mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 03:18:26 +00:00
Closes #3394, applied test patch
Deprecated define('MAX_MD5SIZE', (5 * 1024) * 1024); in core.php
Removing additional defines in core.php, replaced with Configure::write();
Added CakeSession::__startSession() to check for sent headers before attempting to start the session.
Added notices to Configure::__loadBootstrap() that will be removed before stable release.
Refactored Folder::tree().
Added additional FolderTest cases
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5768 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
phpnut
parent
16fbd33eee
commit
1aa1164b1d
20 changed files with 386 additions and 154 deletions
|
|
@ -92,46 +92,46 @@
|
|||
* 'database' Uses CakePHP's database sessions.
|
||||
*
|
||||
* To define a custom session handler, save it at /app/config/<name>.php.
|
||||
* Set the value of CAKE_SESSION_SAVE to <name> to utilize it in CakePHP.
|
||||
* Set the value of 'Session.save' to <name> to utilize it in CakePHP.
|
||||
*
|
||||
* To use database sessions, execute the SQL file found at /app/config/sql/sessions.sql.
|
||||
*
|
||||
*/
|
||||
define('CAKE_SESSION_SAVE', 'php');
|
||||
Configure::write('Session.save', 'php');
|
||||
/**
|
||||
* The name of the table used to store CakePHP database sessions.
|
||||
*
|
||||
* CAKE_SESSION_SAVE must be set to 'database' in order to utilize this constant.
|
||||
* 'Session.save' must be set to 'database' in order to utilize this constant.
|
||||
*
|
||||
* The table name set here should *not* include any table prefix defined elsewhere.
|
||||
*/
|
||||
define('CAKE_SESSION_TABLE', 'cake_sessions');
|
||||
Configure::write('Session.table', 'cake_sessions');
|
||||
/**
|
||||
* A random string used in session management.
|
||||
* A random string used in security hashing methods.
|
||||
*/
|
||||
define('CAKE_SESSION_STRING', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');
|
||||
Configure::write('Security.salt', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');
|
||||
/**
|
||||
* The name of CakePHP's session cookie.
|
||||
*/
|
||||
define('CAKE_SESSION_COOKIE', 'CAKEPHP');
|
||||
Configure::write('Session.cookie', 'CAKEPHP');
|
||||
/**
|
||||
* The level of CakePHP session security. The session timeout time defined
|
||||
* in CAKE_SESSION_TIMEOUT is multiplied according to the settings here.
|
||||
* The level of CakePHP security. The session timeout time defined
|
||||
* in 'Session.timeout' is multiplied according to the settings here.
|
||||
* Valid values:
|
||||
*
|
||||
* 'high' Session timeout in CAKE_SESSION_TIMEOUT x 10
|
||||
* 'medium' Session timeout in CAKE_SESSION_TIMEOUT x 100
|
||||
* 'low' Session timeout in CAKE_SESSION_TIMEOUT x 300
|
||||
* 'high' Session timeout in 'Session.timeout' x 10
|
||||
* 'medium' Session timeout in 'Session.timeout' x 100
|
||||
* 'low' Session timeout in 'Session.timeout' x 300
|
||||
*
|
||||
* CakePHP session IDs are also regenerated between requests if
|
||||
* CAKE_SECURITY is set to 'high'.
|
||||
* 'Security.level' is set to 'high'.
|
||||
*/
|
||||
define('CAKE_SECURITY', 'high');
|
||||
Configure::write('Security.level', 'high');
|
||||
/**
|
||||
* Session time out time (in seconds).
|
||||
* Actual value depends on CAKE_SECURITY setting.
|
||||
* Actual value depends on 'Security.level' setting.
|
||||
*/
|
||||
define('CAKE_SESSION_TIMEOUT', '120');
|
||||
Configure::write('Session.timeout', '120');
|
||||
/**
|
||||
* Compress CSS output by removing comments, whitespace, repeating tags, etc.
|
||||
* This requires a/var/cache directory to be writable by the web server for caching.
|
||||
|
|
@ -142,11 +142,7 @@
|
|||
/**
|
||||
* If set to false, sessions are not automatically started.
|
||||
*/
|
||||
define('AUTO_SESSION', true);
|
||||
/**
|
||||
* The max size of file allowed for MD5 hashes (in bytes).
|
||||
*/
|
||||
define('MAX_MD5SIZE', (5 * 1024) * 1024);
|
||||
Configure::write('Session.start', true);
|
||||
/**
|
||||
* The classname and database used in CakePHP's
|
||||
* access control lists.
|
||||
|
|
@ -207,5 +203,4 @@
|
|||
* );
|
||||
*/
|
||||
Cache::config('default', array('engine' => 'File'));
|
||||
|
||||
?>
|
||||
|
|
@ -156,10 +156,10 @@ class ProjectTask extends Shell {
|
|||
$this->out('The Welcome page was NOT created');
|
||||
}
|
||||
|
||||
if ($this->cakeSessionString($path) === true ) {
|
||||
$this->out('Random hash key created for CAKE_SESSION_STRING');
|
||||
if ($this->securitySalt($path) === true ) {
|
||||
$this->out('Random hash key created for \'Security.salt\'');
|
||||
} else {
|
||||
$this->err('Unable to generate random hash for CAKE_SESSION_STRING, please change this yourself in ' . CONFIGS . 'core.php');
|
||||
$this->err('Unable to generate random hash for \'Security.salt\', please change this yourself in ' . CONFIGS . 'core.php');
|
||||
}
|
||||
|
||||
$corePath = $this->corePath($path);
|
||||
|
|
@ -202,17 +202,17 @@ class ProjectTask extends Shell {
|
|||
return $this->createFile($path.'home.ctp', $output);
|
||||
}
|
||||
/**
|
||||
* generates and writes CAKE_SESSION_STRING
|
||||
* generates and writes 'Security.salt'
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
function cakeSessionString($path) {
|
||||
function securitySalt($path) {
|
||||
$File =& new File($path . 'config' . DS . 'core.php');
|
||||
$contents = $File->read();
|
||||
if (preg_match('/([\\t\\x20]*define\\(\\\'CAKE_SESSION_STRING\\\',[\\t\\x20\'A-z0-9]*\\);)/', $contents, $match)) {
|
||||
if (preg_match('/([\\t\\x20]*Configure::write\\(\\\'Security.salt\\\',[\\t\\x20\'A-z0-9]*\\);)/', $contents, $match)) {
|
||||
uses('Security');
|
||||
$string = Security::generateAuthKey();
|
||||
$result = str_replace($match[0], 'define(\'CAKE_SESSION_STRING\', \''.$string.'\');', $contents);
|
||||
$result = str_replace($match[0], "\t" . 'Configure::write(\'Security.salt\', \''.$string.'\');', $contents);
|
||||
if ($File->write($result)) {
|
||||
return true;
|
||||
} else {
|
||||
|
|
@ -252,7 +252,7 @@ class ProjectTask extends Shell {
|
|||
$File =& new File(CONFIGS . 'core.php');
|
||||
$contents = $File->read();
|
||||
if (preg_match('%([/\\t\\x20]*Configure::write\(\'Routing.admin\',[\\t\\x20\'a-z]*\\);)%', $contents, $match)) {
|
||||
$result = str_replace($match[0], 'Configure::write(\'Routing.admin\', \''.$name.'\');', $contents);
|
||||
$result = str_replace($match[0], "\t" . 'Configure::write(\'Routing.admin\', \''.$name.'\');', $contents);
|
||||
if ($File->write($result)) {
|
||||
Configure::write('Routing.admin', $name);
|
||||
return true;
|
||||
|
|
|
|||
|
|
@ -92,46 +92,46 @@
|
|||
* 'database' Uses CakePHP's database sessions.
|
||||
*
|
||||
* To define a custom session handler, save it at /app/config/<name>.php.
|
||||
* Set the value of CAKE_SESSION_SAVE to <name> to utilize it in CakePHP.
|
||||
* Set the value of 'Session.save' to <name> to utilize it in CakePHP.
|
||||
*
|
||||
* To use database sessions, execute the SQL file found at /app/config/sql/sessions.sql.
|
||||
*
|
||||
*/
|
||||
define('CAKE_SESSION_SAVE', 'php');
|
||||
Configure::write('Session.save', 'php');
|
||||
/**
|
||||
* The name of the table used to store CakePHP database sessions.
|
||||
*
|
||||
* CAKE_SESSION_SAVE must be set to 'database' in order to utilize this constant.
|
||||
* 'Session.save' must be set to 'database' in order to utilize this constant.
|
||||
*
|
||||
* The table name set here should *not* include any table prefix defined elsewhere.
|
||||
*/
|
||||
define('CAKE_SESSION_TABLE', 'cake_sessions');
|
||||
Configure::write('Session.table', 'cake_sessions');
|
||||
/**
|
||||
* A random string used in session management.
|
||||
* A random string used in security hashing methods.
|
||||
*/
|
||||
define('CAKE_SESSION_STRING', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');
|
||||
Configure::write('Security.salt', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');
|
||||
/**
|
||||
* The name of CakePHP's session cookie.
|
||||
*/
|
||||
define('CAKE_SESSION_COOKIE', 'CAKEPHP');
|
||||
Configure::write('Session.cookie', 'CAKEPHP');
|
||||
/**
|
||||
* The level of CakePHP session security. The session timeout time defined
|
||||
* in CAKE_SESSION_TIMEOUT is multiplied according to the settings here.
|
||||
* The level of CakePHP security. The session timeout time defined
|
||||
* in 'Session.timeout' is multiplied according to the settings here.
|
||||
* Valid values:
|
||||
*
|
||||
* 'high' Session timeout in CAKE_SESSION_TIMEOUT x 10
|
||||
* 'medium' Session timeout in CAKE_SESSION_TIMEOUT x 100
|
||||
* 'low' Session timeout in CAKE_SESSION_TIMEOUT x 300
|
||||
* 'high' Session timeout in 'Session.timeout' x 10
|
||||
* 'medium' Session timeout in 'Session.timeout' x 100
|
||||
* 'low' Session timeout in 'Session.timeout' x 300
|
||||
*
|
||||
* CakePHP session IDs are also regenerated between requests if
|
||||
* CAKE_SECURITY is set to 'high'.
|
||||
* 'Security.level' is set to 'high'.
|
||||
*/
|
||||
define('CAKE_SECURITY', 'high');
|
||||
Configure::write('Security.level', 'high');
|
||||
/**
|
||||
* Session time out time (in seconds).
|
||||
* Actual value depends on CAKE_SECURITY setting.
|
||||
* Actual value depends on 'Security.level' setting.
|
||||
*/
|
||||
define('CAKE_SESSION_TIMEOUT', '120');
|
||||
Configure::write('Session.timeout', '120');
|
||||
/**
|
||||
* Compress CSS output by removing comments, whitespace, repeating tags, etc.
|
||||
* This requires a/var/cache directory to be writable by the web server for caching.
|
||||
|
|
@ -142,11 +142,7 @@
|
|||
/**
|
||||
* If set to false, sessions are not automatically started.
|
||||
*/
|
||||
define('AUTO_SESSION', true);
|
||||
/**
|
||||
* The max size of file allowed for MD5 hashes (in bytes).
|
||||
*/
|
||||
define('MAX_MD5SIZE', (5 * 1024) * 1024);
|
||||
Configure::write('Session.start', true);
|
||||
/**
|
||||
* The classname and database used in CakePHP's
|
||||
* access control lists.
|
||||
|
|
@ -207,5 +203,4 @@
|
|||
* );
|
||||
*/
|
||||
Cache::config('default', array('engine' => 'File'));
|
||||
|
||||
?>
|
||||
|
|
@ -568,13 +568,41 @@ class Configure extends Object {
|
|||
$_this->write('Routing.webservices', WEBSERVICES);
|
||||
}
|
||||
if (defined('ACL_CLASSNAME')) {
|
||||
trigger_error('ACL_CLASSNAME Deprecated. Use Configure::write(\'Acl.classname\'); in APP/config/core.php', E_USER_WARNING);
|
||||
trigger_error('ACL_CLASSNAME Deprecated. Use Configure::write(\'Acl.classname\', \'' . ACL_CLASSNAME . '\'); in APP/config/core.php', E_USER_WARNING);
|
||||
$_this->write('Acl.classname', ACL_CLASSNAME);
|
||||
}
|
||||
if (defined('ACL_DATABASE')) {
|
||||
trigger_error('ACL_DATABASE Deprecated. Use Configure::write(\'Acl.database\'); in APP/config/core.php', E_USER_WARNING);
|
||||
trigger_error('ACL_DATABASE Deprecated. Use Configure::write(\'Acl.database\', \'' . ACL_CLASSNAME . '\'); in APP/config/core.php', E_USER_WARNING);
|
||||
$_this->write('Acl.database', ACL_CLASSNAME);
|
||||
}
|
||||
if (defined('CAKE_SESSION_SAVE')) {
|
||||
trigger_error('CAKE_SESSION_SAVE Deprecated. Use Configure::write(\'Session.save\', \'' . CAKE_SESSION_SAVE . '\'); in APP/config/core.php', E_USER_WARNING);
|
||||
$_this->write('Session.save', CAKE_SESSION_SAVE);
|
||||
}
|
||||
if (defined('CAKE_SESSION_TABLE')) {
|
||||
trigger_error('CAKE_SESSION_TABLE Deprecated. Use Configure::write(\'Session.table\', \'' . CAKE_SESSION_TABLE . '\'); in APP/config/core.php', E_USER_WARNING);
|
||||
$_this->write('Session.table', CAKE_SESSION_TABLE);
|
||||
}
|
||||
if (defined('CAKE_SESSION_STRING')) {
|
||||
trigger_error('CAKE_SESSION_STRING Deprecated. Use Configure::write(\'Security.salt\', \'' . CAKE_SESSION_STRING . '\'); in APP/config/core.php', E_USER_WARNING);
|
||||
$_this->write('Security.salt', CAKE_SESSION_STRING);
|
||||
}
|
||||
if (defined('CAKE_SESSION_COOKIE')) {
|
||||
trigger_error('CAKE_SESSION_COOKIE Deprecated. Use Configure::write(\'Session.cookie\', \'' . CAKE_SESSION_COOKIE . '\'); in APP/config/core.php', E_USER_WARNING);
|
||||
$_this->write('Session.cookie', CAKE_SESSION_COOKIE);
|
||||
}
|
||||
if (defined('CAKE_SECURITY')) {
|
||||
trigger_error('CAKE_SECURITY Deprecated. Use Configure::write(\'Security.level\', \'' . CAKE_SECURITY . '\'); in APP/config/core.php', E_USER_WARNING);
|
||||
$_this->write('Security.level', CAKE_SECURITY);
|
||||
}
|
||||
if (defined('CAKE_SESSION_TIMEOUT')) {
|
||||
trigger_error('CAKE_SESSION_TIMEOUT Deprecated. Use Configure::write(\'Session.timeout\', \'' . CAKE_SESSION_TIMEOUT . '\'); in APP/config/core.php', E_USER_WARNING);
|
||||
$_this->write('Session.timeout', CAKE_SESSION_TIMEOUT);
|
||||
}
|
||||
if (defined('AUTO_SESSION')) {
|
||||
trigger_error('AUTO_SESSION Deprecated. Use Configure::write(\'Session.start\', \'' . AUTO_SESSION . '\'); in APP/config/core.php', E_USER_WARNING);
|
||||
$_this->write('Session.start', AUTO_SESSION);
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
|
@ -786,7 +786,7 @@ class AuthComponent extends Object {
|
|||
return $data;
|
||||
}
|
||||
/**
|
||||
* Hash a password with the application's salt value (as defined in CAKE_SESSION_STRING)
|
||||
* Hash a password with the application's salt value (as defined with Configure::write('Security.salt');
|
||||
*
|
||||
* @access public
|
||||
* @param string $password
|
||||
|
|
@ -794,7 +794,7 @@ class AuthComponent extends Object {
|
|||
* @return string
|
||||
*/
|
||||
function password($password) {
|
||||
return Security::hash(CAKE_SESSION_STRING . $password);
|
||||
return Security::hash(Configure::read('Security.salt') . $password);
|
||||
}
|
||||
/**
|
||||
* Component shutdown. If user is logged in, wipe out redirect.
|
||||
|
|
|
|||
|
|
@ -116,7 +116,7 @@ class CookieComponent extends Object {
|
|||
* @var string
|
||||
* @access protected
|
||||
*/
|
||||
var $key = CAKE_SESSION_STRING;
|
||||
var $key = null;
|
||||
/**
|
||||
* Values stored in the cookie.
|
||||
*
|
||||
|
|
@ -190,6 +190,7 @@ class CookieComponent extends Object {
|
|||
*/
|
||||
function startup() {
|
||||
$this->__expire($this->time);
|
||||
$this->key = Configure::read('Security.salt');
|
||||
|
||||
if (isset($_COOKIE[$this->name])) {
|
||||
$this->__values = $this->__decrypt($_COOKIE[$this->name]);
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* CakePHP(tm) : Rapid Development Framework <http://www.cakephp.org/>
|
||||
* CakePHP(tm) : Rapid Development Framework <http://www.cakephp.org/>
|
||||
* Copyright 2005-2007, Cake Software Foundation, Inc.
|
||||
* 1785 E. Sahara Avenue, Suite 490-204
|
||||
* Las Vegas, Nevada 89104
|
||||
|
|
@ -121,7 +121,7 @@ class SecurityComponent extends Object {
|
|||
*/
|
||||
var $components = array('RequestHandler', 'Session');
|
||||
/**
|
||||
* Component startup. All security checking happens here.
|
||||
* Component startup. All security checking happens here.
|
||||
*
|
||||
* @param object $controller
|
||||
* @return unknown
|
||||
|
|
@ -250,7 +250,7 @@ class SecurityComponent extends Object {
|
|||
function loginRequest($options = array()) {
|
||||
$options = am($this->loginOptions, $options);
|
||||
$this->__setLoginDefaults($options);
|
||||
$auth = 'WWW-Authenticate: ' . ucfirst($options['type']);
|
||||
$auth = 'WWW-Authenticate: ' . ucfirst($options['type']);
|
||||
$out = array('realm="' . $options['realm'] . '"');
|
||||
|
||||
if (low($options['type']) == 'digest') {
|
||||
|
|
@ -485,9 +485,9 @@ class SecurityComponent extends Object {
|
|||
$parts = preg_split('/\/|\./', $value);
|
||||
|
||||
if (count($parts) == 1) {
|
||||
$key1[] = $controller->modelClass . '.' . $parts['0'];
|
||||
$key1[] = $controller->modelClass . '.' . $parts['0'];
|
||||
} elseif (count($parts) == 2) {
|
||||
$key1[] = $parts['0'] . '.' . $parts['1'];
|
||||
$key1[] = $parts['0'] . '.' . $parts['1'];
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -526,7 +526,7 @@ class SecurityComponent extends Object {
|
|||
}
|
||||
}
|
||||
|
||||
foreach ($k as $lookup) {
|
||||
foreach ($k as $lookup) {
|
||||
if (isset($controller->data[$newKey][$lookup])) {
|
||||
unset($controller->data[$key][$lookup]);
|
||||
} elseif ($controller->data[$key][$lookup] === '0') {
|
||||
|
|
@ -544,8 +544,11 @@ class SecurityComponent extends Object {
|
|||
continue;
|
||||
}
|
||||
if (!array_key_exists($key, $value)) {
|
||||
$field[$key] = array_keys($value);
|
||||
$field[$key] = array_merge($merge, $field[$key]);
|
||||
if (isset($field[$key])) {
|
||||
$field[$key] = array_merge($field[$key], array_keys($value));
|
||||
} else {
|
||||
$field[$key] = array_keys($value);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -555,7 +558,7 @@ class SecurityComponent extends Object {
|
|||
}
|
||||
}
|
||||
ksort($field);
|
||||
$check = urlencode(Security::hash(serialize($field) . CAKE_SESSION_STRING));
|
||||
$check = urlencode(Security::hash(serialize($field) . Configure::read('Security.salt')));
|
||||
|
||||
if ($form !== $check) {
|
||||
if (!$this->blackHole($controller, 'auth')) {
|
||||
|
|
|
|||
|
|
@ -27,6 +27,7 @@
|
|||
* @lastmodified $Date$
|
||||
* @license http://www.opensource.org/licenses/mit-license.php The MIT License
|
||||
*/
|
||||
uses('session');
|
||||
/**
|
||||
* Session Component.
|
||||
*
|
||||
|
|
@ -50,14 +51,14 @@ class SessionComponent extends CakeSession {
|
|||
* @param string $base
|
||||
*/
|
||||
function __construct($base = null) {
|
||||
if (!defined('AUTO_SESSION') || AUTO_SESSION === true) {
|
||||
if (Configure::read('Session.start') === true) {
|
||||
parent::__construct($base);
|
||||
} else {
|
||||
$this->__active = false;
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Turn sessions on if AUTO_SESSION is set to false in core.php
|
||||
* Turn sessions on if 'Session.start' is set to false in core.php
|
||||
*
|
||||
* @param string $base
|
||||
*/
|
||||
|
|
@ -240,4 +241,4 @@ class SessionComponent extends CakeSession {
|
|||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -420,8 +420,8 @@ class Debugger extends Object {
|
|||
* @access public
|
||||
*/
|
||||
function checkSessionKey() {
|
||||
if (CAKE_SESSION_STRING == 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi') {
|
||||
trigger_error(__('Please change the value of CAKE_SESSION_STRING in app/config/core.php to a salt value specific to your application', true), E_USER_NOTICE);
|
||||
if (Configure::read('Security.salt') == 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi') {
|
||||
trigger_error(__('Please change the value of \'Security.salt\' in app/config/core.php to a salt value specific to your application', true), E_USER_NOTICE);
|
||||
}
|
||||
}
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -154,7 +154,7 @@ class Folder extends Object{
|
|||
if (!in_array($n, $exceptions)) {
|
||||
$item = $n;
|
||||
}
|
||||
} elseif ((!preg_match('#^\.+$#', $n) && $exceptions == false) || ($exceptions == true && !preg_match('#^\.(.*)$#', $n))) {
|
||||
} elseif ((!preg_match('/^\\.+$/', $n) && $exceptions == false) || ($exceptions == true && !preg_match('/^\\.(.*)$/', $n))) {
|
||||
$item = $n;
|
||||
}
|
||||
|
||||
|
|
@ -244,7 +244,7 @@ class Folder extends Object{
|
|||
* @static
|
||||
*/
|
||||
function isWindowsPath($path) {
|
||||
if (preg_match('#^[A-Z]:\\\#i', $path)) {
|
||||
if (preg_match('/^[A-Z]:\\\\/i', $path)) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
|
|
@ -258,7 +258,7 @@ class Folder extends Object{
|
|||
* @static
|
||||
*/
|
||||
function isAbsolute($path) {
|
||||
$match = preg_match('#^\/#', $path) || preg_match('#^[A-Z]:\\\#i', $path);
|
||||
$match = preg_match('/^\\//', $path) || preg_match('/^[A-Z]:\\\\/i', $path);
|
||||
return $match;
|
||||
}
|
||||
/**
|
||||
|
|
@ -270,7 +270,7 @@ class Folder extends Object{
|
|||
* @static
|
||||
*/
|
||||
function isSlashTerm($path) {
|
||||
if (preg_match('#[\\\/]$#', $path)) {
|
||||
if (preg_match('/[\/\\\]$/', $path)) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
|
|
@ -412,10 +412,11 @@ class Folder extends Object{
|
|||
* Returns an array of nested directories and files in each directory
|
||||
*
|
||||
* @param string $path the directory path to build the tree from
|
||||
* @return mixed array of nested directories and fiels in each directory
|
||||
* @param = boolean $hidden return hidden files and directories
|
||||
* @return mixed array of nested directories and files in each directory
|
||||
* @access public
|
||||
*/
|
||||
function tree($path) {
|
||||
function tree($path, $hidden = true) {
|
||||
$path = rtrim($path, DS);
|
||||
$this->__files = array();
|
||||
$this->__directories = array($path);
|
||||
|
|
@ -423,7 +424,7 @@ class Folder extends Object{
|
|||
|
||||
while (count($this->__directories)) {
|
||||
$dir = array_pop($this->__directories);
|
||||
$this->__tree($dir);
|
||||
$this->__tree($dir, $hidden);
|
||||
array_push($directories, $dir);
|
||||
|
||||
}
|
||||
|
|
@ -434,25 +435,30 @@ class Folder extends Object{
|
|||
* Private method to list directories and files in each directory
|
||||
*
|
||||
* @param string $path
|
||||
* @param = boolean $hidden
|
||||
* @access private
|
||||
*/
|
||||
function __tree($path) {
|
||||
function __tree($path, $hidden) {
|
||||
if (is_dir($path)) {
|
||||
$dirHandle = @opendir($path);
|
||||
|
||||
while (false !== ($item = @readdir($dirHandle))) {
|
||||
if ($item != '.' && $item != '..') {
|
||||
$item = $path . DS . $item;
|
||||
$found = false;
|
||||
|
||||
if (is_dir($item)) {
|
||||
array_push($this->__directories, $item);
|
||||
if (($hidden === true && $item != '.' && $item != '..') || ($hidden === false && !preg_match('/^\\.(.*)$/', $item))) {
|
||||
$found = $path . DS . $item;
|
||||
}
|
||||
|
||||
if ($found !== false) {
|
||||
if (is_dir($found)) {
|
||||
array_push($this->__directories, $found);
|
||||
} else {
|
||||
array_push($this->__files, $item);
|
||||
array_push($this->__files, $found);
|
||||
}
|
||||
}
|
||||
}
|
||||
closedir($dirHandle);
|
||||
}
|
||||
closedir($dirHandle);
|
||||
}
|
||||
/**
|
||||
* Create a directory structure recursively.
|
||||
|
|
|
|||
|
|
@ -243,7 +243,7 @@ class ConnectionManager extends Object {
|
|||
*
|
||||
*/
|
||||
function __destruct() {
|
||||
if (CAKE_SESSION_SAVE == 'database' && function_exists('session_write_close')) {
|
||||
if (Configure::read('Session.save') == 'database' && function_exists('session_write_close')) {
|
||||
session_write_close();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ class Security extends Object {
|
|||
*/
|
||||
function inactiveMins() {
|
||||
$_this =& Security::getInstance();
|
||||
switch(CAKE_SECURITY) {
|
||||
switch(Configure::read('Security.level')) {
|
||||
case 'high':
|
||||
return 10;
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ class CakeSession extends Object {
|
|||
*/
|
||||
var $lastError = null;
|
||||
/**
|
||||
* CAKE_SECURITY setting, "high", "medium", or "low".
|
||||
* 'Security.level' setting, "high", "medium", or "low".
|
||||
*
|
||||
* @var string
|
||||
* @access public
|
||||
|
|
@ -115,16 +115,13 @@ class CakeSession extends Object {
|
|||
* @access public
|
||||
*/
|
||||
function __construct($base = null, $start = true) {
|
||||
if (!defined('CAKE_SESSION_TABLE')) {
|
||||
define('CAKE_SESSION_TABLE', 'cake_sessions');
|
||||
}
|
||||
|
||||
if (CAKE_SESSION_SAVE === 'database' && !class_exists('ConnectionManager')) {
|
||||
if (Configure::read('Session.save') === 'database' && !class_exists('ConnectionManager')) {
|
||||
uses('model' . DS . 'connection_manager');
|
||||
}
|
||||
|
||||
if (env('HTTP_USER_AGENT') != null) {
|
||||
$this->_userAgent = md5(env('HTTP_USER_AGENT') . CAKE_SESSION_STRING);
|
||||
$this->_userAgent = md5(env('HTTP_USER_AGENT') . Configure::read('Security.salt'));
|
||||
} else {
|
||||
$this->_userAgent = "";
|
||||
}
|
||||
|
|
@ -143,17 +140,19 @@ class CakeSession extends Object {
|
|||
$this->host = substr($this->host, 0, strpos($this->host, ':'));
|
||||
}
|
||||
|
||||
$this->sessionTime = $this->time + (Security::inactiveMins() * CAKE_SESSION_TIMEOUT);
|
||||
$this->security = CAKE_SECURITY;
|
||||
if (!class_exists('Security')) {
|
||||
uses('security');
|
||||
}
|
||||
|
||||
$this->sessionTime = $this->time + (Security::inactiveMins() * Configure::read('Session.timeout'));
|
||||
$this->security = Configure::read('Security.level');
|
||||
|
||||
if (function_exists('session_write_close')) {
|
||||
session_write_close();
|
||||
}
|
||||
|
||||
$this->__initSession();
|
||||
session_cache_limiter ("must-revalidate");
|
||||
session_start();
|
||||
header ('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"');
|
||||
$this->__startSession();
|
||||
$this->__checkValid();
|
||||
}
|
||||
parent::__construct();
|
||||
|
|
@ -377,7 +376,7 @@ class CakeSession extends Object {
|
|||
}
|
||||
|
||||
if (isset($_COOKIE[session_name()])) {
|
||||
setcookie(CAKE_SESSION_COOKIE, '', time() - 42000, $this->path);
|
||||
setcookie(Configure::read('Session.cookie'), '', time() - 42000, $this->path);
|
||||
}
|
||||
|
||||
$_SESSION = array();
|
||||
|
|
@ -409,7 +408,7 @@ class CakeSession extends Object {
|
|||
break;
|
||||
}
|
||||
|
||||
switch(CAKE_SESSION_SAVE) {
|
||||
switch(Configure::read('Session.cookie')) {
|
||||
case 'cake':
|
||||
if (!isset($_SESSION)) {
|
||||
if (function_exists('ini_set')) {
|
||||
|
|
@ -417,7 +416,7 @@ class CakeSession extends Object {
|
|||
ini_set('url_rewriter.tags', '');
|
||||
ini_set('session.serialize_handler', 'php');
|
||||
ini_set('session.use_cookies', 1);
|
||||
ini_set('session.name', CAKE_SESSION_COOKIE);
|
||||
ini_set('session.name', Configure::read('Session.cookie'));
|
||||
ini_set('session.cookie_lifetime', $this->cookieLifeTime);
|
||||
ini_set('session.cookie_path', $this->path);
|
||||
ini_set('session.auto_start', 0);
|
||||
|
|
@ -433,7 +432,7 @@ class CakeSession extends Object {
|
|||
ini_set('session.save_handler', 'user');
|
||||
ini_set('session.serialize_handler', 'php');
|
||||
ini_set('session.use_cookies', 1);
|
||||
ini_set('session.name', CAKE_SESSION_COOKIE);
|
||||
ini_set('session.name', Configure::read('Session.cookie'));
|
||||
ini_set('session.cookie_lifetime', $this->cookieLifeTime);
|
||||
ini_set('session.cookie_path', $this->path);
|
||||
ini_set('session.auto_start', 0);
|
||||
|
|
@ -450,7 +449,7 @@ class CakeSession extends Object {
|
|||
if (!isset($_SESSION)) {
|
||||
if (function_exists('ini_set')) {
|
||||
ini_set('session.use_trans_sid', 0);
|
||||
ini_set('session.name', CAKE_SESSION_COOKIE);
|
||||
ini_set('session.name', Configure::read('Session.cookie'));
|
||||
ini_set('session.cookie_lifetime', $this->cookieLifeTime);
|
||||
ini_set('session.cookie_path', $this->path);
|
||||
}
|
||||
|
|
@ -458,7 +457,7 @@ class CakeSession extends Object {
|
|||
break;
|
||||
default:
|
||||
if (!isset($_SESSION)) {
|
||||
$config = CONFIGS . CAKE_SESSION_SAVE . '.php';
|
||||
$config = CONFIGS . Configure::read('Session.cookie') . '.php';
|
||||
|
||||
if (is_file($config)) {
|
||||
require_once ($config);
|
||||
|
|
@ -467,6 +466,22 @@ class CakeSession extends Object {
|
|||
break;
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Helper method to start a session
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
function __startSession() {
|
||||
if (headers_sent()) {
|
||||
if (!isset($_SESSION)) {
|
||||
$_SESSION = array();
|
||||
}
|
||||
} else {
|
||||
session_cache_limiter ("must-revalidate");
|
||||
session_start();
|
||||
header ('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"');
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Helper method to create a new session.
|
||||
*
|
||||
|
|
@ -504,7 +519,7 @@ class CakeSession extends Object {
|
|||
}
|
||||
|
||||
if (isset($_COOKIE[session_name()])) {
|
||||
setcookie(CAKE_SESSION_COOKIE, '', time() - 42000, $this->path);
|
||||
setcookie(Configure::read('Session.cookie'), '', time() - 42000, $this->path);
|
||||
}
|
||||
session_regenerate_id();
|
||||
$newSessid = session_id();
|
||||
|
|
@ -590,7 +605,7 @@ class CakeSession extends Object {
|
|||
*/
|
||||
function __read($key) {
|
||||
$db =& ConnectionManager::getDataSource('default');
|
||||
$table = $db->fullTableName(CAKE_SESSION_TABLE, false);
|
||||
$table = $db->fullTableName(Configure::read('Session.table'), false);
|
||||
$row = $db->query("SELECT " . $db->name($table.'.data') . " FROM " . $db->name($table) . " WHERE " . $db->name($table.'.id') . " = " . $db->value($key), false);
|
||||
|
||||
if ($row && !isset($row[0][$table]) && isset($row[0][0])) {
|
||||
|
|
@ -613,9 +628,9 @@ class CakeSession extends Object {
|
|||
*/
|
||||
function __write($key, $value) {
|
||||
$db =& ConnectionManager::getDataSource('default');
|
||||
$table = $db->fullTableName(CAKE_SESSION_TABLE);
|
||||
$table = $db->fullTableName(Configure::read('Session.table'));
|
||||
|
||||
switch(CAKE_SECURITY) {
|
||||
switch(Configure::read('Security.level')) {
|
||||
case 'high':
|
||||
$factor = 10;
|
||||
break;
|
||||
|
|
@ -629,7 +644,7 @@ class CakeSession extends Object {
|
|||
$factor = 10;
|
||||
break;
|
||||
}
|
||||
$expires = time() + CAKE_SESSION_TIMEOUT * $factor;
|
||||
$expires = time() + Configure::read('Session.timeout') * $factor;
|
||||
$row = $db->query("SELECT COUNT(id) AS count FROM " . $db->name($table) . " WHERE "
|
||||
. $db->name('id') . " = "
|
||||
. $db->value($key), false);
|
||||
|
|
@ -656,7 +671,7 @@ class CakeSession extends Object {
|
|||
*/
|
||||
function __destroy($key) {
|
||||
$db =& ConnectionManager::getDataSource('default');
|
||||
$table = $db->fullTableName(CAKE_SESSION_TABLE);
|
||||
$table = $db->fullTableName(Configure::read('Session.table'));
|
||||
$db->execute("DELETE FROM " . $db->name($table) . " WHERE " . $db->name($table.'.id') . " = " . $db->value($key, 'integer'));
|
||||
return true;
|
||||
}
|
||||
|
|
@ -669,9 +684,9 @@ class CakeSession extends Object {
|
|||
*/
|
||||
function __gc($expires = null) {
|
||||
$db =& ConnectionManager::getDataSource('default');
|
||||
$table = $db->fullTableName(CAKE_SESSION_TABLE);
|
||||
$table = $db->fullTableName(Configure::read('Session.table'));
|
||||
$db->execute("DELETE FROM " . $db->name($table) . " WHERE " . $db->name($table.'.expires') . " < ". $db->value(time()));
|
||||
return true;
|
||||
}
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -283,7 +283,7 @@ class FormHelper extends AppHelper {
|
|||
}
|
||||
}
|
||||
ksort($fields);
|
||||
$append .= $this->hidden('_Token.fields', array('value' => urlencode(Security::hash(serialize($fields) . CAKE_SESSION_STRING)), 'id' => 'TokenFields' . mt_rand()));
|
||||
$append .= $this->hidden('_Token.fields', array('value' => urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt'))), 'id' => 'TokenFields' . mt_rand()));
|
||||
$append .= '</p>';
|
||||
return $append;
|
||||
}
|
||||
|
|
@ -852,15 +852,16 @@ class FormHelper extends AppHelper {
|
|||
$options = $this->__initInputField($fieldName, $options);
|
||||
$model = $this->model();
|
||||
$value = '';
|
||||
$key = '_' . $model;
|
||||
|
||||
if (isset($this->params['_Token']) && !empty($this->params['_Token'])) {
|
||||
$options['name'] = str_replace($model, '_' . $model, $options['name']);
|
||||
$options['name'] = str_replace($model, $key, $options['name']);
|
||||
}
|
||||
|
||||
if (!empty($options['value']) || $options['value'] === '0') {
|
||||
$value = $options['value'];
|
||||
}
|
||||
$this->__secure($model, $value);
|
||||
$this->__secure($key, $value);
|
||||
|
||||
/*if (in_array($fieldName, array('_method', '_fields'))) {
|
||||
$model = null;
|
||||
|
|
|
|||
|
|
@ -57,14 +57,14 @@ class SessionHelper extends CakeSession {
|
|||
* @param string $base
|
||||
*/
|
||||
function __construct($base = null) {
|
||||
if (!defined('AUTO_SESSION') || AUTO_SESSION === true) {
|
||||
if (Configure::read('Session.start') === true) {
|
||||
parent::__construct($base, false);
|
||||
} else {
|
||||
$this->__active = false;
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Turn sessions on if AUTO_SESSION is set to false in core.php
|
||||
* Turn sessions on if 'Session.start' is set to false in core.php
|
||||
*
|
||||
* @param string $base
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -416,7 +416,7 @@ class DispatcherTest extends UnitTestCase {
|
|||
$url = 'some_pages/redirect/param:value/param2:value2';
|
||||
|
||||
restore_error_handler();
|
||||
@$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
|
||||
$expected = 'privateAction';
|
||||
|
|
@ -429,7 +429,7 @@ class DispatcherTest extends UnitTestCase {
|
|||
$url = 'some_pages/home/param:value/param2:value2';
|
||||
|
||||
restore_error_handler();
|
||||
@$controller = $dispatcher->dispatch($url, array('return'=> 1));
|
||||
$controller = $dispatcher->dispatch($url, array('return'=> 1));
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
$expected = 'missingAction';
|
||||
$this->assertEqual($expected, $controller);
|
||||
|
|
@ -441,7 +441,7 @@ class DispatcherTest extends UnitTestCase {
|
|||
$url = 'pages/home/param:value/param2:value2';
|
||||
|
||||
restore_error_handler();
|
||||
@$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
|
||||
$expected = 'Pages';
|
||||
|
|
@ -462,7 +462,7 @@ class DispatcherTest extends UnitTestCase {
|
|||
$Router =& Router::getInstance();
|
||||
|
||||
restore_error_handler();
|
||||
@$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
|
||||
$expected = 'TestDispatchPages';
|
||||
|
|
@ -492,7 +492,7 @@ class DispatcherTest extends UnitTestCase {
|
|||
$url = 'my_plugin/some_pages/home/param:value/param2:value2';
|
||||
|
||||
restore_error_handler();
|
||||
@$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
|
||||
|
||||
|
|
@ -534,7 +534,7 @@ class DispatcherTest extends UnitTestCase {
|
|||
$url = 'my_plugin/other_pages/index/param:value/param2:value2';
|
||||
|
||||
restore_error_handler();
|
||||
@$controller = $dispatcher->dispatch($url, array('return'=> 1));
|
||||
$controller = $dispatcher->dispatch($url, array('return'=> 1));
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
|
||||
$expected = 'my_plugin';
|
||||
|
|
@ -566,7 +566,7 @@ class DispatcherTest extends UnitTestCase {
|
|||
$url = 'my_plugin/add/param:value/param2:value2';
|
||||
|
||||
restore_error_handler();
|
||||
@$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
|
||||
$expected = 'my_plugin';
|
||||
|
|
@ -615,7 +615,7 @@ class DispatcherTest extends UnitTestCase {
|
|||
|
||||
$url = 'my_plugin/param:value/param2:value2';
|
||||
restore_error_handler();
|
||||
@$controller = $dispatcher->dispatch($url, array('return'=> 1));
|
||||
$controller = $dispatcher->dispatch($url, array('return'=> 1));
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
|
||||
$expected = 'missingAction';
|
||||
|
|
@ -634,7 +634,7 @@ class DispatcherTest extends UnitTestCase {
|
|||
|
||||
$url = 'test_dispatch_pages/admin_index/param:value/param2:value2';
|
||||
restore_error_handler();
|
||||
@$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
$controller = $dispatcher->dispatch($url, array('return' => 1));
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
|
||||
$expected = 'privateAction';
|
||||
|
|
@ -645,4 +645,4 @@ class DispatcherTest extends UnitTestCase {
|
|||
$_GET = $this->_get;
|
||||
}
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@
|
|||
uses('controller' . DS . 'components' . DS .'auth', 'controller' . DS . 'components' . DS .'acl');
|
||||
|
||||
uses('controller'.DS.'components'.DS.'acl', 'model'.DS.'db_acl');
|
||||
Configure::write('Security.salt', 'JfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi');
|
||||
/**
|
||||
* Short description for class.
|
||||
*
|
||||
|
|
@ -124,7 +125,7 @@ class AuthTest extends CakeTestCase {
|
|||
$this->AuthUser =& new AuthUser();
|
||||
$user['id'] = 1;
|
||||
$user['username'] = 'mariano';
|
||||
$user['password'] = Security::hash(CAKE_SESSION_STRING . 'cake');
|
||||
$user['password'] = Security::hash(Configure::read('Security.salt') . 'cake');
|
||||
$this->AuthUser->save($user, false);
|
||||
|
||||
$authUser = $this->AuthUser->find();
|
||||
|
|
@ -253,7 +254,11 @@ class AuthTest extends CakeTestCase {
|
|||
}
|
||||
|
||||
function testLoginRedirect() {
|
||||
$backup = $_SERVER['HTTP_REFERER'];
|
||||
if (isset($_SERVER['HTTP_REFERER'])) {
|
||||
$backup = $_SERVER['HTTP_REFERER'];
|
||||
} else {
|
||||
$backup = null;
|
||||
}
|
||||
|
||||
$_SERVER['HTTP_REFERER'] = false;
|
||||
|
||||
|
|
@ -305,7 +310,7 @@ class AuthTest extends CakeTestCase {
|
|||
$this->AuthUser =& new AuthUser();
|
||||
$user['id'] = 1;
|
||||
$user['username'] = 'mariano';
|
||||
$user['password'] = Security::hash(CAKE_SESSION_STRING . 'cake');
|
||||
$user['password'] = Security::hash(Configure::read('Security.salt') . 'cake');
|
||||
$this->AuthUser->save($user, false);
|
||||
|
||||
$authUser = $this->AuthUser->find();
|
||||
|
|
|
|||
|
|
@ -27,16 +27,148 @@
|
|||
* @license http://www.opensource.org/licenses/opengroup.php The Open Group Test Suite License
|
||||
*/
|
||||
uses('controller' . DS . 'components' . DS .'security');
|
||||
|
||||
/**
|
||||
* Short description for class.
|
||||
*
|
||||
* @package cake.tests
|
||||
* @subpackage cake.tests.cases.libs.controller.components
|
||||
*/
|
||||
class SecurityTestController extends Controller {
|
||||
var $name = 'SecurityTest';
|
||||
var $components = array('Security');
|
||||
|
||||
function redirect($option, $code, $exit) {
|
||||
return $code;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Short description for class.
|
||||
*
|
||||
* @package cake.tests
|
||||
* @subpackage cake.tests.cases.libs.controller.components
|
||||
* @package cake.tests
|
||||
* @subpackage cake.tests.cases.libs.controller.components
|
||||
*/
|
||||
class SecurityComponentTest extends CakeTestCase {
|
||||
|
||||
function skip() {
|
||||
$this->skipif (true, 'SecurityComponentTest not implemented');
|
||||
function setUp() {
|
||||
$this->Controller =& new SecurityTestController();
|
||||
restore_error_handler();
|
||||
@$this->Controller->_initComponents();
|
||||
set_error_handler('simpleTestErrorHandler');
|
||||
}
|
||||
|
||||
function testStartup() {
|
||||
$this->Controller->Security->startup($this->Controller);
|
||||
$result = $this->Controller->params['_Token']['key'];
|
||||
$this->assertNotNull($result);
|
||||
$this->assertTrue($this->Controller->Session->check('_Token'));
|
||||
}
|
||||
|
||||
function testValidatePostSimple() {
|
||||
$this->Controller->Security->startup($this->Controller);
|
||||
$key = $this->Controller->params['_Token']['key'];
|
||||
|
||||
$data['Model']['username'] = '';
|
||||
$data['Model']['password'] = '';
|
||||
$data['__Token']['key'] = $key;
|
||||
|
||||
$fields = array('Model' => array('username','password'),
|
||||
'__Token' => array('key' => $key));
|
||||
|
||||
$fields = $this->__sortFields($fields);
|
||||
|
||||
$fields = urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt')));
|
||||
$data['__Token']['fields'] = $fields;
|
||||
$this->Controller->data = $data;
|
||||
$result = $this->Controller->Security->__validatePost($this->Controller);
|
||||
$this->assertTrue($result);
|
||||
}
|
||||
|
||||
function testValidatePostCheckbox() {
|
||||
|
||||
$this->Controller->Security->startup($this->Controller);
|
||||
$key = $this->Controller->params['_Token']['key'];
|
||||
|
||||
$data['Model']['username'] = '';
|
||||
$data['Model']['password'] = '';
|
||||
$data['_Model']['valid'] = '0';
|
||||
$data['__Token']['key'] = $key;
|
||||
|
||||
$fields = array('Model' => array('username', 'password', 'valid'),
|
||||
'_Model' => array('valid' => '0'),
|
||||
'__Token' => array('key' => $key));
|
||||
|
||||
$fields = $this->__sortFields($fields);
|
||||
|
||||
$fields = urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt')));
|
||||
$data['__Token']['fields'] = $fields;
|
||||
|
||||
$this->Controller->data = $data;
|
||||
$result = $this->Controller->Security->__validatePost($this->Controller);
|
||||
$this->assertTrue($result);
|
||||
}
|
||||
|
||||
function testValidatePostHidden() {
|
||||
$this->Controller->Security->startup($this->Controller);
|
||||
$key = $this->Controller->params['_Token']['key'];
|
||||
|
||||
$data['Model']['username'] = '';
|
||||
$data['Model']['password'] = '';
|
||||
$data['_Model']['hidden'] = '0';
|
||||
$data['__Token']['key'] = $key;
|
||||
|
||||
$fields = array('Model' => array('username', 'password', 'hidden'),
|
||||
'_Model' => array('hidden' => '0'),
|
||||
'__Token' => array('key' => $key));
|
||||
|
||||
$fields = $this->__sortFields($fields);
|
||||
|
||||
$fields = urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt')));
|
||||
$data['__Token']['fields'] = $fields;
|
||||
|
||||
$this->Controller->data = $data;
|
||||
$result = $this->Controller->Security->__validatePost($this->Controller);
|
||||
$this->assertTrue($result);
|
||||
}
|
||||
|
||||
function testValidateHiddenMultipleModel() {
|
||||
$this->Controller->Security->startup($this->Controller);
|
||||
$key = $this->Controller->params['_Token']['key'];
|
||||
|
||||
$data['Model']['username'] = '';
|
||||
$data['Model']['password'] = '';
|
||||
$data['_Model']['valid'] = '0';
|
||||
$data['_Model2']['valid'] = '0';
|
||||
$data['_Model3']['valid'] = '0';
|
||||
$data['__Token']['key'] = $key;
|
||||
|
||||
$fields = array('Model' => array('username', 'password', 'valid'),
|
||||
'Model2'=> array('valid'),
|
||||
'Model3'=> array('valid'),
|
||||
'_Model2'=> array('valid' => '0'),
|
||||
'_Model3'=> array('valid' => '0'),
|
||||
'_Model' => array('valid' => '0'),
|
||||
'__Token' => array('key' => $key));
|
||||
|
||||
$fields = $this->__sortFields($fields);
|
||||
|
||||
$fields = urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt')));
|
||||
$data['__Token']['fields'] = $fields;
|
||||
|
||||
$this->Controller->data = $data;
|
||||
$result = $this->Controller->Security->__validatePost($this->Controller);
|
||||
$this->assertTrue($result);
|
||||
}
|
||||
|
||||
function __sortFields($fields) {
|
||||
foreach ($fields as $key => $value) {
|
||||
if(strpos($key, '_') !== 0) {
|
||||
sort($fields[$key]);
|
||||
}
|
||||
}
|
||||
ksort($fields);
|
||||
return $fields;
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
|
@ -44,19 +44,6 @@ class FolderTest extends UnitTestCase {
|
|||
$result = $Folder->pwd();
|
||||
$this->assertEqual($result, $path);
|
||||
|
||||
$result = $Folder->isWindowsPath($path);
|
||||
$expected = (DS == '\\' ? true : false);
|
||||
$this->assertEqual($result, $expected);
|
||||
|
||||
$result = $Folder->isAbsolute($path);
|
||||
$this->assertTrue($result);
|
||||
|
||||
$result = $Folder->isSlashTerm($path);
|
||||
$this->assertFalse($result);
|
||||
|
||||
$result = $Folder->isSlashTerm($path . DS);
|
||||
$this->assertTrue($result);
|
||||
|
||||
$result = $Folder->addPathElement($path, 'test');
|
||||
$expected = $path . DS . 'test';
|
||||
$this->assertEqual($result, $expected);
|
||||
|
|
@ -132,12 +119,76 @@ class FolderTest extends UnitTestCase {
|
|||
$result = $Folder->create($new);
|
||||
$this->assertTrue($result);
|
||||
|
||||
$result = $Folder->read(true, '.');
|
||||
$result = $Folder->read(true);
|
||||
$expected = array(array('0', 'cache', 'logs', 'sessions', 'tests'), array());
|
||||
$this->assertEqual($expected, $result);
|
||||
|
||||
$result = $Folder->read(true, array('.', '..', 'logs'));
|
||||
$expected = array(array('0', 'cache', 'sessions', 'tests'), array());
|
||||
$this->assertEqual($expected, $result);
|
||||
|
||||
$result = $Folder->delete($new);
|
||||
$this->assertTrue($result);
|
||||
}
|
||||
|
||||
function testFolderRead() {
|
||||
$Folder =& new Folder(TMP);
|
||||
$expected = array('cache', 'logs', 'sessions', 'tests');
|
||||
$results = $Folder->read();
|
||||
$this->assertEqual($results[0], $expected);
|
||||
}
|
||||
|
||||
function testFolderTree() {
|
||||
$Folder =& new Folder();
|
||||
$expected = array(array(CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding'),
|
||||
array(CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'config.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'paths.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '0000_007f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '0080_00ff.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '0100_017f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '0180_024F.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '0300_036f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '0370_03ff.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '0400_04ff.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '0500_052f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '0530_058f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '10400_1044f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '10a0_10ff.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '1e00_1eff.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '1f00_1fff.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '2100_214f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '2150_218f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '2460_24ff.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '2c00_2c5f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '2c60_2c7f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . '2c80_2cff.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . 'fb00_fb4f.php',
|
||||
CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config' . DS . 'unicode' . DS . 'casefolding' . DS . 'ff00_ffef.php'));
|
||||
|
||||
$results = $Folder->tree(CAKE_CORE_INCLUDE_PATH . DS . 'cake' . DS . 'config', false);
|
||||
$this->assertEqual($results, $expected);
|
||||
}
|
||||
|
||||
function testWindowsPath(){
|
||||
$Folder =& new Folder();
|
||||
$this->assertTrue($Folder->isWindowsPath('C:\cake'));
|
||||
$this->assertTrue($Folder->isWindowsPath('c:\cake'));
|
||||
}
|
||||
|
||||
function testIsAbsolute(){
|
||||
$Folder =& new Folder();
|
||||
$this->assertTrue($Folder->isAbsolute('C:\cake'));
|
||||
$this->assertTrue($Folder->isAbsolute('/usr/local'));
|
||||
$this->assertFalse($Folder->isAbsolute('cake/'));
|
||||
}
|
||||
|
||||
function testIsSlashTerm(){
|
||||
$Folder =& new Folder();
|
||||
$this->assertTrue($Folder->isSlashTerm('C:\cake\\'));
|
||||
$this->assertTrue($Folder->isSlashTerm('/usr/local/'));
|
||||
$this->assertFalse($Folder->isSlashTerm('cake'));
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
|
@ -49,7 +49,7 @@ class TestManager {
|
|||
}
|
||||
|
||||
function _installSimpleTest() {
|
||||
vendor('simpletest'.DS.'unit_tester', 'simpletest'.DS.'web_tester', 'simpletest'.DS.'mock_objects');
|
||||
vendor('simpletest'.DS.'unit_tester', 'simpletest'.DS.'mock_objects', 'simpletest'.DS.'web_tester');
|
||||
require_once(LIB_TESTS . 'cake_web_test_case.php');
|
||||
require_once(LIB_TESTS . 'cake_test_case.php');
|
||||
}
|
||||
|
|
@ -74,7 +74,7 @@ class TestManager {
|
|||
foreach ($testCases as $testCase) {
|
||||
$test->addTestFile($testCase);
|
||||
}
|
||||
$test->run($reporter);
|
||||
return $test->run($reporter);
|
||||
}
|
||||
|
||||
function runTestCase($testCaseFile, &$reporter) {
|
||||
|
|
@ -90,7 +90,7 @@ class TestManager {
|
|||
}
|
||||
$test =& new GroupTest("Individual test case: " . $testCaseFile);
|
||||
$test->addTestFile($testCaseFileWithPath);
|
||||
$test->run($reporter);
|
||||
return $test->run($reporter);
|
||||
}
|
||||
|
||||
function runGroupTest($groupTestName, $groupTestDirectory, &$reporter) {
|
||||
|
|
@ -104,7 +104,6 @@ class TestManager {
|
|||
|
||||
require_once $filePath;
|
||||
$test =& new GroupTest($groupTestName . ' group test');
|
||||
|
||||
foreach ($manager->_getGroupTestClassNames($filePath) as $groupTest) {
|
||||
$testCase = new $groupTest();
|
||||
$test->addTestCase($testCase);
|
||||
|
|
@ -112,7 +111,7 @@ class TestManager {
|
|||
$test->_label = $testCase->label;
|
||||
}
|
||||
}
|
||||
$test->run($reporter);
|
||||
return $test->run($reporter);
|
||||
}
|
||||
|
||||
function addTestCasesFromDirectory(&$groupTest, $directory = '.') {
|
||||
|
|
@ -365,4 +364,4 @@ class HtmlTestManager extends TestManager {
|
|||
return $buffer;
|
||||
}
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
Loading…
Reference in a new issue