Mon Sep 17 00:00:00 2001 From: Klimov Paul Date: Tue, 19 Sep 2017 14:40:08 +0300 Subject: [PATCH] merge fix --- framework/BaseYii.php | 4 ++-- framework/UPGRADE.md | 56 +++++++++++++++-------------------------------- framework/web/Request.php | 27 +++++++++++++---------- 3 files changed, 35 insertions(+), 52 deletions(-) diff --git a/framework/BaseYii.php b/framework/BaseYii.php index a7a461c..2b521d3 100644 --- a/framework/BaseYii.php +++ b/framework/BaseYii.php @@ -489,7 +489,7 @@ class BaseYii */ public static function beginProfile($token, $category = 'application') { - static::getLogger()->log($token, Logger::LEVEL_PROFILE_BEGIN, $category); + static::getProfiler()->begin($token, ['category' => $category]); } /** @@ -501,7 +501,7 @@ class BaseYii */ public static function endProfile($token, $category = 'application') { - static::getLogger()->log($token, Logger::LEVEL_PROFILE_END, $category); + static::getProfiler()->end($token, ['category' => $category]); } /** diff --git a/framework/UPGRADE.md b/framework/UPGRADE.md index 746d132..6fb140c 100644 --- a/framework/UPGRADE.md +++ b/framework/UPGRADE.md @@ -54,11 +54,13 @@ Upgrade from Yii 2.0.x ---------------------- * PHP requirements were raised to 7.1. Make sure your code is updated accordingly. -* memcache PECL extension support was dropped. Use memcached PECL extesion instead. +* memcache PECL extension support was dropped. Use memcached PECL extension instead. * Following new methods have been added to `yii\i18n\MessageInterface` `addHeader()`, `setHeader()`, `getHeader()`, `setHeaders()` providing ability to setup custom mail headers. Make sure your provide implementation for those methods, while creating your own mailer solution. -* `::className()` method calls should be replaced with native `::class`. +* `::className()` method calls should be replaced with [native](http://php.net/manual/en/language.oop5.basic.php#language.oop5.basic.class.class) `::class`. + When upgrading to Yii 2.1, You should do a global search and replace for `::className()` to `::class`. + All calls on objects via `->className()` should be replaced by a call to `get_class()`. * XCache and Zend data cache support was removed. Switch to another caching backends. * Rename `InvalidParamException` usage to `InvalidArgumentException`. * Masked input field widget was moved into separate extension https://github.com/yiisoft/yii2-maskedinput. @@ -115,42 +117,20 @@ Upgrade from Yii 2.0.x * Uploaded file retrieve methods have been moved from `yii\http\UploadedFile` to `yii\web\Request`. You should use `Request::getUploadedFileByName()` instead of `UploadedFile::getInstanceByName()` and `Request::getUploadedFilesByName()` instead of `UploadedFile::getInstancesByName()`. Instead of `UploadedFile::getInstance()` and `UploadedFile::getInstances()` use construction `$model->load(Yii::$app->request->getUploadedFiles())`. - * The minimum required PHP version is 5.5.0 now. - - * `yii\base\Object::className()` has been removed in favor of the [native PHP syntax](http://php.net/manual/en/language.oop5.basic.php#language.oop5.basic.class.class) - `::class`. When upgrading to Yii 2.1, You should do a global search and replace for `::className()` to `::class`. - All calls on objects via `->className()` should be replaced by a call to `get_class()`. - - You can make this change even before upgrading to Yii 2.1, Yii 2.0.x does work with it. - - `::class` does not trigger auto loading so you can even use it in config. - - * The following method signature have changed. If you override any of them in your code, you have to adjust these places: - - `yii\db\QueryBuilderbuild::buildGroupBy($columns)` -> `buildGroupBy($columns, &$params)` - - `yii\db\QueryBuilderbuild::buildOrderByAndLimit($sql, $orderBy, $limit, $offset)` -> `buildOrderByAndLimit($sql, $orderBy, $limit, $offset, &$params)` - - `yii\widgets\ActiveField::hint($content = null, $options = [])` - - `yii\base\View::renderDynamic($statements)` -> `yii\base\View::renderDynamic($statements, array $params = [])` - - * `yii\filters\AccessControl` has been optimized by only instantiating rules at the moment of use. - This could lead to a potential BC-break if you are depending on $rules to be instantiated in init(). - - * `yii\widgets\BaseListView::run()` and `yii\widgets\GridView::run()` now return content, instead of echoing it. - Normally we call `BaseListView::widget()` and for this case behavior is NOT changed. - In case you call `::run()` method, ensure that its return is processed correctly. - - * Method `yii\web\Request::getBodyParams()` has been changed to pass full value of 'content-type' header to the second - argument of `yii\web\RequestParserInterface::parse()`. If you create your own custom parser, which relies on `$contentType` - argument, ensure to process it correctly as it may content additional data. - - * `yii\web\UrlNormalizer` is now enabled by default in `yii\web\UrlManager`. - If you are using `yii\web\Request::resolve()` or `yii\web\UrlManager::parseRequest()` directly, make sure that - all potential exceptions are handled correctly or set `yii\web\UrlNormalizer::$normalizer` to `false` to disable normalizer. - - * `yii\base\InvalidParamException` was renamed to `yii\base\InvalidArgumentException`. +* The following method signature have changed. If you override any of them in your code, you have to adjust these places: + `yii\db\QueryBuilderBuild::buildGroupBy($columns)` -> `buildGroupBy($columns, &$params)` + `yii\db\QueryBuilderbuild::buildOrderByAndLimit($sql, $orderBy, $limit, $offset)` -> `buildOrderByAndLimit($sql, $orderBy, $limit, $offset, &$params)` + `yii\widgets\ActiveField::hint($content = null, $options = [])` + `yii\base\View::renderDynamic($statements)` -> `yii\base\View::renderDynamic($statements, array $params = [])` +* `yii\filters\AccessControl` has been optimized by only instantiating rules at the moment of use. + This could lead to a potential BC-break if you are depending on $rules to be instantiated in init(). +* `yii\widgets\BaseListView::run()` and `yii\widgets\GridView::run()` now return content, instead of echoing it. + Normally we call `BaseListView::widget()` and for this case behavior is NOT changed. + In case you call `::run()` method, ensure that its return is processed correctly. +* `yii\web\UrlNormalizer` is now enabled by default in `yii\web\UrlManager`. + If you are using `yii\web\Request::resolve()` or `yii\web\UrlManager::parseRequest()` directly, make sure that + all potential exceptions are handled correctly or set `yii\web\UrlNormalizer::$normalizer` to `false` to disable normalizer. +* `yii\base\InvalidParamException` was renamed to `yii\base\InvalidArgumentException`. Upgrade from Yii 2.0.12 diff --git a/framework/web/Request.php b/framework/web/Request.php index 2c95f99..5cc6f85 100644 --- a/framework/web/Request.php +++ b/framework/web/Request.php @@ -314,10 +314,11 @@ class Request extends \yii\base\Request implements RequestInterface /** * Filters headers according to the [[trustedHosts]]. - * @param HeaderCollection $headerCollection + * @param array $rawHeaders + * @return array filtered headers * @since 2.0.13 */ - protected function filterHeaders(HeaderCollection $headerCollection) + protected function filterHeaders($rawHeaders) { // do not trust any of the [[secureHeaders]] by default $trustedHeaders = []; @@ -339,12 +340,16 @@ class Request extends \yii\base\Request implements RequestInterface } } + $rawHeaders = array_change_key_case($rawHeaders, CASE_LOWER); + // filter all secure headers unless they are trusted foreach ($this->secureHeaders as $secureHeader) { if (!in_array($secureHeader, $trustedHeaders)) { - $headerCollection->remove($secureHeader); + unset($rawHeaders[strtolower($secureHeader)]); } } + + return $rawHeaders; } /** @@ -379,9 +384,7 @@ class Request extends \yii\base\Request implements RequestInterface } } - $this->filterHeaders($this->_headers); - - return $headers; + return $this->filterHeaders($headers); } /** @@ -1162,9 +1165,9 @@ class Request extends \yii\base\Request implements RequestInterface return true; } foreach ($this->secureProtocolHeaders as $header => $values) { - if (($headerValue = $this->headers->get($header, null)) !== null) { + if ($this->hasHeader($header)) { foreach ($values as $value) { - if (strcasecmp($headerValue, $value) === 0) { + if (strcasecmp($this->getHeaderLine($header), $value) === 0) { return true; } } @@ -1244,8 +1247,8 @@ class Request extends \yii\base\Request implements RequestInterface public function getUserIP() { foreach ($this->ipHeaders as $ipHeader) { - if ($this->headers->has($ipHeader)) { - return trim(explode(',', $this->headers->get($ipHeader))[0]); + if ($this->hasHeader($ipHeader)) { + return trim(explode(',', $this->getHeaderLine($ipHeader))[0]); } } @@ -1260,8 +1263,8 @@ class Request extends \yii\base\Request implements RequestInterface public function getUserHost() { foreach ($this->ipHeaders as $ipHeader) { - if ($this->headers->has($ipHeader)) { - return gethostbyaddr(trim(explode(',', $this->headers->get($ipHeader))[0])); + if ($this->hasHeader($ipHeader)) { + return gethostbyaddr(trim(explode(',', $this->getHeaderLine($ipHeader))[0])); } }