mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2025-01-18 18:46:17 +00:00
"Fixes #4394, SecurityComponent::!__validatePost fails on hasMany multi-record form.
" git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6618 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
parent
93d222a1a5
commit
c5f06674fa
2 changed files with 36 additions and 2 deletions
|
@ -564,11 +564,17 @@ class SecurityComponent extends Object {
|
||||||
unset($controller->data[$key]);
|
unset($controller->data[$key]);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
$keys = array_keys($value);
|
||||||
|
|
||||||
if (isset($field[$key])) {
|
if (isset($field[$key])) {
|
||||||
$field[$key] = array_merge($field[$key], array_keys($value));
|
$field[$key] = array_merge($field[$key], $keys);
|
||||||
|
} elseif (is_numeric($keys[0])) {
|
||||||
|
foreach ($value as $fields) {
|
||||||
|
$merge[] = array_keys($fields);
|
||||||
|
}
|
||||||
|
$field[$key] = $merge;
|
||||||
} else {
|
} else {
|
||||||
$field[$key] = array_keys($value);
|
$field[$key] = $keys;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -161,6 +161,34 @@ class SecurityComponentTest extends CakeTestCase {
|
||||||
$this->assertTrue($result);
|
$this->assertTrue($result);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function testValidateHasManyModel() {
|
||||||
|
$this->Controller->Security->startup($this->Controller);
|
||||||
|
$key = $this->Controller->params['_Token']['key'];
|
||||||
|
|
||||||
|
$data['Model'][0]['username'] = '';
|
||||||
|
$data['Model'][0]['password'] = '';
|
||||||
|
$data['Model'][1]['username'] = '';
|
||||||
|
$data['Model'][1]['password'] = '';
|
||||||
|
$data['__Token']['key'] = $key;
|
||||||
|
|
||||||
|
$fields = array(
|
||||||
|
'Model' => array(
|
||||||
|
0 => array('username', 'password'),
|
||||||
|
1 => array('username', 'password'),
|
||||||
|
),
|
||||||
|
'__Token' => array('key' => $key)
|
||||||
|
);
|
||||||
|
|
||||||
|
$fields = $this->__sortFields($fields);
|
||||||
|
|
||||||
|
$fields = urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt')));
|
||||||
|
$data['__Token']['fields'] = $fields;
|
||||||
|
|
||||||
|
$this->Controller->data = $data;
|
||||||
|
$result = $this->Controller->Security->__validatePost($this->Controller);
|
||||||
|
$this->assertTrue($result);
|
||||||
|
}
|
||||||
|
|
||||||
function __sortFields($fields) {
|
function __sortFields($fields) {
|
||||||
foreach ($fields as $key => $value) {
|
foreach ($fields as $key => $value) {
|
||||||
if(strpos($key, '_') !== 0) {
|
if(strpos($key, '_') !== 0) {
|
||||||
|
|
Loading…
Add table
Reference in a new issue