adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 03:18:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding option to disable POST data validation in Security component, fixes #5412

Browse source 
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@7617 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
nate 2008-09-17 15:27:41 +00:00
parent 85646b1908
commit e3d7aee9da
1 changed files with 15 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
cake/libs/controller/components/security.php
View file

@ -140,6 +140,14 @@ class SecurityComponent extends Object {
* @access public
*/
var $disabledFields = array();
/**
* Whether to validate POST data. Set to false to disable for data coming from 3rd party
* services, etc.
*
* @var boolean
* @access public
*/
var $validatePost = true;
/**
* Other components used by the Security component
*
@ -166,10 +174,15 @@ class SecurityComponent extends Object {
$this->_authRequired($controller);
$this->_loginRequired($controller);
if ((!isset($controller->params['requested']) || $controller->params['requested'] != 1) && ($this->RequestHandler->isPost() || $this->RequestHandler->isPut())) {
$isPost = ($this->RequestHandler->isPost() || $this->RequestHandler->isPut());
$isRequestAction = (
!isset($controller->params['requested']) ||
$controller->params['requested'] != 1
);
if ($isPost && $isRequestAction && $this->validatePost) {
$this->_validatePost($controller);
}
$this->_generateToken($controller);
}
/**