adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-09-10 05:22:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding checks to force limit to always be a positive integer. Fixes potential out of bounds type queries with paginate(). Fixes #418

Browse source
This commit is contained in:
Mark Story 2010-03-10 21:46:28 -05:00
parent d8a757ce75
commit 4c668c036c
2 changed files with 14 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
cake/libs/controller/controller.php
View file

@ -1168,8 +1168,13 @@ class Controller extends Object {
$type = $defaults[0];
unset($defaults[0]);
}
$options = array_merge(array('page' => 1, 'limit' => 20), $defaults, $options);
$options['limit'] = (empty($options['limit']) || !is_numeric($options['limit'])) ? 1 : $options['limit'];
$options['limit'] = (int) $options['limit'];
if (empty($options['limit']) || $options['limit'] < 1) {
$options['limit'] = 1;
}
extract($options);
if (is_array($scope) && !empty($scope)) {

8
cake/tests/cases/libs/controller/controller.test.php
View file

@ -595,6 +595,14 @@ class ControllerTest extends CakeTestCase {
$this->assertIdentical($Controller->params['paging']['ControllerPost']['pageCount'], 3);
$this->assertIdentical($Controller->params['paging']['ControllerPost']['prevPage'], false);
$this->assertIdentical($Controller->params['paging']['ControllerPost']['nextPage'], true);
$Controller->passedArgs = array();
$Controller->paginate = array('limit' => '-1');
$Controller->paginate('ControllerPost');
$this->assertIdentical($Controller->params['paging']['ControllerPost']['page'], 1);
$this->assertIdentical($Controller->params['paging']['ControllerPost']['pageCount'], 3);
$this->assertIdentical($Controller->params['paging']['ControllerPost']['prevPage'], false);
$this->assertIdentical($Controller->params['paging']['ControllerPost']['nextPage'], true);
}
/**