adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-31 00:48:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding fix for FormHelper::checkbox() not creating the hidden fields.

Browse source 
Corrected errors when multiple hidden fields used in a form.
Fixed SecurityComponent::_ _validatePost() that would invalidate a form when checkboxes used.


git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5238 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
phpnut 2007-06-04 06:11:48 +00:00
parent 7ab1cad783
commit 52680ffcd3
4 changed files with 28 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
cake/libs/controller/components/security.php
View file

@ -473,7 +473,6 @@ class SecurityComponent extends Object {
} }
foreach ($key1 as $value) { foreach ($key1 as $value) {
if(in_array($value, $key)) { if(in_array($value, $key)) {
$remove = explode('.', $value); $remove = explode('.', $value);
unset($check[$remove['0']][$remove['1']]); unset($check[$remove['0']][$remove['1']]);
@ -484,7 +483,7 @@ class SecurityComponent extends Object {
} }
} }
} }
$merge = array();
foreach($check as $key => $value) { foreach($check as $key => $value) {
if($key === '__Token') { if($key === '__Token') {
$field[$key] = $value; $field[$key] = $value;
@ -494,27 +493,33 @@ class SecurityComponent extends Object {
if($string === '_') { if($string === '_') {
$newKey = substr($key, 1); $newKey = substr($key, 1);
$controller->data[$newKey] = Set::pushDiff($controller->data[$key], $controller->data[$newKey]);
unset($controller->data[$key]);
if(is_array($value)) { if(is_array($value)) {
$values = array_values($value); $values = array_values($value);
if(isset($values['0']) && empty($values['0'])) { $k = array_keys($value);
$k = array_keys($value); $count = count($k);
if(isset($values['0'])) { for($i = 0; $count > $i; $i++) {
$field[$key][$k['0']] = ''; $field[$key][$k[$i]] = $values[$i];
}
} else {
$field[$key] = $value;
} }
} }
foreach($k as $lookup) {
if(isset($controller->data[$newKey][$lookup])){
unset($controller->data[$key][$lookup]);
} elseif ($controller->data[$key][$lookup] === '0') {
$merge[] = $lookup;
}
}
$controller->data[$newKey] = Set::pushDiff($controller->data[$key], $controller->data[$newKey]);
unset($controller->data[$key]);
continue; continue;
} }
if(!array_key_exists($key, $value)) { if(!array_key_exists($key, $value)) {
$field[$key] = array_keys($value); $field[$key] = array_keys($value);
$field[$key] = array_merge($merge, $field[$key]);
} }
} }
$check = urlencode(Security::hash(serialize($field) . CAKE_SESSION_STRING)); $check = urlencode(Security::hash(serialize(sort($field)) . CAKE_SESSION_STRING));
if($form !== $check) { if($form !== $check) {
if(!$this->blackHole($controller, 'auth')) { if(!$this->blackHole($controller, 'auth')) {

2
cake/libs/model/model.php
View file

@ -2143,4 +2143,4 @@ if (!defined('CAKEPHP_UNIT_TEST_EXECUTION')) {
Overloadable::overload('Model'); Overloadable::overload('Model');
} }
?> ?>

12
cake/libs/view/helpers/form.php
View file

@ -247,7 +247,7 @@ class FormHelper extends AppHelper {
} }
function secure($fields) { function secure($fields) {
$append = '<p style="display: inline; margin: 0px; padding: 0px;">'; $append = '<p style="display: inline; margin: 0px; padding: 0px;">';
$append .= $this->hidden('_Token/fields', array('value' => urlencode(Security::hash(serialize($fields) . CAKE_SESSION_STRING)), 'id' => 'TokenFields' . mt_rand())); $append .= $this->hidden('_Token.fields', array('value' => urlencode(Security::hash(serialize(sort($fields)) . CAKE_SESSION_STRING)), 'id' => 'TokenFields' . mt_rand()));
$append .= '</p>'; $append .= '</p>';
return $append; return $append;
} }
@ -631,11 +631,11 @@ class FormHelper extends AppHelper {
} }
$output = null; $output = null;
if(isset($object) && is_int($options['value'])) { if(isset($object) && ($options['value'] == 0 || $options['value'] == 1)) {
$db =& ConnectionManager::getDataSource($object->useDbConfig); $db =& ConnectionManager::getDataSource($object->useDbConfig);
$value = $db->boolean($options['value']); $value = $db->boolean($options['value']);
$options['value'] = 1; $options['value'] = 1;
$output = $this->hidden($fieldName, array('value' => '-1', 'id' => $options['id'] . '_'), true); $output = $this->hidden($fieldName, array('value' => '0', 'id' => $options['id'] . '_'), true);
} }
if(isset($options['value']) && $value == $options['value']) { if(isset($options['value']) && $value == $options['value']) {
@ -705,7 +705,11 @@ class FormHelper extends AppHelper {
if(isset($this->params['_Token']) && !empty($this->params['_Token'])) { if(isset($this->params['_Token']) && !empty($this->params['_Token'])) {
$model = '_' . $model; $model = '_' . $model;
} }
$this->__secure($model, ife($options['value'], $options['value'], '')); $value = '';
if (!empty($options['value']) || $options['value'] === '0') {
$value = $options['value'];
}
$this->__secure($model, $value);
if (in_array($fieldName, array('_method', '_fields'))) { if (in_array($fieldName, array('_method', '_fields'))) {
$model = null; $model = null;

4
cake/tests/cases/libs/view/helpers/form.test.php
View file

@ -824,12 +824,12 @@ class FormHelperTest extends CakeTestCase {
$this->Form->validationErrors['Model']['field'] = 1; $this->Form->validationErrors['Model']['field'] = 1;
$this->Form->data['Contact']['published'] = 1; $this->Form->data['Contact']['published'] = 1;
$result = $this->Form->checkbox('Contact.published', array('id'=>'theID')); $result = $this->Form->checkbox('Contact.published', array('id'=>'theID'));
$this->assertEqual($result, '<input type="hidden" name="data[Contact][published]" value="-1" id="theID_" /><input type="checkbox" name="data[Contact][published]" type="checkbox" id="theID" value="1" checked="checked" />'); $this->assertEqual($result, '<input type="hidden" name="data[Contact][published]" value="0" id="theID_" /><input type="checkbox" name="data[Contact][published]" type="checkbox" id="theID" value="1" checked="checked" />');
$this->Form->validationErrors['Model']['field'] = 1; $this->Form->validationErrors['Model']['field'] = 1;
$this->Form->data['Contact']['published'] = 0; $this->Form->data['Contact']['published'] = 0;
$result = $this->Form->checkbox('Contact.published', array('id'=>'theID')); $result = $this->Form->checkbox('Contact.published', array('id'=>'theID'));
$this->assertEqual($result, '<input type="hidden" name="data[Contact][published]" value="-1" id="theID_" /><input type="checkbox" name="data[Contact][published]" type="checkbox" id="theID" value="1" />'); $this->assertEqual($result, '<input type="hidden" name="data[Contact][published]" value="0" id="theID_" /><input type="checkbox" name="data[Contact][published]" type="checkbox" id="theID" value="1" />');
} }