adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-18 18:46:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

"Fixes #3846, Security blackhole when no radio selected

Browse source 
Fixes #3920, Multiple select w/ checkboxes issues warning when all are unselected
Fixes #3962, validation POST never pass when select multiple is submit
"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6546 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
phpnut 2008-03-10 00:25:59 +00:00
parent 11b48f865d
commit 5374807164
4 changed files with 32 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
cake/libs/controller/components/security.php
View file

@ -517,6 +517,10 @@ class SecurityComponent extends Object {
if (!isset($controller->data[$newKey])) {
$controller->data[$newKey] = array();
if (array_keys($controller->data[$key]) === array($newKey)) {
$field[$newKey] = array($newKey);
}
}
if (is_array($value)) {
@ -545,12 +549,11 @@ class SecurityComponent extends Object {
unset($controller->data[$key]);
continue;
}
if (!array_key_exists($key, $value)) {
if (isset($field[$key])) {
$field[$key] = array_merge($field[$key], array_keys($value));
} else {
$field[$key] = array_keys($value);
}
if (isset($field[$key])) {
$field[$key] = array_merge($field[$key], array_keys($value));
} else {
$field[$key] = array_keys($value);
}
}

3
cake/libs/model/model.php
View file

@ -1198,6 +1198,9 @@ class Model extends Overloadable {
foreach ($joined as $assoc => $value) {
$newValues = array();
if (empty($value)) {
$value = array();
}
if (isset($this->hasAndBelongsToMany[$assoc])) {
list($join) = $this->joinModel($this->hasAndBelongsToMany[$assoc]['with']);
$conditions = array($join . '.' . $this->hasAndBelongsToMany[$assoc]['foreignKey'] => $id);

18
cake/libs/view/helpers/form.php
View file

@ -758,22 +758,22 @@ class FormHelper extends AppHelper {
function radio($fieldName, $options = array(), $attributes = array()) {
$attributes = $this->__initInputField($fieldName, $attributes);
$this->__secure();
$legend = false;
if (isset($attributes['legend'])) {
$legend = $attributes['legend'];
unset($attributes['legend']);
} elseif (count($options) > 1) {
$legend = __(Inflector::humanize($this->field()), true);
}
$label = true;
if (isset($attributes['label'])) {
$label = $attributes['label'];
unset($attributes['label']);
}
$inbetween = null;
if (isset($attributes['separator'])) {
$inbetween = $attributes['separator'];
unset($attributes['separator']);
@ -784,25 +784,29 @@ class FormHelper extends AppHelper {
} else {
$value = $this->value($fieldName);
}
$out = array();
foreach ($options as $optValue => $optTitle) {
$optionsHere = array('value' => $optValue);
if (isset($value) && $optValue == $value) {
$optionsHere['checked'] = 'checked';
}
$parsedOptions = $this->_parseAttributes(array_merge($attributes, $optionsHere), array('name', 'type', 'id'), '', ' ');
$tagName = Inflector::camelize($this->model() . '_' . $this->field() . '_'.Inflector::underscore($optValue));
if ($label) {
$optTitle = sprintf($this->Html->tags['label'], $tagName, null, $optTitle);
}
$out[] = sprintf($this->Html->tags['radio'], $attributes['name'], $tagName, $parsedOptions, $optTitle);
}
$hidden = null;
if (!isset($value)) {
if (!isset($value) || $value === '') {
$hidden = $this->hidden($fieldName, array('value' => '', 'id' => $attributes['id'] . '_'), true);
}
$out = $hidden . join($inbetween, $out);
if ($legend) {
$out = sprintf($this->Html->tags['fieldset'], $legend, $out);
}
@ -868,7 +872,7 @@ class FormHelper extends AppHelper {
$key = '_' . $model;
if (isset($this->params['_Token']) && !empty($this->params['_Token'])) {
$options['name'] = str_replace($model, $key, $options['name']);
$options['name'] = preg_replace("/$model/", $key, $options['name'], 1);
}
if (!empty($options['value']) || $options['value'] === '0') {
@ -1034,10 +1038,10 @@ class FormHelper extends AppHelper {
if ($attributes['multiple'] === 'checkbox') {
$tag = $this->Html->tags['checkboxmultiplestart'];
$style = 'checkbox';
$select[] = $this->hidden(null, array('value' => ''));
} else {
$tag = $this->Html->tags['selectmultiplestart'];
}
$select[] = $this->hidden(null, array('value' => ''));
} else {
$tag = $this->Html->tags['selectstart'];
}

18
cake/tests/cases/libs/view/helpers/form.test.php
View file

@ -777,9 +777,9 @@ class FormHelperTest extends CakeTestCase {
function testSelectMultiple() {
$result = $this->Form->select('Model.multi_field', array('first', 'second', 'third'), null, array('multiple' => true));
$this->assertPattern('/^<select[^<>]+name="data\[Model\]\[multi_field\]\[\]"[^<>\/]*>/', $result);
$this->assertPattern('/^<select[^<>]+id="ModelMultiField"[^<>\/]*>/', $result);
$this->assertPattern('/^<select[^<>]+multiple="multiple"[^<>\/]*>/', $result);
$this->assertPattern('/^<input type="hidden"[^<>]+ \/>\s*<select[^<>]+name="data\[Model\]\[multi_field\]\[\]"[^<>\/]*>/', $result);
$this->assertPattern('/^<input type="hidden"[^<>]+ \/>\s*<select[^<>]+id="ModelMultiField"[^<>\/]*>/', $result);
$this->assertPattern('/^<input type="hidden"[^<>]+ \/>\s*<select[^<>]+multiple="multiple"[^<>\/]*>/', $result);
$this->assertNoPattern('/^<select[^<>]+[^name|id|multiple]=[^<>\/]*>/', $result);
$this->assertNoPattern('/option value=""/', $result);
$this->assertNoPattern('/selected/', $result);
@ -790,7 +790,7 @@ class FormHelperTest extends CakeTestCase {
$this->assertPattern('/<\/select>$/', $result);
$result = $this->Form->select('Model.multi_field', array('first', 'second', 'third'), null, array('multiple' => 'multiple'));
$this->assertPattern('/^<select[^<>]+multiple="multiple"[^<>\/]*>/', $result);
$this->assertPattern('/^<input type="hidden"[^<>]+ \/>\s*<select[^<>]+multiple="multiple"[^<>\/]*>/', $result);
$this->assertNoPattern('/^<select[^<>]+[^name|id|multiple]=[^<>\/]*>/', $result);
$result = $this->Form->select('Model.multi_field', array('first', 'second', 'third'), array(0, 1), array('multiple' => true));
@ -1406,10 +1406,10 @@ class FormHelperTest extends CakeTestCase {
$this->Form->create();
$result = $this->Form->select('People.People', $options, null, array('multiple' => true));
$this->assertPattern('/^<select[^<>]+>\s*(<option[^<>]+>.+<\/option>\s*){3}<\/select>$/', $result);
$this->assertPattern('/^<select[^<>]+name="data\[People\]\[People\]\[\]"[^<>]*>/', $result);
$this->assertPattern('/^<select[^<>]+multiple="multiple"[^<>]*>/', $result);
$this->assertPattern('/^<select[^<>]+id="PeoplePeople"[^<>]*>/', $result);
$this->assertPattern('/^<input type="hidden"[^<>]+ \/>\s*<select[^<>]+>\s*(<option[^<>]+>.+<\/option>\s*){3}<\/select>$/', $result);
$this->assertPattern('/^<input type="hidden"[^<>]+ \/>\s*<select[^<>]+name="data\[People\]\[People\]\[\]"[^<>]*>/', $result);
$this->assertPattern('/^<input type="hidden"[^<>]+ \/>\s*<select[^<>]+multiple="multiple"[^<>]*>/', $result);
$this->assertPattern('/^<input type="hidden"[^<>]+ \/>\s*<select[^<>]+id="PeoplePeople"[^<>]*>/', $result);
$this->assertNoPattern('/<select[^<>]+[^id|name|multiple]=[^<>]*>$/', $result);
}
@ -1589,7 +1589,7 @@ class FormHelperTest extends CakeTestCase {
$result = $this->Form->input('MyOther.id');
$this->assertEqual($result, '<input type="hidden" name="data[MyOther][id]" value="" id="MyOtherId" />');
}
function testDbLessModel() {
$this->Form->create('TestMail');