Codeigniter Version 3.0.3 latest release updates

Now it’s time to check for latest updates in codeigniter framework, now let’s discuss about codeigniter latest release updates, British Columbia Institute of Technology release latest update on October 31, 2015.
1) It’s majorly concentrates on security and database, now let’s check what are the changes had made to security below.
 Fixed an cross site scripting vector in security library, which is located under < library /security>
 This security library can be applied for all post and cookie data by enabling it, let’s check how to enable it in codeigniter.
 Go to application/config/config.php , open the file and change the settings to
$config [‘global_xss_filtering’] = TRUE;
 We can also use this security library individually by calling library in controller, to use throughout the class. Let’s check below code to call security library in controller.

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Welcome extends CI_Controller 
              public function __construct() {

//Load helper and library.

Public function insertForm()
//Storing  POST method values
$data['non_xss']= array(
'firstname' => $this->input->post('firstname'),
'lastname' => $this->input->post('lastname'),
‘email’ =>   $this->input->post(‘email’),
‘city’ => $this->input->post(‘city’)
$data['xss_clean_data'] = $this->security->xss_clean($data['non_xss']);
// we can pass xss_clean_data to view by passing $data into view.
$this->load->view("view_form", $data);

Now just for demo , I had created a view in codeigniter to display xss_clean_data in view ,here you can create input form by yourself , I just created output form for example, check code below.

<div class="bs-example table-bordered">
   <div class="table-color">
    <div class="dvder"></div>
    <div class="dvder"></div>
    <form class="form-horizontal" name="firstform">
        <div class="form-group">
            <label for="inputFirstname" class="control-label col-xs-2">First Name</label>
            <div class="col-xs-10">
               <p> <?php echo $xss_clean_data['firstname'] ?></p>
         <div class="form-group">
            <label for="inputLastname" class="control-label col-xs-2">Last Name</label>
            <div class="col-xs-10">
               <p> <?php echo $xss_clean_data['lastname'] ?></p>
        <div class="form-group">
            <label for="inputEmail" class="control-label col-xs-2">Email</label>
            <div class="col-xs-10">
                <p> <?php echo $xss_clean_data['email'] ?></p>
         <div class="form-group">
            <label for="inputEmail" class="control-label col-xs-2">City</label>
            <div class="col-xs-10">
               <p> <?php echo $xss_clean_data['city'] ?></p>

2) Now check second modification done in security, here in libraries /config file base_url() to fallback to $_server[‘server_addr’] when $config[‘base_url’] is empty in order to void Host header injections.
Here $_server[‘server_addr’] returns the IP address of the server under which the current script is executing.
3) Why we use captcha? As per my knowledge CAPTCHAs has been broken in research with image processing techniques but still requires practical implementation and it’s just a matter of time.
Here mostly captcha is applied for input forms, to know whether Web robots or users. How to use this captcha in codeigniter? You can find solution in below link
4) Here in database we found new change log related to csv_from_result(),which is used to generate a CSV file from a query result. The first parameter of the function must contain the result object from your query. Let’s check example below.


$Result= $this->db->query("SELECT * FROM  Student");

echo $this->dbutil->csv_from_result($Result);

Here in the function second parameter is delimiter and third parameter is newline, by default tabs are used as delimiter and “\n” is used as a new line.

$delimiter_parameter = ",";
$newline_parameter = "\r\n";

echo $this->dbutil->csv_from_result($Result, $delimiter_parameter,$newline_parameter);

READ  Error: $injector: unpr Unknown Provider

5) Now let’s discuss about trans_start() function in database, transactions have required a fair amount of work to implement since they demand that you to keep track of your queries and determine whether to commit or rollback based on the success or failure of your queries. This is particularly cumbersome with nested queries. In contrast, we’ve implemented a smart transaction system that does all this for you automatically (you can also manage your transactions manually if you choose to, but there’s really.

             $query = $this->db->query("SELECT * FROM registration WHERE emailid='".$username."' and  pass_encryption='".$password."'");
if ($this->db->trans_status() === FALSE)

If you are looking web hosting to host your codeigniter website, Sign Up for dreamhost web hosting services, which offers best services. There is special promo code for eknowledgetree readers please click below link to avail offer.


Thanks for reading this article, for any queries please use comment system

Leave a Reply