Zend Framework 1.12.8 Released!

2014-08-26 | By: Matthew Weier O'Phinney

The Zend Framework community is pleased to announce the immediate availability of Zend Framework 1.12.8!

This is a maintenance release.

Notable Changes

  • #418 Improved regex for SQL group, order, from statement. This is an improvement of the Security Advisory ZF2014-04, to prevent potential SQL injection. This PR that can be a potential BC break for complex SQL code. See below for more information.
  • #360 updates Zend_Locale to use CLDR version 25.
  • #98 allows editing and flattening of text form fields within PDF documents.
  • #375 implements Zend_Pdf::setJavascript(), Zend_Pdf::addJavascript() and Zend_Pdf::resetJavaScript().
  • #414 adds the Microsoft_Console component from the Windows Azure SDK for PHP into the Zend_Service_Console component, ensuring that WindowsAzure command line functionality included in the framework can now work.
  • #385 adds support for DateTime fractional seconds under PHP 5.6+.
  • #382 ensures that orphaned metadata cache files are removed when Zend_Cache::CLEANING_MODE_ALL is used.
  • #410 ensures that calls to reset the status of the libxml entity loader happen as soon as possible, to prevent potential threading issues under php-fpm (since the settings are per process, not per-request, in that environment).

See the changelog for full details.

Potential BC break

The PR #418 can introduces potential BC break in presence of complex SQL statements (for instance using SQL sub-functions).

To fix this you can use Zend_Db_Expr() in the group(), order() or from() functions, if your SQL code doesn't work after the upgrade to ZF 1.12.8.

Thank You!

As always, I'd like to thank the many contributors who made this release possible!


  • 2014-09-04: Added section on potential BC break.


© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.