Release notes

Version 1.3.beta2

This version does not include the examples. It is meant to run on both php4 and php5.

There is no 1.3.beta2 version of the examples, please use examples version 1.3.beta1.

What's new

Since phpPeanuts 1.3.beta1a

• Added Print buttons to reports
• Many notifications "Only variable references should be returned by reference" eliminated
• PntErrorHandler now allways dies on fatal errors, even if they are not reported.
• PntErrorHandler support added for E_RECOVERABLE_ERROR. Behaves like php: die() if this kind of error occurs. If you do not want it to die(), copy the dieIfFatal function to ErrorHandler and modify it there.
• PntPage::includeSkin now protected against include exploits*
• mysql_real_escape_string now used for escaping SQL parameters
• error logging now by default on PHP's system logger**
• Several other security improvements and small bugfixes, see changes.txt.

* measure to protect application developers. The framework itself does and did not not use unchecked request data for includeSkin.
** php-writable files (including an error log file) on a webserver are considered a security risk. Assumes you want to avoid that risk.

Since phpPeanuts 1.3.beta1

• Inspect.php fixed include exploit; unserialize by default disabled

Since phpPeanuts 1.2.0

• NtoMRelationDialogWidget looks like a normal DialogWidget, but instead of opening an ObjectDialog it will open an ObjectNtoMDialog that looks much like an ObjectMtoNPropertyPage.
• ObjectEditDetailsDialog allows to quickly create new objects in response to a 'New' button added to Object(MtoN)Dialoog and ObjectMtoNPropertyPage.
• ArchDate is a ValueObject (google for the patter) representing archaelological dates back to 50e9 bC. These can be stored as strings in a database, sorted by the database and selected using < etc.
• PntSqlJoinFilter can now be used to search for values navigating over 1 to m and m to n relationships (the last requires a path of three steps). A remark must be made that the combination of JOIN and GROUP BY it uses, if not optimized very well by the database, can be slow on large tables (simple search makes it vary easy to combine many filters, combining many filters navigating x to m relationships may not be a good idea)
• PntMarkedItemsCollector was factored out from ObjectDeleteMarkedAction makes it easy to collect the peanuts corresponding to items in an ItemTable from your own Action or Page class.
• SearchPage sorting.
  The sorting is done server side and will support multiple sort criteria. The user can set the sort criterium by clicking on a columnheader, or throough a dialog that supports multiple sort criteria. Each criterium can be selected from the same list of filters as shown in the advanced search and can be set Ascending or descending.
• SelectWidget can now be used for options of primitve types and is used for non-compulsory boolean properties to allow selection of null value.
• some refactoring and small changes, see changes.txt.

Portablility

This version is meant to run on both php4 and php5, the last with zend.ze1_compatibility_mode = On as well as Off. On php5 the code will not be free of E_STRICT notifications.

If you want your application code to be portable too it has to follow certain rules:

• only use php4 syntax, keywords and functions,
• allways assign or pass objects by explicit variable reference (&),
• use the functions from classes/pnt/php4Functions.php and php5Functions.php where applicable,
• don't change the zend.ze1 compatibilty mode after php5Functions.php has been included, it will not dynamically adapt to such a change.

Like phpPeanuts, code that follows these rules should be able to run with equal behavior without modification on both platforms, and on php5 with both zend.ze1 compatibility settings. However, there may still be differences in areas of php that phpPeanuts does not use. This may require some further wrapper functions to be added.

For object oriented application frameworks like phpPeanuts php5 is a much better platform than php4. However, some people are still using php4 as their deployment platform because some website hosting accounts do not yet support php5. PhpPeanuts up to the production release of version 1.3 will be compatible with php4. Next version of phpPeanuts will probably be for php5 only.

Known bugs and limitations

1. not tested with php5.1. Because we solved most of the the problems that where where found with php5.2 we assume it will work with 5.1 too.
2. With php 4.4 and 5.2.0 (documentation suggests the same will happen with 5.1) phpPeanuts still triggers some notifications "Only variable references should be returned by reference". PhpPeanuts intensively uses variable references. With respect to references it is like php has broken with the principle of automatic type conversion: whenever a value has to be converted to a reference automatically, notifications are triggered. To avoid these notifications arrays are from now on to be passed by value. In the framework core most of these notifications have been fixed. Some notifications remain: When a function that returns an Error it is not first put into a variable. For this beta we do not consider this enough of a problem to delay its release.
3. Examples and tests produce "Only variable references should be returned by reference" notifications on php4.4 and 5.1 and up. SqlJoinFilterTest produces E_RECOVERABLE_ERRORs on php5.2.
4. Column mappings may not be consequently applied. If you need to set a columnName different to the propertyName on an PropertyDescriptor, test your applications database persistence functionality thouroughly. (we don't use this feature ourselves. If someone is using it, please report on how it works and on bugs, otherwise this may never be resolved).
5. Reference Anomalies: Before the generic workaround was applied (introduced in 1.1 beta 1, released dd 16-11-2004), use of references by phpPeanuts occasionally made uninitialized php variables or associations arbitrarily hold values that seemed to come from another variable. This rarily happened and since the generic workaround it never happend again, so we recon this issue closed. However, it is impossible to guarantee that the problem has been eliminated once and for all. Do not use phpPeanuts for mission critical applications.
6. Though the framework has a class that is pointed to become the database abstraction layer, there is still quite some code that does not delegate to this layer, but will clearly have to delegate if phpPeanuts has to work on other databases.
7. produces E_STRICT notifications on php5 (see under portability).