userscape / php-customerio Goto Github PK

If an attribute value begins with a '@' character, guzzle will interpret this as a request to load a file, per http://guzzle3.readthedocs.org/http-client/request.html .

It doesn't appear that you are sanitizing the input, and this can lead to the ability to read any files on the filesystem that PHP has access to.

I can't import old events, it still shows me current date. Is there any available function to import old events?

It's been a while since a release was tagged.

When sending an event with no data attached, the empty PHP array ($data = array()) is converted by PHP to an empty JSON collection (data: []) in the request.

Technically this is correct but Customer.io's servers need it to come in as an empty object/hash (data: {}). Previously they were more forgiving about it, but a recent update (Thursday or Friday of last week) has made their API more restrictive, causing it to reject events where the data attribute is an empty JSON collection instead of an empty object.

I've contacted Customer.io about the issue, in hopes that they will fix it on their end.

However if they don't, the fix is pretty simple. The parseData() method simply needs to check to see if it's being given an empty array and conditionally return an empty object:

<?php namespace Customerio;

use stdClass;

...

protected function parseData(array $data)
{
    if (empty($data))
    {
        return new stdClass;
    }

    return array('data' => $data);
}

If Customer.io gets back to me and says they won't be revert the change on their end (so their API is more forgiving), I'll file this fix as a formal pull request. Just wanted to note it here in case anyone is running into trouble and wants to apply a hotfix.

Getting a guzzle version conflict in L4.2, which has guzzle 3.9.*

Can we bump this in here please?

Would you consider re-tagging 1.0.4 as 2.0.0?

From a semver perspective, minor and patch releases (1.*.*) should only provide non-breaking fixes.

Because the Guzzle 6 change in #18 will break back-compat with PHP 5.3 and 5.4, semver would require a bump in the major version 2.0.0 (patch and minor releases, e.g. 1.0.4 or 1.1.0, must maintain backcompat with the major version).

The git commands to remove 1.0.4 and retag as 2.0.0:

git tag -d 1.0.4 && git push origin :refs/tags/1.0.4 && git tag -a 2.0.0 -m "2.0.0" && git push --tags

Just want to avoid folks who get caught off-guard, if they're doing 1.* or ~1.0 in their composer.json files and expect no breaking changes.

https://github.com/UserScape/php-customerio/blob/master/src/Customerio/Request.php#L172

This method converts array into hash resulting in the impossibility to sort items and other weird behaviours

fixed by #15