All notable changes to laravel-query-builder will be documented in this file
- removed request macros
- sorts and field selects are not allowed by default
- field aliases
- bugfix: remove duplicate parsing of (default) sort clauses
- bugfix: replace missing
sort()method onQueryBuilderRequest - bugfix: don't escape
allowedSorts and their aliases - bugfix: don't escape
allowedFields
- security fixes
- security fixes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- moved features to traits
- started using
QueryBuilderRequestto read data from the current request - deprecated request macros (
Request::filters(),Request::includes(), etc...) - raised minimum supported Laravel version to 5.6.34
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for multiple default sorts (#214)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for Laravel 5.5 and up (again)
- add support for PHP 7.1 and up (again)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix default sort not parsing correctly (#178)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- drop support for Laravel 5.7 and lower
- drop support for PHP 7.1 and lower
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add aliased sorts (#164)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for Laravel 5.8
- use Str:: and Arr:: instead of helper methods
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix detection of false-positives for ignored values (#154)
- fix broken morphTo includes (#130)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow ignoring specific filter values using
$filter->ignore() - allow filtering related model attributes
allowedFilters('related-model.name') - fix for filtering by relation model properties
- add custom sort classes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow differently named columns
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix exception when using filters with nested arrays (#117)
- fix overwritten fields when using
allowedIncludeswith many-to-many relationships (#118)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix exception when using
allowedFields()but selecting none
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add
allowedFieldsmethod - fix & cleanup
Request::fields()macro - fix fields option (
SELECT * FROM tableinstead ofSELECT table.* FROM table)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix parsing empty filters from url
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- improve compatibility with Lumen
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for Laravel 5.7
- add framework/laravel as a dependency
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- improve compatibility with Lumen by only publishing the config file in console mode
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for instantiated custom filter classes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix for using reserved SQL words as attributes in Postgres
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- make sure filtering on string with special characters just works
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix for using reserved SQL words as attributes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- resolved #14
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- prevent double sorting statments
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- improvements around field selection
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add
Filter::scope()for querying scopes - explicitly defining parent includes in nested queries is no longer required
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add
allowedAppends()
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add ability to customize query parameter names
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for selecting specific columns using
?fields[table]=field_name
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow arrays in filters
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for Laravel 5.6
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix: initializing scopes, macro's, the onDelete callback and eager loads from base query on QueryBuilder
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- use specific exceptions for every invalid query
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow multiple sorts
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow
allowedIncludes,allowedFiltersandallowedSortsto accept arrays
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- remove auto registering facade from composer.json
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for global scopes and soft deletes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- bugfix: revert #11 (escaping
_and%in LIKE queries)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- escape
_and%in LIKE queries
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add ability to set a default sort attribute
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- bugfix: using
allowedSortstogether with an empty sort query parameter no longer throws an exception
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- initial release! 🎉