No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.

UPGRADE.md 17KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355
  1. Upgrading Instructions for Yii Framework v2
  2. ===========================================
  3. !!!IMPORTANT!!!
  4. The following upgrading instructions are cumulative. That is,
  5. if you want to upgrade from version A to version C and there is
  6. version B between A and C, you need to following the instructions
  7. for both A and B.
  8. Upgrade from Yii 2.0.2
  9. ----------------------
  10. Starting from version 2.0.3 Yii `Security` component relies on OpenSSL crypto lib instead of Mcrypt. The reason is that
  11. Mcrypt is abandoned and isn't maintained for years. Therefore your PHP should be compiled with OpenSSL support. Most
  12. probably there's nothing to worry because it is quite typical.
  13. If you've extended `yii\base\Security` to override any of the config constants you have to update your code:
  14. - `MCRYPT_CIPHER` — now encoded in `$cipher` (and hence `$allowedCiphers`).
  15. - `MCRYPT_MODE` — now encoded in `$cipher` (and hence `$allowedCiphers`).
  16. - `KEY_SIZE` — now encoded in `$cipher` (and hence `$allowedCiphers`).
  17. - `KDF_HASH` — now `$kdfHash`.
  18. - `MAC_HASH` — now `$macHash`.
  19. - `AUTH_KEY_INFO` — now `$authKeyInfo`.
  20. Upgrade from Yii 2.0.0
  21. ----------------------
  22. * Upgraded Twitter Bootstrap to [version 3.3.x](http://blog.getbootstrap.com/2014/10/29/bootstrap-3-3-0-released/).
  23. If you need to use an older version (i.e. stick with 3.2.x) you can specify that in your `composer.json` by
  24. adding the following line in the `require` section:
  25. ```json
  26. "bower-asset/bootstrap": "3.2.*",
  27. ```
  28. Upgrade from Yii 2.0 RC
  29. -----------------------
  30. * If you've implemented `yii\rbac\ManagerInterface` you need to add implementation for new method `removeChildren()`.
  31. * The input dates for datetime formatting are now assumed to be in UTC unless a timezone is explicitly given.
  32. Before, the timezone assumed for input dates was the default timezone set by PHP which is the same as `Yii::$app->timeZone`.
  33. This causes trouble because the formatter uses `Yii::$app->timeZone` as the default values for output so no timezone conversion
  34. was possible. If your timestamps are stored in the database without a timezone identifier you have to ensure they are in UTC or
  35. add a timezone identifier explicitly.
  36. * `yii\bootstrap\Collapse` is now encoding labels by default. `encode` item option and global `encodeLabels` property were
  37. introduced to disable it. Keys are no longer used as labels. You need to remove keys and use `label` item option instead.
  38. * The `yii\base\View::beforeRender()` and `yii\base\View::afterRender()` methods have two extra parameters `$viewFile`
  39. and `$params`. If you are overriding these methods, you should adjust the method signature accordingly.
  40. * If you've used `asImage` formatter i.e. `Yii::$app->formatter->asImage($value, $alt);` you should change it
  41. to `Yii::$app->formatter->asImage($value, ['alt' => $alt]);`.
  42. * Yii now requires `cebe/markdown` 1.0.0 or higher, which includes breaking changes in its internal API. If you extend the markdown class
  43. you need to update your implementation. See <https://github.com/cebe/markdown/releases/tag/1.0.0-rc> for details.
  44. If you just used the markdown helper class there is no need to change anything.
  45. * If you are using CUBRID DBMS, make sure to use at least version 9.3.0 as the server and also as the PDO extension.
  46. Quoting of values is broken in prior versions and Yii has no reliable way to work around this issue.
  47. A workaround that may have worked before has been removed in this release because it was not reliable.
  48. Upgrade from Yii 2.0 Beta
  49. -------------------------
  50. * If you are using Composer to upgrade Yii, you should run the following command first (once for all) to install
  51. the composer-asset-plugin, *before* you update your project:
  52. ```
  53. php composer.phar global require "fxp/composer-asset-plugin:1.0.0"
  54. ```
  55. You also need to add the following code to your project's `composer.json` file:
  56. ```json
  57. "extra": {
  58. "asset-installer-paths": {
  59. "npm-asset-library": "vendor/npm",
  60. "bower-asset-library": "vendor/bower"
  61. }
  62. }
  63. ```
  64. It is also a good idea to upgrade composer itself to the latest version if you see any problems:
  65. ```
  66. php composer.phar self-update
  67. ```
  68. * If you used `clearAll()` or `clearAllAssignments()` of `yii\rbac\DbManager`, you should replace
  69. them with `removeAll()` and `removeAllAssignments()` respectively.
  70. * If you created RBAC rule classes, you should modify their `execute()` method by adding `$user`
  71. as the first parameter: `execute($user, $item, $params)`. The `$user` parameter represents
  72. the ID of the user currently being access checked. Previously, this is passed via `$params['user']`.
  73. * If you override `yii\grid\DataColumn::getDataCellValue()` with visibility `protected` you have
  74. to change visibility to `public` as visibility of the base method has changed.
  75. * If you have classes implementing `yii\web\IdentityInterface` (very common), you should modify
  76. the signature of `findIdentityByAccessToken()` as
  77. `public static function findIdentityByAccessToken($token, $type = null)`. The new `$type` parameter
  78. will contain the type information about the access token. For example, if you use
  79. `yii\filters\auth\HttpBearerAuth` authentication method, the value of this parameter will be
  80. `yii\filters\auth\HttpBearerAuth`. This allows you to differentiate access tokens taken by
  81. different authentication methods.
  82. * If you are sharing the same cache across different applications, you should configure
  83. the `keyPrefix` property of the cache component to use some unique string.
  84. Previously, this property was automatically assigned with a unique string.
  85. * If you are using `dropDownList()`, `listBox()`, `activeDropDownList()`, or `activeListBox()`
  86. of `yii\helpers\Html`, and your list options use multiple blank spaces to format and align
  87. option label texts, you need to specify the option `encodeSpaces` to be true.
  88. * If you are using `yii\grid\GridView` and have configured a data column to use a PHP callable
  89. to return cell values (via `yii\grid\DataColumn::value`), you may need to adjust the signature
  90. of the callable to be `function ($model, $key, $index, $widget)`. The `$key` parameter was newly added
  91. in this release.
  92. * `yii\console\controllers\AssetController` is now using hashes instead of timestamps. Replace all `{ts}` with `{hash}`.
  93. * The database table of the `yii\log\DbTarget` now needs a `prefix` column to store context information.
  94. You can add it with `ALTER TABLE log ADD COLUMN prefix TEXT AFTER log_time;`.
  95. * The `fileinfo` PHP extension is now required by Yii. If you use `yii\helpers\FileHelper::getMimeType()`, make sure
  96. you have enabled this extension. This extension is [builtin](http://www.php.net/manual/en/fileinfo.installation.php) in php above `5.3`.
  97. * Please update your main layout file by adding this line in the `<head>` section: `<?= Html::csrfMetaTags() ?>`.
  98. This change is needed because `yii\web\View` no longer automatically generates CSRF meta tags due to issue #3358.
  99. * If your model code is using the `file` validation rule, you should rename its `types` option to `extensions`.
  100. * `MailEvent` class has been moved to the `yii\mail` namespace. You have to adjust all references that may exist in your code.
  101. * The behavior and signature of `ActiveRecord::afterSave()` has changed. `ActiveRecord::$isNewRecord` will now always be
  102. false in afterSave and also dirty attributes are not available. This change has been made to have a more consistent and
  103. expected behavior. The changed attributes are now available in the new parameter of afterSave() `$changedAttributes`.
  104. `$changedAttributes` contains the old values of attributes that had changed and were saved.
  105. * `ActiveRecord::updateAttributes()` has been changed to not trigger events and not respect optimistic locking anymore to
  106. differentiate it more from calling `update(false)` and to ensure it can be used in `afterSave()` without triggering infinite
  107. loops.
  108. * If you are developing RESTful APIs and using an authentication method such as `yii\filters\auth\HttpBasicAuth`,
  109. you should explicitly configure `yii\web\User::enableSession` in the application configuration to be false to avoid
  110. starting a session when authentication is performed. Previously this was done automatically by authentication method.
  111. * `mail` component was renamed to `mailer`, `yii\log\EmailTarget::$mail` was renamed to `yii\log\EmailTarget::$mailer`.
  112. Please update all references in the code and config files.
  113. * `yii\caching\GroupDependency` was renamed to `TagDependency`. You should create such a dependency using the code
  114. `new \yii\caching\TagDependency(['tags' => 'TagName'])`, where `TagName` is similar to the group name that you
  115. previously used.
  116. * If you are using the constant `YII_PATH` in your code, you should rename it to `YII2_PATH` now.
  117. * You must explicitly configure `yii\web\Request::cookieValidationKey` with a secret key. Previously this is done automatically.
  118. To do so, modify your application configuration like the following:
  119. ```php
  120. return [
  121. // ...
  122. 'components' => [
  123. 'request' => [
  124. 'cookieValidationKey' => 'your secret key here',
  125. ],
  126. ],
  127. ];
  128. ```
  129. > Note: If you are using the `Advanced Application Template` you should not add this configuration to `common/config`
  130. or `console/config` because the console application doesn't have to deal with CSRF and uses its own request that
  131. doesn't have `cookieValidationKey` property.
  132. * `yii\rbac\PhpManager` now stores data in three separate files instead of one. In order to convert old file to
  133. new ones save the following code as `convert.php` that should be placed in the same directory your `rbac.php` is in:
  134. ```php
  135. <?php
  136. $oldFile = 'rbac.php';
  137. $itemsFile = 'items.php';
  138. $assignmentsFile = 'assignments.php';
  139. $rulesFile = 'rules.php';
  140. $oldData = include $oldFile;
  141. function saveToFile($data, $fileName) {
  142. $out = var_export($data, true);
  143. $out = "<?php\nreturn " . $out . ";";
  144. $out = str_replace(['array (', ')'], ['[', ']'], $out);
  145. file_put_contents($fileName, $out);
  146. }
  147. $items = [];
  148. $assignments = [];
  149. if (isset($oldData['items'])) {
  150. foreach ($oldData['items'] as $name => $data) {
  151. if (isset($data['assignments'])) {
  152. foreach ($data['assignments'] as $userId => $assignmentData) {
  153. $assignments[$userId][] = $assignmentData['roleName'];
  154. }
  155. unset($data['assignments']);
  156. }
  157. $items[$name] = $data;
  158. }
  159. }
  160. $rules = [];
  161. if (isset($oldData['rules'])) {
  162. $rules = $oldData['rules'];
  163. }
  164. saveToFile($items, $itemsFile);
  165. saveToFile($assignments, $assignmentsFile);
  166. saveToFile($rules, $rulesFile);
  167. echo "Done!\n";
  168. ```
  169. Run it once, delete `rbac.php`. If you've configured `authFile` property, remove the line from config and instead
  170. configure `itemFile`, `assignmentFile` and `ruleFile`.
  171. * Static helper `yii\helpers\Security` has been converted into an application component. You should change all usage of
  172. its methods to a new syntax, for example: instead of `yii\helpers\Security::hashData()` use `Yii::$app->getSecurity()->hashData()`.
  173. The `generateRandomKey()` method now produces not an ASCII compatible output. Use `generateRandomString()` instead.
  174. Default encryption and hash parameters has been upgraded. If you need to decrypt/validate data that was encrypted/hashed
  175. before, use the following configuration of the 'security' component:
  176. ```php
  177. return [
  178. 'components' => [
  179. 'security' => [
  180. 'derivationIterations' => 1000,
  181. ],
  182. // ...
  183. ],
  184. // ...
  185. ];
  186. ```
  187. * If you are using query caching, you should modify your relevant code as follows, as `beginCache()` and `endCache()` are
  188. replaced by `cache()`:
  189. ```php
  190. $db->cache(function ($db) {
  191. // ... SQL queries that need to use query caching
  192. }, $duration, $dependency);
  193. ```
  194. * Due to significant changes to security you need to upgrade your code to use `\yii\base\Security` component instead of
  195. helper. If you have any data encrypted it should be re-encrypted. In order to do so you can use old security helper
  196. [as explained by @docsolver at github](https://github.com/yiisoft/yii2/issues/4461#issuecomment-50237807).
  197. * [[yii\helpers\Url::to()]] will no longer prefix base URL to relative URLs. For example, `Url::to('images/logo.png')`
  198. will return `images/logo.png` directly. If you want a relative URL to be prefix with base URL, you should make use
  199. of the alias `@web`. For example, `Url::to('@web/images/logo.png')` will return `/BaseUrl/images/logo.png`.
  200. * The following properties are now taking `false` instead of `null` for "don't use" case:
  201. - `yii\bootstrap\NavBar::$brandLabel`.
  202. - `yii\bootstrap\NavBar::$brandUrl`.
  203. - `yii\bootstrap\Modal::$closeButton`.
  204. - `yii\bootstrap\Modal::$toggleButton`.
  205. - `yii\bootstrap\Alert::$closeButton`.
  206. - `yii\widgets\LinkPager::$nextPageLabel`.
  207. - `yii\widgets\LinkPager::$prevPageLabel`.
  208. - `yii\widgets\LinkPager::$firstPageLabel`.
  209. - `yii\widgets\LinkPager::$lastPageLabel`.
  210. * The format of the Faker fixture template is changed. For an example, please refer to the file
  211. `apps/advanced/common/tests/templates/fixtures/user.php`.
  212. * The signature of all file downloading methods in `yii\web\Response` is changed, as summarized below:
  213. - `sendFile($filePath, $attachmentName = null, $options = [])`
  214. - `sendContentAsFile($content, $attachmentName, $options = [])`
  215. - `sendStreamAsFile($handle, $attachmentName, $options = [])`
  216. - `xSendFile($filePath, $attachmentName = null, $options = [])`
  217. * The signature of callbacks used in `yii\base\ArrayableTrait::fields()` is changed from `function ($field, $model) {`
  218. to `function ($model, $field) {`.
  219. * `Html::radio()`, `Html::checkbox()`, `Html::radioList()`, `Html::checkboxList()` no longer generate the container
  220. tag around each radio/checkbox when you specify labels for them. You should manually render such container tags,
  221. or set the `item` option for `Html::radioList()`, `Html::checkboxList()` to generate the container tags.
  222. * The formatter class has been refactored to have only one class regardless whether PHP intl extension is installed or not.
  223. Functionality of `yii\base\Formatter` has been merged into `yii\i18n\Formatter` and `yii\base\Formatter` has been
  224. removed so you have to replace all usage of `yii\base\Formatter` with `yii\i18n\Formatter` in your code.
  225. Also the API of the Formatter class has changed in many ways.
  226. The signature of the following Methods has changed:
  227. - `asDate`
  228. - `asTime`
  229. - `asDatetime`
  230. - `asSize` has been split up into `asSize` and `asShortSize`
  231. - `asCurrency`
  232. - `asDecimal`
  233. - `asPercent`
  234. - `asScientific`
  235. The following methods have been removed, this also means that the corresponding format which may be used by a
  236. GridView or DetailView is not available anymore:
  237. - `asNumber`
  238. - `asDouble`
  239. Also due to these changes some formatting defaults have changes so you have to check all your GridView and DetailView
  240. configuration and make sure the formatting is displayed correctly.
  241. The configuration for `asSize()` has changed. It now uses the configuration for the number formatting from intl
  242. and only the base is configured using `$sizeFormatBase`.
  243. The specification of the date and time formats is now using the ICU pattern format even if PHP intl extension is not installed.
  244. You can prefix a date format with `php:` to use the old format of the PHP `date()`-function.
  245. * The DateValidator has been refactored to use the same format as the Formatter class now (see previous change).
  246. When you use the DateValidator and did not specify a format it will now be what is configured in the formatter class instead of 'Y-m-d'.
  247. To get the old behavior of the DateValidator you have to set the format explicitly in your validation rule:
  248. ```php
  249. ['attributeName', 'date', 'format' => 'php:Y-m-d'],
  250. ```
  251. * `beforeValidate()`, `beforeValidateAll()`, `afterValidate()`, `afterValidateAll()`, `ajaxBeforeSend()` and `ajaxComplete()`
  252. are removed from `ActiveForm`. The same functionality is now achieved via JavaScript event mechanism like the following:
  253. ```js
  254. $('#myform').on('beforeValidate', function (event, messages, deferreds) {
  255. // called when the validation is triggered by submitting the form
  256. // return false if you want to cancel the validation for the whole form
  257. }).on('beforeValidateAttribute', function (event, attribute, messages, deferreds) {
  258. // before validating an attribute
  259. // return false if you want to cancel the validation for the attribute
  260. }).on('afterValidateAttribute', function (event, attribute, messages) {
  261. // ...
  262. }).on('afterValidate', function (event, messages) {
  263. // ...
  264. }).on('beforeSubmit', function () {
  265. // after all validations have passed
  266. // you can do ajax form submission here
  267. // return false if you want to stop form submission
  268. });
  269. ```
  270. * The signature of `View::registerJsFile()` and `View::registerCssFile()` has changed. The `$depends` and `$position`
  271. paramaters have been merged into `$options`. The new signatures are as follows:
  272. - `registerJsFile($url, $options = [], $key = null)`
  273. - `registerCssFile($url, $options = [], $key = null)`