From fc4846d676536a1f52393f1c2158cc7c030223f1 Mon Sep 17 00:00:00 2001
From: mark_story <mark@mark-story.com>
Date: Tue, 6 Dec 2011 12:23:15 -0500
Subject: [PATCH 1/4] Move overflow limits to only take effect after
 expiration.

---
 lib/Cake/Controller/Component/SecurityComponent.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/Cake/Controller/Component/SecurityComponent.php b/lib/Cake/Controller/Component/SecurityComponent.php
index 2a92a4f8a..6d6f91b06 100644
--- a/lib/Cake/Controller/Component/SecurityComponent.php
+++ b/lib/Cake/Controller/Component/SecurityComponent.php
@@ -553,16 +553,16 @@ class SecurityComponent extends Component {
  * @return array An array of nonce => expires.
  */
 	protected function _expireTokens($tokens) {
-		$now = time();
-		$overflow = count($tokens) - $this->csrfLimit;
-		if ($overflow > 0) {
-			$tokens = array_slice($tokens, $overflow + 1, null, true);
-		}
 		foreach ($tokens as $nonce => $expires) {
 			if ($expires < $now) {
 				unset($tokens[$nonce]);
 			}
 		}
+		$now = time();
+		$overflow = count($tokens) - $this->csrfLimit;
+		if ($overflow > 0) {
+			$tokens = array_slice($tokens, $overflow + 1, null, true);
+		}
 		return $tokens;
 	}
 

From 545694d84b2fd9c63d4961386e9691df6251834f Mon Sep 17 00:00:00 2001
From: mark_story <mark@mark-story.com>
Date: Tue, 6 Dec 2011 12:35:18 -0500
Subject: [PATCH 2/4] Fix undefined variable error.

---
 lib/Cake/Controller/Component/SecurityComponent.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Cake/Controller/Component/SecurityComponent.php b/lib/Cake/Controller/Component/SecurityComponent.php
index 6d6f91b06..7d4be3332 100644
--- a/lib/Cake/Controller/Component/SecurityComponent.php
+++ b/lib/Cake/Controller/Component/SecurityComponent.php
@@ -553,12 +553,12 @@ class SecurityComponent extends Component {
  * @return array An array of nonce => expires.
  */
 	protected function _expireTokens($tokens) {
+		$now = time();
 		foreach ($tokens as $nonce => $expires) {
 			if ($expires < $now) {
 				unset($tokens[$nonce]);
 			}
 		}
-		$now = time();
 		$overflow = count($tokens) - $this->csrfLimit;
 		if ($overflow > 0) {
 			$tokens = array_slice($tokens, $overflow + 1, null, true);

From 123a1a21baf307b85b9ea7e78017d02d375c1a91 Mon Sep 17 00:00:00 2001
From: mark_story <mark@mark-story.com>
Date: Wed, 7 Dec 2011 21:19:57 -0500
Subject: [PATCH 3/4] Fix issues with stack trace output.

Traces without files and without classes caused errors in printing
the fancy trace.
---
 lib/Cake/View/Elements/exception_stack_trace.ctp | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/lib/Cake/View/Elements/exception_stack_trace.ctp b/lib/Cake/View/Elements/exception_stack_trace.ctp
index 6d19ff0f4..be016757a 100644
--- a/lib/Cake/View/Elements/exception_stack_trace.ctp
+++ b/lib/Cake/View/Elements/exception_stack_trace.ctp
@@ -29,12 +29,14 @@ App::uses('Debugger', 'Utility');
 		printf(
 			'<a href="#" onclick="traceToggle(event, \'file-excerpt-%s\')">%s line %s</a>',
 			$i,
-			$stack['file'],
+			Debugger::trimPath($stack['file']),
 			$stack['line']
 		);
 		$excerpt = sprintf('<div id="file-excerpt-%s" class="cake-code-dump" style="display:none;"><pre>', $i);
 		$excerpt .= implode("\n", Debugger::excerpt($stack['file'], $stack['line'] - 1, 2));
 		$excerpt .= '</pre></div> ';
+	else:
+		echo '<a href="#">[internal function]</a>';
 	endif;
 	echo ' &rarr; ';
 	if ($stack['function']):
@@ -43,13 +45,13 @@ App::uses('Debugger', 'Utility');
 			$args[] = Debugger::getType($arg);
 			$params[] = Debugger::exportVar($arg, 2);
 		endforeach;
+
+		$called = isset($stack['class']) ? $stack['class'] . $stack['type'] . $stack['function'] : $stack['function'];
 	
 		printf(
-			'<a href="#" onclick="traceToggle(event, \'trace-args-%s\')">%s%s%s(%s)</a> ',
+			'<a href="#" onclick="traceToggle(event, \'trace-args-%s\')">%s(%s)</a> ',
 			$i,
-			$stack['class'],
-			$stack['type'],
-			$stack['function'],
+			$called,
 			implode(', ', $args)
 		);
 		$arguments = sprintf('<div id="trace-args-%s" class="cake-code-dump" style="display: none;"><pre>', $i);

From 64eb38a9531df2793f2a7679a4444f7bd94c66cd Mon Sep 17 00:00:00 2001
From: mark_story <mark@mark-story.com>
Date: Wed, 7 Dec 2011 22:30:40 -0500
Subject: [PATCH 4/4] Fix disabled + SecurityComponent

Disabled inputs should be omitted from the secured fields.
This will enable forms to submit successfully as long as those
inputs stay excluded from the form submission.

Fixes #2333
---
 .../Test/Case/View/Helper/FormHelperTest.php  | 28 +++++++++++++++++++
 lib/Cake/View/Helper/FormHelper.php           |  8 ++++--
 2 files changed, 33 insertions(+), 3 deletions(-)

diff --git a/lib/Cake/Test/Case/View/Helper/FormHelperTest.php b/lib/Cake/Test/Case/View/Helper/FormHelperTest.php
index 3e3ff9510..778c1925d 100644
--- a/lib/Cake/Test/Case/View/Helper/FormHelperTest.php
+++ b/lib/Cake/Test/Case/View/Helper/FormHelperTest.php
@@ -1365,6 +1365,34 @@ class FormHelperTest extends CakeTestCase {
 		$this->assertEquals($this->Form->fields, $expected);
 	}
 
+/**
+ * test that forms with disabled inputs + secured forms leave off the inputs from the form
+ * hashing.
+ *
+ * @return void
+ */
+	public function testFormSecuredAndDisabled() {
+		$this->Form->request['_Token'] = array('key' => 'testKey');
+
+		$this->Form->checkbox('Model.checkbox', array('disabled' => true));
+		$this->Form->text('Model.text', array('disabled' => true));
+		$this->Form->password('Model.text', array('disabled' => true));
+		$this->Form->textarea('Model.textarea', array('disabled' => true));
+		$this->Form->select('Model.select', array(1, 2), array('disabled' => true));
+		$this->Form->radio('Model.radio', array(1, 2), array('disabled' => array(1, 2)));
+		$this->Form->year('Model.year', null, null, array('disabled' => true));
+		$this->Form->month('Model.month', array('disabled' => true));
+		$this->Form->day('Model.day', array('disabled' => true));
+		$this->Form->hour('Model.hour', false, array('disabled' => true));
+		$this->Form->minute('Model.minute', array('disabled' => true));
+		$this->Form->meridian('Model.meridian', array('disabled' => true));
+
+		$expected = array(
+			'Model.radio' => ''
+		);
+		$this->assertEquals($expected, $this->Form->fields);
+	}
+
 /**
  * testDisableSecurityUsingForm method
  *
diff --git a/lib/Cake/View/Helper/FormHelper.php b/lib/Cake/View/Helper/FormHelper.php
index 5498f2db8..f67f7a359 100644
--- a/lib/Cake/View/Helper/FormHelper.php
+++ b/lib/Cake/View/Helper/FormHelper.php
@@ -1778,7 +1778,7 @@ class FormHelper extends AppHelper {
 		}
 
 		if (!empty($tag) || isset($template)) {
-			if (!isset($secure) || $secure == true) {
+			if ((!isset($secure) || $secure == true) && empty($attributes['disabled'])) {
 				$this->_secure(true);
 			}
 			$select[] = $this->Html->useTag($tag, $attributes['name'], array_diff_key($attributes, array('name' => '', 'value' => '')));
@@ -2492,7 +2492,9 @@ class FormHelper extends AppHelper {
  *
  * ### Options
  *
- *  - `secure` - boolean whether or not the field should be added to the security fields.
+ * - `secure` - boolean whether or not the field should be added to the security fields.
+ *   Disabling the field using the `disabled` option, will also omit the field from being
+ *   part of the hashed key.
  *
  * @param string $field Name of the field to initialize options for.
  * @param array $options Array of options to append options into.
@@ -2507,7 +2509,7 @@ class FormHelper extends AppHelper {
 		}
 
 		$result = parent::_initInputField($field, $options);
-		if ($secure === self::SECURE_SKIP) {
+		if (!empty($result['disabled']) || $secure === self::SECURE_SKIP) {
 			return $result;
 		}