Merge branch '2.3' of https://github.com/cakephp/cakephp into feature/smtp-tls

2025-01-31 17:16:18 +00:00 · 2012-07-23 22:24:10 +01:00 · 2012-07-23 22:24:10 +01:00 · 17db6f9d23
commit 17db6f9d23
parent f1250a3609 2359fb7e2e
19 changed files with 349 additions and 49 deletions
--- a/lib/Cake/Console/Templates/skel/Controller/PagesController.php
+++ b/lib/Cake/Console/Templates/skel/Controller/PagesController.php
@ -18,6 +18,7 @@
 * @since         CakePHP(tm) v 0.2.9
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
+App::uses('AppController', 'Controller');

 /**
 * Static content controller
--- a/lib/Cake/Controller/CakeErrorController.php
+++ b/lib/Cake/Controller/CakeErrorController.php
@ -18,6 +18,7 @@
 * @since         CakePHP(tm) v 2.0
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
+App::uses('AppController', 'Controller');

 /**
 * Error Handling Controller
--- a/lib/Cake/Controller/Component/PaginatorComponent.php
+++ b/lib/Cake/Controller/Component/PaginatorComponent.php
@ -16,6 +16,7 @@
 * @since         CakePHP(tm) v 2.0
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
+App::uses('Component', 'Controller');
 App::uses('Hash', 'Utility');

 /**
@ -50,6 +51,20 @@ App::uses('Hash', 'Utility');
 *
 * This would allow you to have different pagination settings for `Comment` and `Post` models.
 *
+ * #### Paginating with custom finders
+ *
+ * You can paginate with any find type defined on your model using the `findType` option.
+ *
+ * {{{
+ * $this->Paginator->settings = array(
+ *		'Post' => array(
+ *			'findType' => 'popular'
+ *		)
+ * );
+ * }}}
+ *
+ * Would paginate using the `find('popular')` method.
+ *
 * @package       Cake.Controller.Component
 * @link http://book.cakephp.org/2.0/en/core-libraries/components/pagination.html
 */
--- a/lib/Cake/Controller/Component/RequestHandlerComponent.php
+++ b/lib/Cake/Controller/Component/RequestHandlerComponent.php
@ -19,6 +19,7 @@
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */

+App::uses('Component', 'Controller');
 App::uses('Xml', 'Utility');

 /**
--- a/lib/Cake/Error/ExceptionRenderer.php
+++ b/lib/Cake/Error/ExceptionRenderer.php
@ -23,6 +23,7 @@
 App::uses('Sanitize', 'Utility');
 App::uses('Router', 'Routing');
 App::uses('CakeResponse', 'Network');
+App::uses('Controller', 'Controller');

 /**
 * Exception Renderer.
--- a/lib/Cake/Log/CakeLog.php
+++ b/lib/Cake/Log/CakeLog.php
@ -88,14 +88,14 @@ class CakeLog {
 * @var array
 */
 	protected static $_defaultLevels = array(
-		LOG_EMERG => 'emergency',
-		LOG_ALERT => 'alert',
-		LOG_CRIT => 'critical',
-		LOG_ERR => 'error',
-		LOG_WARNING => 'warning',
-		LOG_NOTICE => 'notice',
-		LOG_INFO => 'info',
-		LOG_DEBUG => 'debug',
+		'emergency' => LOG_EMERG,
+		'alert' => LOG_ALERT,
+		'critical' => LOG_CRIT,
+		'error' => LOG_ERR,
+		'warning' => LOG_WARNING,
+		'notice' => LOG_NOTICE,
+		'info' => LOG_INFO,
+		'debug' => LOG_DEBUG,
 	);

 /**
@ -276,8 +276,8 @@ class CakeLog {
 * @return array default log levels
 */
 	public static function defaultLevels() {
-		self::$_levels = self::$_defaultLevels;
-		self::$_levelMap = array_flip(self::$_levels);
+		self::$_levelMap = self::$_defaultLevels;
+		self::$_levels = array_flip(self::$_levelMap);
 		return self::$_levels;
 	}

--- a/lib/Cake/Model/Behavior/AclBehavior.php
+++ b/lib/Cake/Model/Behavior/AclBehavior.php
@ -18,6 +18,7 @@
 * @since         CakePHP v 1.2.0.4487
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
+App::uses('ModelBehavior', 'Model');
 App::uses('AclNode', 'Model');
 App::uses('Hash', 'Utility');

--- a/lib/Cake/Model/Behavior/ContainableBehavior.php
+++ b/lib/Cake/Model/Behavior/ContainableBehavior.php
@ -18,6 +18,7 @@
 * @since         CakePHP(tm) v 1.2.0.5669
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
+App::uses('ModelBehavior', 'Model');

 /**
 * Behavior to allow for dynamic and atomic manipulation of a Model's associations
--- a/lib/Cake/Model/Behavior/TranslateBehavior.php
+++ b/lib/Cake/Model/Behavior/TranslateBehavior.php
@ -13,6 +13,7 @@
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */

+App::uses('ModelBehavior', 'Model');
 App::uses('I18n', 'I18n');
 App::uses('I18nModel', 'Model');

@ -395,9 +396,12 @@ class TranslateBehavior extends ModelBehavior {

 		$fields = array_merge($this->settings[$model->alias], $this->runtime[$model->alias]['fields']);
 		if ($created) {
-			foreach ($fields as $field) {
+			// set each field value to an empty string
+			foreach ($fields as $key => $field) {
+				if (!is_numeric($key)) {
+					$field = $key;
+				}
 				if (!isset($tempData[$field])) {
-					//set the field value to an empty string
 					$tempData[$field] = '';
 				}
 			}
--- a/lib/Cake/Model/Behavior/TreeBehavior.php
+++ b/lib/Cake/Model/Behavior/TreeBehavior.php
@ -18,6 +18,7 @@
 * @since         CakePHP v 1.2.0.4487
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
+App::uses('ModelBehavior', 'Model');

 /**
 * Tree Behavior.
--- a/lib/Cake/Model/I18nModel.php
+++ b/lib/Cake/Model/I18nModel.php
@ -12,6 +12,7 @@
 * @since         CakePHP(tm) v 1.2.0.4525
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
+App::uses('AppModel', 'Model');

 /**
 * A model used by TranslateBehavior to access the translation tables.
--- a/lib/Cake/Network/Email/CakeEmail.php
+++ b/lib/Cake/Network/Email/CakeEmail.php
@ -946,13 +946,17 @@ class CakeEmail {
 * $email->attachments(array('custom_name.png' => array(
 *		'file' => 'path/to/file',
 *		'mimetype' => 'image/png',
- *		'contentId' => 'abc123'
+ *		'contentId' => 'abc123',
+ *		'contentDisposition' => false
 * ));
 * }}}
 *
 * The `contentId` key allows you to specify an inline attachment. In your email text, you
 * can use `<img src="cid:abc123" />` to display the image inline.
 *
+ * The `contentDisposition` key allows you to disable the `Content-Disposition` header, this can improve
+ * attachment compatibility with outlook email clients.
+ *
 * @param string|array $attachments String with the filename or array with filenames
 * @return array|CakeEmail Either the array of attachments when getting or $this when setting.
 * @throws SocketException
@ -991,6 +995,7 @@ class CakeEmail {
 * @param string|array $attachments String with the filename or array with filenames
 * @return CakeEmail $this
 * @throws SocketException
+ * @see CakeEmail::attachments()
 */
 	public function addAttachments($attachments) {
 		$current = $this->_attachments;
@ -1355,7 +1360,12 @@ class CakeEmail {
 			$msg[] = '--' . $boundary;
 			$msg[] = 'Content-Type: ' . $fileInfo['mimetype'];
 			$msg[] = 'Content-Transfer-Encoding: base64';
-			$msg[] = 'Content-Disposition: attachment; filename="' . $filename . '"';
+			if (
+				!isset($fileInfo['contentDisposition']) ||
+				$fileInfo['contentDisposition']
+			) {
+				$msg[] = 'Content-Disposition: attachment; filename="' . $filename . '"';
+			}
 			$msg[] = '';
 			$msg[] = $data;
 			$msg[] = '';
--- a/lib/Cake/Test/Case/Log/CakeLogTest.php
+++ b/lib/Cake/Test/Case/Log/CakeLogTest.php
@ -214,12 +214,12 @@ class CakeLogTest extends CakeTestCase {
 		}
 		CakeLog::config('spam', array(
 			'engine' => 'FileLog',
-			'types' => 'info',
+			'types' => 'debug',
 			'file' => 'spam',
 		));
 		CakeLog::config('eggs', array(
 			'engine' => 'FileLog',
-			'types' => array('eggs', 'info', 'error', 'warning'),
+			'types' => array('eggs', 'debug', 'error', 'warning'),
 			'file' => 'eggs',
 		));

@ -229,13 +229,13 @@ class CakeLogTest extends CakeTestCase {
 		$this->assertTrue(file_exists(LOGS . 'eggs.log'));
 		$this->assertFalse(file_exists(LOGS . 'spam.log'));

-		CakeLog::write(LOG_INFO, $testMessage);
+		CakeLog::write(LOG_DEBUG, $testMessage);
 		$this->assertTrue(file_exists(LOGS . 'spam.log'));

 		$contents = file_get_contents(LOGS . 'spam.log');
-		$this->assertContains('Info: ' . $testMessage, $contents);
+		$this->assertContains('Debug: ' . $testMessage, $contents);
 		$contents = file_get_contents(LOGS . 'eggs.log');
-		$this->assertContains('Info: ' . $testMessage, $contents);
+		$this->assertContains('Debug: ' . $testMessage, $contents);

 		if (file_exists(LOGS . 'spam.log')) {
 			unlink(LOGS . 'spam.log');
@ -491,10 +491,10 @@ class CakeLogTest extends CakeTestCase {
 		$this->_resetLogConfig();
 		CakeLog::config('shops', array(
 			'engine' => 'FileLog',
-			'types' => array('info', 'notice', 'warning'),
+			'types' => array('info', 'debug', 'notice', 'warning'),
 			'scopes' => array('transactions', 'orders'),
 			'file' => 'shops',
-			));
+		));

 		CakeLog::info('info message', 'transactions');
 		$this->assertFalse(file_exists(LOGS . 'error.log'));
@ -540,14 +540,14 @@ class CakeLogTest extends CakeTestCase {
 		$testMessage = 'emergency message';
 		CakeLog::emergency($testMessage);
 		$contents = file_get_contents(LOGS . 'error.log');
-		$this->assertContains('Emergency: ' . $testMessage, $contents);
+		$this->assertRegExp('/(Emergency|Critical): ' . $testMessage . '/', $contents);
 		$this->assertFalse(file_exists(LOGS . 'debug.log'));
 		$this->_deleteLogs();

 		$testMessage = 'alert message';
 		CakeLog::alert($testMessage);
 		$contents = file_get_contents(LOGS . 'error.log');
-		$this->assertContains('Alert: ' . $testMessage, $contents);
+		$this->assertRegExp('/(Alert|Critical): ' . $testMessage . '/', $contents);
 		$this->assertFalse(file_exists(LOGS . 'debug.log'));
 		$this->_deleteLogs();

@ -575,14 +575,14 @@ class CakeLogTest extends CakeTestCase {
 		$testMessage = 'notice message';
 		CakeLog::notice($testMessage);
 		$contents = file_get_contents(LOGS . 'debug.log');
-		$this->assertContains('Notice: ' . $testMessage, $contents);
+		$this->assertRegExp('/(Notice|Debug): ' . $testMessage . '/', $contents);
 		$this->assertFalse(file_exists(LOGS . 'error.log'));
 		$this->_deleteLogs();

 		$testMessage = 'info message';
 		CakeLog::info($testMessage);
 		$contents = file_get_contents(LOGS . 'debug.log');
-		$this->assertContains('Info: ' . $testMessage, $contents);
+		$this->assertRegExp('/(Info|Debug): ' . $testMessage . '/', $contents);
 		$this->assertFalse(file_exists(LOGS . 'error.log'));
 		$this->_deleteLogs();

--- a/lib/Cake/Test/Case/Model/Behavior/TranslateBehaviorTest.php
+++ b/lib/Cake/Test/Case/Model/Behavior/TranslateBehaviorTest.php
@ -1,9 +1,5 @@
 <?php
 /**
- * TranslateBehaviorTest file
- *
- * PHP 5
- *
 * CakePHP(tm) Tests <http://book.cakephp.org/2.0/en/development/testing.html>
 * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 *
@ -12,7 +8,6 @@
 *
 * @copyright     Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 * @link          http://book.cakephp.org/2.0/en/development/testing.html CakePHP(tm) Tests
- * @package       Cake.Test.Case.Model.Behavior
 * @since         CakePHP(tm) v 1.2.0.5669
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
@ -1058,4 +1053,36 @@ class TranslateBehaviorTest extends CakeTestCase {
 		$this->assertNotContains('slug', $result);
 	}

+/**
+ * Test that additional records are not inserted for associated translations.
+ *
+ * @return void
+ */
+	public function testNoExtraRowsForAssociatedTranslations() {
+		$this->loadFixtures('Translate', 'TranslatedItem');
+		$TestModel = new TranslatedItem();
+		$TestModel->locale = 'spa';
+		$TestModel->unbindTranslation();
+		$TestModel->bindTranslation(array('name' => 'nameTranslate'));
+
+		$data = array(
+			'TranslatedItem' => array(
+				'slug' => 'spanish-name',
+				'name' => 'Spanish name',
+			),
+		);
+		$TestModel->create($data);
+		$TestModel->save();
+
+		$Translate = $TestModel->translateModel();
+		$results = $Translate->find('all', array(
+			'conditions' => array(
+				'locale' => $TestModel->locale,
+				'foreign_key' => $TestModel->id
+			)
+		));
+		$this->assertCount(1, $results, 'Only one field should be saved');
+		$this->assertEquals('name', $results[0]['TranslateTestModel']['field']);
+	}
+
 }
--- a/lib/Cake/Test/Case/Network/Email/CakeEmailTest.php
+++ b/lib/Cake/Test/Case/Network/Email/CakeEmailTest.php
@ -640,13 +640,20 @@ class CakeEmailTest extends CakeTestCase {
 */
 	public function testAttachments() {
 		$this->CakeEmail->attachments(CAKE . 'basics.php');
-		$expected = array('basics.php' => array('file' => CAKE . 'basics.php', 'mimetype' => 'application/octet-stream'));
+		$expected = array(
+			'basics.php' => array(
+				'file' => CAKE . 'basics.php',
+				'mimetype' => 'application/octet-stream'
+			)
+		);
 		$this->assertSame($this->CakeEmail->attachments(), $expected);

 		$this->CakeEmail->attachments(array());
 		$this->assertSame($this->CakeEmail->attachments(), array());

-		$this->CakeEmail->attachments(array(array('file' => CAKE . 'basics.php', 'mimetype' => 'text/plain')));
+		$this->CakeEmail->attachments(array(
+			array('file' => CAKE . 'basics.php', 'mimetype' => 'text/plain')
+		));
 		$this->CakeEmail->addAttachments(CAKE . 'bootstrap.php');
 		$this->CakeEmail->addAttachments(array(CAKE . 'bootstrap.php'));
 		$this->CakeEmail->addAttachments(array('other.txt' => CAKE . 'bootstrap.php', 'license' => CAKE . 'LICENSE.txt'));
@ -937,6 +944,43 @@ class CakeEmailTest extends CakeTestCase {
 		$this->assertContains('--' . $boundary . '--', $result['message']);
 	}

+/**
+ * Test disabling content-disposition.
+ *
+ * @return void
+ */
+	public function testSendWithNoContentDispositionAttachments() {
+		$this->CakeEmail->transport('debug');
+		$this->CakeEmail->from('cake@cakephp.org');
+		$this->CakeEmail->to('cake@cakephp.org');
+		$this->CakeEmail->subject('My title');
+		$this->CakeEmail->emailFormat('text');
+		$this->CakeEmail->attachments(array(
+			'cake.png' => array(
+				'file' => CAKE . 'VERSION.txt',
+				'contentDisposition' => false
+			)
+		));
+		$result = $this->CakeEmail->send('Hello');
+
+		$boundary = $this->CakeEmail->getBoundary();
+		$this->assertContains('Content-Type: multipart/mixed; boundary="' . $boundary . '"', $result['headers']);
+		$expected = "--$boundary\r\n" .
+			"Content-Type: text/plain; charset=UTF-8\r\n" .
+			"Content-Transfer-Encoding: 8bit\r\n" .
+			"\r\n" .
+			"Hello" .
+			"\r\n" .
+			"\r\n" .
+			"\r\n" .
+			"--{$boundary}\r\n" .
+			"Content-Type: application/octet-stream\r\n" .
+			"Content-Transfer-Encoding: base64\r\n" .
+			"\r\n";
+
+		$this->assertContains($expected, $result['message']);
+		$this->assertContains('--' . $boundary . '--', $result['message']);
+	}
 /**
 * testSendWithLog method
 *
--- a/lib/Cake/Test/Case/Utility/SecurityTest.php
+++ b/lib/Cake/Test/Case/Utility/SecurityTest.php
@ -1,9 +1,5 @@
 <?php
 /**
- * SecurityTest file
- *
- * PHP 5
- *
 * CakePHP(tm) Tests <http://book.cakephp.org/2.0/en/development/testing.html>
 * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 *
@ -12,7 +8,6 @@
 *
 * @copyright     Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 * @link          http://book.cakephp.org/2.0/en/development/testing.html CakePHP(tm) Tests
- * @package       Cake.Test.Case.Utility
 * @since         CakePHP(tm) v 1.2.0.5432
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
@ -67,6 +62,46 @@ class SecurityTest extends CakeTestCase {
 		$this->assertTrue(Security::validateAuthKey($authKey));
 	}

+/**
+ * testHashInvalidSalt method
+ *
+ * @expectedException PHPUnit_Framework_Error
+ * @return void
+ */
+	public function testHashInvalidSalt() {
+		$result = Security::hash('someKey', 'blowfish', true);
+	}
+
+/**
+ * testHashAnotherInvalidSalt
+ *
+ * @expectedException PHPUnit_Framework_Error
+ * @return void
+ */
+	public function testHashAnotherInvalidSalt() {
+		$result = Security::hash('someKey', 'blowfish', '$1$lksdjoijfaoijs');
+	}
+
+/**
+ * testHashYetAnotherInvalidSalt
+ *
+ * @expectedException PHPUnit_Framework_Error
+ * @return void
+ */
+	public function testHashYetAnotherInvalidSalt() {
+		$result = Security::hash('someKey', 'blowfish', '$2a$10$123');
+	}
+
+/**
+ * testHashInvalidCost method
+ *
+ * @expectedException PHPUnit_Framework_Error
+ * @return void
+ */
+	public function testHashInvalidCost() {
+		Security::setCost(1000);
+		$result = Security::hash('somekey', 'blowfish', false);
+	}
 /**
 * testHash method
 *
@ -112,6 +147,22 @@ class SecurityTest extends CakeTestCase {
 			$this->assertSame(strlen(Security::hash($key, 'sha256', true)), 64);
 		}

+		$hashType = 'blowfish';
+		Security::setHash($hashType);
+		Security::setCost(10); // ensure default cost
+		$this->assertSame(Security::$hashType, $hashType);
+		$this->assertSame(strlen(Security::hash($key, null, false)), 60);
+
+		$password = $submittedPassword = $key;
+		$storedPassword = Security::hash($password);
+
+		$hashedPassword = Security::hash($submittedPassword, null, $storedPassword);
+		$this->assertSame($storedPassword, $hashedPassword);
+
+		$submittedPassword = 'someOtherKey';
+		$hashedPassword = Security::hash($submittedPassword, null, $storedPassword);
+		$this->assertNotSame($storedPassword, $hashedPassword);
+
 		Security::setHash($_hashType);
 	}

--- a/lib/Cake/Test/Fixture/CakeSessionFixture.php
+++ b/lib/Cake/Test/Fixture/CakeSessionFixture.php
@ -0,0 +1,47 @@
+<?php
+/**
+ * CakePHP(tm) Tests <http://book.cakephp.org/2.0/en/development/testing.html>
+ * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
+ *
+ * Licensed under The MIT License
+ * Redistributions of files must retain the above copyright notice
+ *
+ * @copyright     Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
+ * @link          http://book.cakephp.org/2.0/en/development/testing.html CakePHP(tm) Tests
+ * @package       Cake.Test.Fixture
+ * @since         CakePHP(tm) v 2.3.0
+ * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
+ */
+
+/**
+ * Fixture class for the default session configuration
+ *
+ * @package       Cake.Test.Fixture
+ */
+class CakeSessionFixture extends CakeTestFixture {
+
+/**
+ * name property
+ *
+ * @var string
+ */
+	public $name = 'CakeSession';
+
+/**
+ * fields property
+ *
+ * @var array
+ */
+	public $fields = array(
+		'id' => array('type' => 'string', 'length' => 128, 'key' => 'primary'),
+		'data' => array('type' => 'text','null' => true),
+		'expires' => array('type' => 'integer', 'length' => 11, 'null' => true)
+	);
+
+/**
+ * records property
+ *
+ * @var array
+ */
+	public $records = array();
+}
--- a/lib/Cake/TestSuite/Reporter/CakeHtmlReporter.php
+++ b/lib/Cake/TestSuite/Reporter/CakeHtmlReporter.php
@ -249,10 +249,12 @@ class CakeHtmlReporter extends CakeBaseReporter {
 		$testName = get_class($test) . '(' . $test->getName() . ')';

 		$actualMsg = $expectedMsg = null;
-		$failure = $message->getComparisonFailure();
-		if (is_object($failure)) {
-			$actualMsg = $message->getComparisonFailure()->getActualAsString();
-			$expectedMsg = $message->getComparisonFailure()->getExpectedAsString();
+		if (method_exists($message, 'comparisonFailure')) {
+			$failure = $message->comparisonFailure();
+			if (is_object($failure)) {
+				$actualMsg = $message->getComparisonFailure()->getActualAsString();
+				$expectedMsg = $message->getComparisonFailure()->getExpectedAsString();
+			}
 		}

 		echo "<li class='fail'>\n";
--- a/lib/Cake/Utility/Security.php
+++ b/lib/Cake/Utility/Security.php
@ -33,6 +33,13 @@ class Security {
 */
 	public static $hashType = null;

+/**
+ * Default cost
+ *
+ * @var string
+ */
+	public static $hashCost = '10';
+
 /**
 * Get allowed minutes of inactivity based on security level.
 *
@ -76,14 +83,26 @@ class Security {
 /**
 * Create a hash from string using given method.
 * Fallback on next available method.
+ * If you are using blowfish, for comparisons simply pass the originally hashed
+ * string as the salt (the salt is prepended to the hash and php handles the
+ * parsing automagically. Do NOT use a constant salt for blowfish.
 *
 * @param string $string String to hash
 * @param string $type Method to use (sha1/sha256/md5)
- * @param boolean $salt If true, automatically appends the application's salt
- *     value to $string (Security.salt)
+ * @param mixed $salt If true, automatically appends the application's salt
+ *     value to $string (Security.salt). If you are using blowfish the salt
+ *     must be false or a previously generated salt.
 * @return string Hash
 */
 	public static function hash($string, $type = null, $salt = false) {
+		if (empty($type)) {
+			$type = self::$hashType;
+		}
+		$type = strtolower($type);
+
+		if ($type === 'blowfish') {
+			return self::_crypt($string, $type, $salt);
+		}
 		if ($salt) {
 			if (is_string($salt)) {
 				$string = $salt . $string;
@ -92,11 +111,6 @@ class Security {
 			}
 		}

-		if (empty($type)) {
-			$type = self::$hashType;
-		}
-		$type = strtolower($type);
-
 		if ($type == 'sha1' || $type == null) {
 			if (function_exists('sha1')) {
 				$return = sha1($string);
@ -119,7 +133,7 @@ class Security {
 * Sets the default hash method for the Security object.  This affects all objects using
 * Security::hash().
 *
- * @param string $hash Method to use (sha1/sha256/md5)
+ * @param string $hash Method to use (sha1/sha256/md5/blowfish)
 * @return void
 * @see Security::hash()
 */
@ -127,6 +141,16 @@ class Security {
 		self::$hashType = $hash;
 	}

+/**
+ * Sets the cost for they blowfish hash method.
+ *
+ * @param integer $cost Valid values are 4-31
+ * @return void
+ */
+	public static function setCost($cost) {
+		self::$hashCost = $cost;
+	}
+
 /**
 * Encrypts/Decrypts a text using the given key.
 *
@ -189,4 +213,72 @@ class Security {
 		return $out;
 	}

+/**
+ * Generates a pseudo random salt suitable for use with php's crypt() function.
+ * The salt length should not exceed 27. The salt will be composed of
+ * [./0-9A-Za-z]{$length}.
+ *
+ * @param integer $length The length of the returned salt
+ * @return string The generated salt
+ */
+	public static function salt($length = 22) {
+		return substr(str_replace('+', '.', base64_encode(sha1(uniqid(Configure::read('Security.salt'), true), true))), 0, $length);
+	}
+
+/**
+ * One way encryption using php's crypt() function.
+ *
+ * @param string $password The string to be encrypted.
+ * @param string $type The encryption method to use (blowfish)
+ * @param mixed $salt false to generate a new salt or an existing salt.
+ */
+	protected static function _crypt($password, $type = null, $salt = false) {
+		$options = array(
+			'saltFormat' => array(
+				'blowfish' => '$2a$%02d$%s',
+			),
+			'saltLength' => array(
+				'blowfish' => 22,
+			),
+			'costLimits' => array(
+				'blowfish' => array(4, 31),
+			)
+		);
+		extract($options);
+		if ($type === null) {
+			$hashType = self::$hashType;
+		} else {
+			$hashType = $type;
+		}
+		$cost = self::$hashCost;
+		if ($salt === false) {
+			if (isset($costLimits[$hashType]) && ($cost < $costLimits[$hashType][0] || $cost > $costLimits[$hashType][1])) {
+				trigger_error(__d(
+					'cake_dev',
+					'When using %s you must specify a cost between %s and %s',
+					array(
+						$hashType,
+						$costLimits[$hashType][0],
+						$costLimits[$hashType][1]
+					)
+				), E_USER_WARNING);
+				return '';
+			}
+			$salt = self::salt($saltLength[$hashType]);
+			$vspArgs = array(
+				$cost,
+				$salt,
+			);
+			$salt = vsprintf($saltFormat[$hashType], $vspArgs);
+		} elseif ($salt === true || strpos($salt, '$2a$') !== 0 || strlen($salt) < 29) {
+			trigger_error(__d(
+				'cake_dev',
+				'Invalid salt: %s for %s Please visit http://www.php.net/crypt and read the appropriate section for building %s salts.',
+				array($salt, $hashType, $hashType)
+			), E_USER_WARNING);
+			return '';
+		}
+		return crypt($password, $salt);
+	}
+
 }