adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-19 11:06:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding FormHelper security token patch from renan.saddam, fixes #5061, adding test to disprove #2729 (FormHelper::input() and float fields)

Browse source 
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@7486 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
nate 2008-08-22 16:05:34 +00:00
parent dbbbccdf18
commit 6f660812ca
2 changed files with 51 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
cake/libs/view/helpers/form.php
View file

@ -839,7 +839,7 @@ class FormHelper extends AppHelper {
* *
* @param string $fieldName Name of a field, like this "Modelname.fieldname" * @param string $fieldName Name of a field, like this "Modelname.fieldname"
* @param array $options Radio button options array. * @param array $options Radio button options array.
* @param array $attributes Array of HTML attributes. * @param array $attributes Array of HTML attributes.
* 'separator' - define the string in between the radio buttons * 'separator' - define the string in between the radio buttons
* 'legend' - control whether or not the widget set has a fieldset & legend * 'legend' - control whether or not the widget set has a fieldset & legend
* 'checked' - indicate a value that is checked * 'checked' - indicate a value that is checked
@ -972,6 +972,10 @@ class FormHelper extends AppHelper {
if (!in_array($fieldName, array('_method'))) { if (!in_array($fieldName, array('_method'))) {
$this->__secure($key, $value); $this->__secure($key, $value);
if (!in_array($model, array('_Token', '__Token')) && $value === '0') {
$this->__secure($model);
}
} }
return $this->output(sprintf($this->Html->tags['hidden'], $options['name'], $this->_parseAttributes($options, array('name', 'class'), '', ' '))); return $this->output(sprintf($this->Html->tags['hidden'], $options['name'], $this->_parseAttributes($options, array('name', 'class'), '', ' ')));
} }
@ -1078,9 +1082,9 @@ class FormHelper extends AppHelper {
* @param mixed $selected The option selected by default. If null, the default value * @param mixed $selected The option selected by default. If null, the default value
* from POST data will be used when available. * from POST data will be used when available.
* @param array $attributes The HTML attributes of the select element. * @param array $attributes The HTML attributes of the select element.
* 'showParents' - If included in the array and set to true, an additional option element * 'showParents' - If included in the array and set to true, an additional option element
* will be added for the parent of each option group. * will be added for the parent of each option group.
* 'multiple' - show a multiple select box. If set to 'checkbox' multiple checkboxes will be created instead. * 'multiple' - show a multiple select box. If set to 'checkbox' multiple checkboxes will be created instead.
* *
* @param mixed $showEmpty If true, the empty select option is shown. If a string, * @param mixed $showEmpty If true, the empty select option is shown. If a string,
* that string is displayed as the empty element. * that string is displayed as the empty element.

56
cake/tests/cases/libs/view/helpers/form.test.php
View file

@ -82,6 +82,22 @@ class Contact extends CakeTestModel {
* @access public * @access public
*/ */
var $name = 'Contact'; var $name = 'Contact';
/**
* Default schema
*
* @var array
* @access public
*/
var $_schema = array(
'id' => array('type' => 'integer', 'null' => '', 'default' => '', 'length' => '8'),
'name' => array('type' => 'string', 'null' => '', 'default' => '', 'length' => '255'),
'email' => array('type' => 'string', 'null' => '', 'default' => '', 'length' => '255'),
'phone' => array('type' => 'string', 'null' => '', 'default' => '', 'length' => '255'),
'password' => array('type' => 'string', 'null' => '', 'default' => '', 'length' => '255'),
'published' => array('type' => 'date', 'null' => true, 'default' => null, 'length' => null),
'created' => array('type' => 'date', 'null' => '1', 'default' => '', 'length' => ''),
'updated' => array('type' => 'datetime', 'null' => '1', 'default' => '', 'length' => null)
);
/** /**
* validate property * validate property
* *
@ -102,18 +118,8 @@ class Contact extends CakeTestModel {
* @access public * @access public
* @return void * @return void
*/ */
function schema() { function setSchema($schema) {
$this->_schema = array( $this->_schema = $schema;
'id' => array('type' => 'integer', 'null' => '', 'default' => '', 'length' => '8'),
'name' => array('type' => 'string', 'null' => '', 'default' => '', 'length' => '255'),
'email' => array('type' => 'string', 'null' => '', 'default' => '', 'length' => '255'),
'phone' => array('type' => 'string', 'null' => '', 'default' => '', 'length' => '255'),
'password' => array('type' => 'string', 'null' => '', 'default' => '', 'length' => '255'),
'published' => array('type' => 'date', 'null' => true, 'default' => null, 'length' => null),
'created' => array('type' => 'date', 'null' => '1', 'default' => '', 'length' => ''),
'updated' => array('type' => 'datetime', 'null' => '1', 'default' => '', 'length' => null)
);
return $this->_schema;
} }
/** /**
* hasAndBelongsToMany property * hasAndBelongsToMany property
@ -616,6 +622,32 @@ class FormHelperTest extends CakeTestCase {
); );
$this->assertTags($result, $expected); $this->assertTags($result, $expected);
} }
/**
* Tests correct generation of text fields for double and float fields
*
* @access public
* @return void
*/
function testTextFieldGenerationForFloats() {
$model = ClassRegistry::getObject('Contact');
$model->setSchema(array('foo' => array(
'type' => 'float',
'null' => false,
'default' => null,
'length' => null
)));
$this->Form->create('Contact');
$result = $this->Form->input('foo');
$expected = array(
'div' => array('class' => 'input text'),
'label' => array('for' => 'ContactFoo'),
'Foo',
'/label',
array('input' => array('type' => 'text', 'name' => 'data[Contact][foo]', 'value' => '', 'id' => 'ContactFoo')),
'/div'
);
}
/** /**
* testFormSecurityMultipleFields method * testFormSecurityMultipleFields method
* *