adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-19 11:06:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch '2.1' of github.com:cakephp/cakephp into 2.1

Browse source
This commit is contained in:
Ceeram 2011-12-08 10:45:48 +01:00
commit ec623086ff
4 changed files with 44 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/Cake/Controller/Component/SecurityComponent.php
View file

@ -554,15 +554,15 @@ class SecurityComponent extends Component {
*/ */
protected function _expireTokens($tokens) { protected function _expireTokens($tokens) {
$now = time(); $now = time();
$overflow = count($tokens) - $this->csrfLimit;
if ($overflow > 0) {
$tokens = array_slice($tokens, $overflow + 1, null, true);
}
foreach ($tokens as $nonce => $expires) { foreach ($tokens as $nonce => $expires) {
if ($expires < $now) { if ($expires < $now) {
unset($tokens[$nonce]); unset($tokens[$nonce]);
} }
} }
$overflow = count($tokens) - $this->csrfLimit;
if ($overflow > 0) {
$tokens = array_slice($tokens, $overflow + 1, null, true);
}
return $tokens; return $tokens;
} }

28
lib/Cake/Test/Case/View/Helper/FormHelperTest.php
View file

@ -1365,6 +1365,34 @@ class FormHelperTest extends CakeTestCase {
$this->assertEquals($this->Form->fields, $expected); $this->assertEquals($this->Form->fields, $expected);
} }
/**
* test that forms with disabled inputs + secured forms leave off the inputs from the form
* hashing.
*
* @return void
*/
public function testFormSecuredAndDisabled() {
$this->Form->request['_Token'] = array('key' => 'testKey');
$this->Form->checkbox('Model.checkbox', array('disabled' => true));
$this->Form->text('Model.text', array('disabled' => true));
$this->Form->password('Model.text', array('disabled' => true));
$this->Form->textarea('Model.textarea', array('disabled' => true));
$this->Form->select('Model.select', array(1, 2), array('disabled' => true));
$this->Form->radio('Model.radio', array(1, 2), array('disabled' => array(1, 2)));
$this->Form->year('Model.year', null, null, array('disabled' => true));
$this->Form->month('Model.month', array('disabled' => true));
$this->Form->day('Model.day', array('disabled' => true));
$this->Form->hour('Model.hour', false, array('disabled' => true));
$this->Form->minute('Model.minute', array('disabled' => true));
$this->Form->meridian('Model.meridian', array('disabled' => true));
$expected = array(
'Model.radio' => ''
);
$this->assertEquals($expected, $this->Form->fields);
}
/** /**
* testDisableSecurityUsingForm method * testDisableSecurityUsingForm method
* *

12
lib/Cake/View/Elements/exception_stack_trace.ctp
View file

@ -29,12 +29,14 @@ App::uses('Debugger', 'Utility');
printf( printf(
'<a href="#" onclick="traceToggle(event, \'file-excerpt-%s\')">%s line %s</a>', '<a href="#" onclick="traceToggle(event, \'file-excerpt-%s\')">%s line %s</a>',
$i, $i,
$stack['file'], Debugger::trimPath($stack['file']),
$stack['line'] $stack['line']
); );
$excerpt = sprintf('<div id="file-excerpt-%s" class="cake-code-dump" style="display:none;"><pre>', $i); $excerpt = sprintf('<div id="file-excerpt-%s" class="cake-code-dump" style="display:none;"><pre>', $i);
$excerpt .= implode("\n", Debugger::excerpt($stack['file'], $stack['line'] - 1, 2)); $excerpt .= implode("\n", Debugger::excerpt($stack['file'], $stack['line'] - 1, 2));
$excerpt .= '</pre></div> '; $excerpt .= '</pre></div> ';
else:
echo '<a href="#">[internal function]</a>';
endif; endif;
echo ' &rarr; '; echo ' &rarr; ';
if ($stack['function']): if ($stack['function']):
@ -43,13 +45,13 @@ App::uses('Debugger', 'Utility');
$args[] = Debugger::getType($arg); $args[] = Debugger::getType($arg);
$params[] = Debugger::exportVar($arg, 2); $params[] = Debugger::exportVar($arg, 2);
endforeach; endforeach;
$called = isset($stack['class']) ? $stack['class'] . $stack['type'] . $stack['function'] : $stack['function'];
printf( printf(
'<a href="#" onclick="traceToggle(event, \'trace-args-%s\')">%s%s%s(%s)</a> ', '<a href="#" onclick="traceToggle(event, \'trace-args-%s\')">%s(%s)</a> ',
$i, $i,
$stack['class'], $called,
$stack['type'],
$stack['function'],
implode(', ', $args) implode(', ', $args)
); );
$arguments = sprintf('<div id="trace-args-%s" class="cake-code-dump" style="display: none;"><pre>', $i); $arguments = sprintf('<div id="trace-args-%s" class="cake-code-dump" style="display: none;"><pre>', $i);

8
lib/Cake/View/Helper/FormHelper.php
View file

@ -1778,7 +1778,7 @@ class FormHelper extends AppHelper {
} }
if (!empty($tag) || isset($template)) { if (!empty($tag) || isset($template)) {
if (!isset($secure) || $secure == true) { if ((!isset($secure) || $secure == true) && empty($attributes['disabled'])) {
$this->_secure(true); $this->_secure(true);
} }
$select[] = $this->Html->useTag($tag, $attributes['name'], array_diff_key($attributes, array('name' => '', 'value' => ''))); $select[] = $this->Html->useTag($tag, $attributes['name'], array_diff_key($attributes, array('name' => '', 'value' => '')));
@ -2492,7 +2492,9 @@ class FormHelper extends AppHelper {
* *
* ### Options * ### Options
* *
* - `secure` - boolean whether or not the field should be added to the security fields. * - `secure` - boolean whether or not the field should be added to the security fields.
* Disabling the field using the `disabled` option, will also omit the field from being
* part of the hashed key.
* *
* @param string $field Name of the field to initialize options for. * @param string $field Name of the field to initialize options for.
* @param array $options Array of options to append options into. * @param array $options Array of options to append options into.
@ -2507,7 +2509,7 @@ class FormHelper extends AppHelper {
} }
$result = parent::_initInputField($field, $options); $result = parent::_initInputField($field, $options);
if ($secure === self::SECURE_SKIP) { if (!empty($result['disabled']) || $secure === self::SECURE_SKIP) {
return $result; return $result;
} }