adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-18 18:46:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixing issue in Security component with modeless field names, fixes #4454. Thanks vuego for the test and patch!

Browse source 
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6685 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
mariano.iglesias 2008-04-17 22:51:40 +00:00
parent 5f8641aac9
commit ab3b90503f
3 changed files with 40 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
cake/libs/controller/components/security.php
View file

@ -579,7 +579,11 @@ class SecurityComponent extends Object {
}
continue;
}
$keys = array_keys($value);
if (is_array($value)) {
$keys = array_keys($value);
} else {
$keys = $value;
}
if (isset($field[$key])) {
$field[$key] = array_merge($field[$key], $keys);
@ -588,17 +592,19 @@ class SecurityComponent extends Object {
$merge[] = array_keys($fields);
}
$field[$key] = $merge;
} else {
} else if (is_array($keys)) {
$field[$key] = $keys;
} else {
$field[] = $key;
}
}
foreach ($field as $key => $value) {
if(strpos($key, '_') !== 0) {
if(strpos($key, '_') !== 0 && is_array($field[$key])) {
sort($field[$key]);
}
}
ksort($field);
ksort($field, SORT_STRING);
$check = urlencode(Security::hash(serialize($field) . Configure::read('Security.salt')));
if ($form !== $check) {

6
cake/libs/view/helpers/form.php
View file

@ -278,7 +278,7 @@ class FormHelper extends AppHelper {
$append = '<fieldset style="display:none;">';
foreach ($fields as $key => $value) {
if (strpos($key, '_') !== 0) {
if (strpos($key, '_') !== 0 && is_array($fields[$key])) {
sort($fields[$key]);
} else {
$model = substr($key, 1);
@ -287,7 +287,7 @@ class FormHelper extends AppHelper {
}
}
}
ksort($fields);
ksort($fields, SORT_STRING);
$append .= $this->hidden('_Token.fields', array('value' => urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt'))), 'id' => 'TokenFields' . mt_rand()));
$append .= '</fieldset>';
return $append;
@ -349,6 +349,8 @@ class FormHelper extends AppHelper {
if ((isset($this->fields[$model]) && !in_array($field, $this->fields[$model], true)) || !isset($this->fields[$model])) {
if (is_numeric($field)) {
$this->fields[$model][$field][] = $fieldSuffix;
} else if (is_null($field)) {
$this->fields[] = $model;
} else {
$this->fields[$model][] = $field;
}

24
cake/tests/cases/libs/controller/components/security.test.php
View file

@ -65,6 +65,26 @@ class SecurityComponentTest extends CakeTestCase {
$this->assertTrue($this->Controller->Session->check('_Token'));
}
function testValidatePostNoModel() {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->params['_Token']['key'];
$data['anything'] = 'some_data';
$data['__Token']['key'] = $key;
$fields = array('anything',
'__Token' => array('key' => $key));
$fields = $this->__sortFields($fields);
$fields = urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt')));
$data['__Token']['fields'] = $fields;
$this->Controller->data = $data;
$result = $this->Controller->Security->__validatePost($this->Controller);
$this->assertTrue($result);
$this->assertTrue($this->Controller->data == $data);
}
function testValidatePostSimple() {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->params['_Token']['key'];
@ -219,11 +239,11 @@ class SecurityComponentTest extends CakeTestCase {
function __sortFields($fields) {
foreach ($fields as $key => $value) {
if(strpos($key, '_') !== 0) {
if(strpos($key, '_') !== 0 && is_array($fields[$key])) {
sort($fields[$key]);
}
}
ksort($fields);
ksort($fields, SORT_STRING);
return $fields;
}
}