adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-31 09:06:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixed bug in AuthComponent that allowed uppercase actions to pass checks

Browse source 
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@8011 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
the_undefined 2009-01-26 18:50:09 +00:00
parent 1895f1c3be
commit 27065d7aab
2 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
cake/libs/controller/components/auth.php
View file

@ -265,7 +265,7 @@ class AuthComponent extends Object {
$isErrorOrTests = ( $isErrorOrTests = (
strtolower($controller->name) == 'cakeerror' || strtolower($controller->name) == 'cakeerror' ||
(strtolower($controller->name) == 'tests' && Configure::read() > 0) || (strtolower($controller->name) == 'tests' && Configure::read() > 0) ||
!in_array($controller->params['action'], $controller->methods) !in_array(strtolower($controller->params['action']), $controller->methods)
); );
if ($isErrorOrTests) { if ($isErrorOrTests) {
return true; return true;

3
cake/tests/cases/libs/controller/components/auth.test.php
View file

@ -651,6 +651,9 @@ class AuthTest extends CakeTestCase {
$this->Controller->params['action'] = 'add'; $this->Controller->params['action'] = 'add';
$this->assertFalse($this->Controller->Auth->startup($this->Controller)); $this->assertFalse($this->Controller->Auth->startup($this->Controller));
$this->Controller->params['action'] = 'Add';
$this->assertFalse($this->Controller->Auth->startup($this->Controller));
} }
/** /**
* testLoginRedirect method * testLoginRedirect method