Commit graph

16402 commits

Author SHA1 Message Date
ADmad
0c0448fe0b Fix travis builds.
Travis updated to phpunit 4 for PHP 5.3 and CakePHP needs phpunit 3.7.
2014-05-01 19:38:59 +05:30
ADmad
c930bbb0b3 Merge pull request #3421 from thinkingmedia/patch-1
Removed incorrect usage of @deprecated phpDoc
2014-04-30 19:27:15 +05:30
Mathew Foscarini
ceab9f185f Removed incorrect usage of @deprecated phpDoc
@deprecated is flagging the function element as deprecated in all IDE's that support phpDOC tags. There is no phpDoc tag to deprecate a function parameter.
2014-04-30 09:55:27 -04:00
mark_story
4b5e3c176e Update version number to 2.4.9 2014-04-29 21:52:10 -04:00
mark_story
e1057e3e6b Fix FormHelper::postLink() not working when SecurityComponent is enabled.
The action attribute value was not being included in the generated hash,
so postLink() forms never worked properly.

Fixes #3418
2014-04-29 11:23:52 -04:00
Mark Story
1a39917e76 Merge pull request #3416 from dereuromark/master-strict
More coding standard corrections.
2014-04-29 09:37:48 -04:00
euromark
7a287a6942 More coding standard corrections. 2014-04-29 14:19:33 +02:00
Mark Story
79ca18492a Merge pull request #3415 from dereuromark/master-strict
Stricter string comparisons.
2014-04-29 07:21:25 -04:00
euromark
bd074e7dc7 Stricter string comparisons. 2014-04-29 12:05:47 +02:00
mark_story
1d1a2f859c Fix coding standards error. 2014-04-28 20:56:06 -04:00
mark_story
a0eb736151 Update version number to 2.4.8 2014-04-28 20:35:20 -04:00
mark_story
a28158d614 Add additional test for f23d811ff5
I neglected to put a negative test to ensure validatePost fails when the
URL differs.
2014-04-26 10:23:27 -04:00
Mark Story
5b46eb71ec Merge pull request #3397 from steinkel/fix-formhelper-with-model-mock
fixed FormHelper to allow create() on Mock Models without errors
2014-04-26 08:53:43 -04:00
ADmad
68572d8046 Cannot use php 5.4+ array syntax for 2.x. 2014-04-26 17:30:31 +05:30
Jorge González
5cf2ce723c fixed FormHelper to allow create() on Mock Models without errors 2014-04-26 10:33:58 +01:00
mark_story
f23d811ff5 Use the form action URL in generated form hashes.
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.

Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
Mark Story
4a24d6ea31 Merge pull request #3395 from ADmad/2.4-autolinkurl
Fix auto linking urls with subdomain with underscore.

Fixes #3392
2014-04-25 15:33:24 -04:00
ADmad
27699d1f12 Fix auto linking urls with subdomain with underscore.
Closes #3392
2014-04-25 22:28:34 +05:30
Mark Story
00be120e7a Merge pull request #3381 from planardothum/shell-requires-cli
Add check to abort if $argv is undefined.
2014-04-24 12:32:54 -04:00
Harold Putman
d62e5e1b00 Prevent infinite loop caused when argv not set.
If shell is invoked with the wrong PHP executable (not CLI) and argv is not an array,  array_search on null causes infinite number of error messages.
2014-04-24 11:48:19 -04:00
mark_story
9d19801cfa Clear data and validationErrors *after* calling clearCache().
Having both properties cleaned after clearCache() means that you can use
the model data in specialized clearCache() implementations.

Fixes #3386
2014-04-24 09:19:00 -04:00
Mark Story
5eff011711 Merge pull request #3387 from php-engineer/master-security-test
Correct parameter order
2014-04-24 07:06:12 -04:00
Stefan Dickmann
f90f718e11 change parameter order 2014-04-24 12:54:45 +02:00
mark_story
6f68049bf5 Reject file paths containing ...
Paths containing `..` are generally up to no good. Throw an exception,
as developers can use realpath() if they really need to get relative
paths.

Fixes #3370
2014-04-23 22:20:14 -04:00
mark_story
2333c3d535 Update docs for file().
Mention that relative paths will be prepended with APP.

Refs #3370
2014-04-23 22:15:10 -04:00
Mark Story
a3ad1c859f Merge pull request #3376 from php-engineer/master-update-composer
update composer.json
2014-04-22 20:53:15 -04:00
Stefan Dickmann
01e95945ce update composer.json 2014-04-22 21:48:22 +02:00
Mark Story
e9c9e9697d Merge pull request #3319 from dogmatic69/patch-1
Fix closing non resource
2014-04-14 11:41:44 -04:00
Carl Sutton
5ac60288fd Fix closing non resource
I get a load of these errors when running tests in the shell, this check stops the errors from happening

Warning: 2 :: fclose() expects parameter 1 to be resource, integer given on line 298 of CORE\Cake\Console\ConsoleOutput.php
Trace:
fclose - [internal], line ??
ConsoleOutput::__destruct() - CORE\Cake\Console\ConsoleOutput.php, line 298
ToolbarComponent::_saveState() - APP\Plugin\DebugKit\Controller\Component\ToolbarComponent.php, line 307
ToolbarComponent::beforeRedirect() - APP\Plugin\DebugKit\Controller\Component\ToolbarComponent.php, line 307
ObjectCollection::trigger() - CORE\Cake\Utility\ObjectCollection.php, line 132
call_user_func - [internal], line ??
CakeEventManager::dispatch() - CORE\Cake\Event\CakeEventManager.php, line 247
Controller::redirect() - CORE\Cake\Controller\Controller.php, line 765
AuthComponent::_unauthenticated() - CORE\Cake\Controller\Component\AuthComponent.php, line 364
AuthComponent::startup() - CORE\Cake\Controller\Component\AuthComponent.php, line 304
ObjectCollection::trigger() - CORE\Cake\Utility\ObjectCollection.php, line 132
call_user_func - [internal], line ??
CakeEventManager::dispatch() - CORE\Cake\Event\CakeEventManager.php, line 247
Controller::startupProcess() - CORE\Cake\Controller\Controller.php, line 675
Dispatcher::_invoke() - CORE\Cake\Routing\Dispatcher.php, line 182
Dispatcher::dispatch() - CORE\Cake\Routing\Dispatcher.php, line 160
2014-04-14 14:15:46 +01:00
José Lorenzo Rodríguez
b9b1e85ff2 Merge pull request #3316 from bcrowe/hotfix-controller-template
Add newline after actions in controller template
2014-04-14 09:10:39 +02:00
Bryan Crowe
1a73906a50 Fix failing NoActions comparison test 2014-04-13 23:28:13 -04:00
Bryan Crowe
f7cc0c1802 Add newline after actions in controller template 2014-04-13 21:56:27 -04:00
mark_story
d4ae2b0b88 Correct types for Validation::range().
Refs #3304
2014-04-13 06:16:24 -04:00
Mark Story
d2fa1b444f Merge pull request #3301 from ubermaniac/Sqlserver-trim
Trim $sql before checking for SELECT
2014-04-11 18:48:41 -04:00
Joseph Woodruff
9aeea2fcc3 Trim $sql before checking for SELECT 2014-04-11 15:25:07 -06:00
Mark Story
fc1c686c31 Merge pull request #3297 from young-steveo/AclComponent-documentation-fix
Updated AclComponent documentation
2014-04-11 16:17:55 -04:00
Stephen Young
b55fa98a2d Updated documentation
* Removed references to nonexistent `AclBase` class
* Added references to `AclInterface` requirements
2014-04-11 15:10:56 -04:00
mark_story
3e579571aa Merge branch 'hash-fix' from glaforge/patch-1 into master.
Closes #3288
2014-04-10 20:37:34 -04:00
mark_story
c6173a0054 Add tests for #3288 and remove nested ternaries.
Nested ternaries are complicated to maintain and hard to read. Break
down the nested ternary into two conditionals.
2014-04-10 20:37:08 -04:00
Guillaume Lafarge
db450a96e9 Fix Hash type casting
When using comparison with a boolean, as the filter is a string, we have to convert the data boolean to "boolean string" to avoid type-casting troubles.

## Example
```php
$users = [
    [
        'id' => 2,
        'username' => 'johndoe',
        'active' => true
    ],
    [   'id' => 5,
        'username' => 'kevin',
        'active' => true
    ],
    [
        'id' => 9,
        'username' => 'samantha',
        'active' => false
    ],
];
$unactiveUsers = Hash::extract($users, '{n}[active=false]');
print_r($unactiveUsers);
```

This example returns the two unwanted active users because `"false"` is `true` but not `false` :)

I think this pull request will fix this issue by converting true/false boolean to string (to match with our filter).
2014-04-10 20:19:32 +02:00
Mark Story
f9a6c1905b Merge pull request #3210 from ubermaniac/Sqlserver-schema-prefix
Sqlserver schema prefix #3208
2014-04-09 14:31:09 -04:00
José Lorenzo Rodríguez
37aee6a40b Merge pull request #3247 from cakephp/master-docblocks
Correct doc blocks
2014-04-06 22:31:40 +02:00
euromark
6f53529520 Correct doc blocks 2014-04-06 22:27:51 +02:00
Jose Lorenzo Rodriguez
0d80c92ffb Revert "Merge pull request #3002 from moberemk/patch-2"
This reverts commit 8e3d6cffb7, reversing
changes made to 92800889a6.
2014-04-06 21:48:59 +02:00
José Lorenzo Rodríguez
8e3d6cffb7 Merge pull request #3002 from moberemk/patch-2
Allow chaining in the addCrumb method
2014-04-06 21:09:10 +02:00
mark_story
92800889a6 Update version number to 2.4.7 2014-04-04 22:25:48 -04:00
mark_story
7fb920c256 Add file missed in last commit. 2014-04-04 22:22:38 -04:00
mark_story
4ec81542db Fix email rendering when using 2 different plugins.
When an email template and layout are in different plugins the incorrect
plugin would be used for the layout.

Fixes #3062
2014-04-04 21:45:04 -04:00
mark_story
b8e21c99ee Only count _id if it is the last 3 characters in the field name.
This prevents issues when baking models for tables containing `_id`.

Fixes #3230
2014-04-04 21:26:31 -04:00
Mark Story
c92769c980 Merge pull request #3224 from dereuromark/master-deprecations
correct deprecation notices
2014-04-04 14:04:53 -04:00