Highstrike
58983f717a
2.7.0-RC Auth doesn't use the new Flash component
...
Changed 'Flash.' to 'Message.' and also provided backwards compatibility
in FlashHelper->render
2015-06-24 14:06:35 +03:00
mark_story
d7d8b90986
Merge branch '2.6' into 2.7
2015-05-28 19:34:59 -04:00
mark_story
65691836be
Fix syntax errors in PHP <5.4
2015-05-28 17:39:52 -04:00
mark_story
995d8d22c6
Disable reading XML files and URLs when handling user data.
...
Allowing users to load arbitrary files/URLs with Xml is not desirable
when handing user input.
2015-05-27 09:45:53 -04:00
mark_story
8cadb553d7
Merge branch 'master' into 2.7
2015-03-14 22:08:53 -04:00
mark_story
8e735c2db0
Fix class name in scaffold error.
...
Fixes #6061
2015-03-12 22:00:03 -04:00
mark_story
0b916cedbb
Merge branch 'master' into 2.7
2015-03-09 21:55:20 -04:00
mark_story
02c9dda9a7
Make maxLimit and limit settings independent.
...
Having maxLimit infer what it should be based on limit was not a very
transparent default behavior. The documentation states that maxLimit
will default to 100, but the code would default it to 'limit' if set.
This created confusing behavior when only one setting was defined.
Refs #5973
2015-02-27 22:35:52 -05:00
mark_story
63769ae4a6
Merge branch 'master' into 2.7
...
Conflicts:
lib/Cake/VERSION.txt
2015-02-26 12:50:35 -05:00
mark_story
c92cfb413f
Allow numeric sorts in PaginatorComponent.
...
When paginating data, we should not ignore numerically indexed order
conditions. Instead they should be handled similar to Model::find().
This creates a slightly different behavior when model's have default
sorting applied as more default sort options forms will be honoured.
Refs #5964
2015-02-25 21:38:56 -05:00
James Tancock
3cee029aa7
Removed usage of __() for InternalError
2015-02-12 15:09:18 +00:00
James Tancock
1cb670bdfa
Add deprecated doctag for current methods
2015-02-10 08:15:01 +00:00
James Tancock
e173c29d33
Fix for phpcs
2015-02-04 15:31:50 +00:00
James Tancock
2ff6bdccec
Back port of Flash component & helper
2015-02-04 12:18:31 +00:00
Mark Story
35e0dc2bbd
Merge pull request #5760 from cakephp/master
...
Merge master into 2.7
2015-01-27 20:48:15 -05:00
Mark Scherer
4fa5dd62c5
Remove conditional status setting.
2015-01-26 23:47:20 +01:00
Mark Scherer
70276b7a7a
Doc block adjustment.
2015-01-26 10:35:02 +01:00
Mark Scherer
e753fbadca
Fix ControllerTestCase redirect
2015-01-26 10:31:04 +01:00
mark_story
3078a1eb52
Merge branch 'master' into 2.7
...
Conflicts:
lib/Cake/VERSION.txt
2015-01-16 22:22:26 -05:00
mark_story
396d501d1e
Fix / being handled incorrect by referer()
...
Backport changes in #4987 to 2.x. This solves issues with duplicate base
directories when redirecting back to '/'
Fixes #4812
2015-01-15 21:26:34 -05:00
mark_story
ac9a212d44
Merge branch 'master' into 2.7
...
Conflicts:
lib/Cake/Utility/String.php
2015-01-11 15:25:18 -05:00
antograssiot
c2f298a8b7
Replace our custom code fence with markdown standard fence
2015-01-09 13:47:25 +01:00
euromark
52ecccb1a2
App::uses and usage replacements for String => CakeText.
2015-01-05 01:00:57 +01:00
Mark Story
7bbc3dfd90
Merge pull request #5470 from cakephp/2.7-session
...
Backport Session consume() to 2.x
2014-12-26 12:22:20 -05:00
euromark
545ff20e1d
Add component and helper wrapper methods.
2014-12-23 03:50:35 +01:00
Mark Story
1651e7742c
Merge pull request #5088 from sebastienbarre/ticket-5041
...
Ticket #5041 : have Auth::login() send Auth.afterIdentify event
2014-12-18 00:12:22 -05:00
mark_story
4d6611b328
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/VERSION.txt
2014-12-17 21:38:32 -05:00
euromark
e1c128bb99
Consolidate with conditions sniff.
2014-12-09 03:17:35 +01:00
mark_story
ad2d6edda9
Merge branch 'master' into 2.6
2014-12-06 21:28:59 -05:00
Guy Warner
fb61d9393b
Add @trigger doc blocks of methods triggering CakeEvent
2014-11-30 14:45:40 -07:00
Sebastien Barre
7da48669c8
Have BaseAuthenticate implement CakeEventListener instead
2014-11-22 13:31:38 -05:00
Sebastien Barre
50e5b5e8fe
Move App::uses() again
2014-11-22 13:31:38 -05:00
Sebastien Barre
43413f029e
Ticket 5041: have Auth::login() send Auth.afterIdentify event
2014-11-22 13:31:38 -05:00
euromark
41c646c5a1
Simplification of return types. No need to return more mixed than necessary.
2014-11-08 20:07:47 +01:00
euromark
345a18f15f
Merge branch 'master' into 2.6
2014-11-05 23:29:06 +01:00
euromark
768f2c809c
Correct doc block return types.
2014-11-05 13:03:27 +01:00
Sebastien Barre
2995d9319c
Prepend model alias for safety
2014-11-01 09:36:59 -04:00
Sebastien Barre
417c137d11
Fix DigestAuthenticate test
2014-10-31 21:42:18 -04:00
Sebastien Barre
2f62ee2cde
ticket #5017 add userFields setting to BaseAuthenticate
2014-10-31 15:00:19 -04:00
mark_story
b98d2a3365
Merge branch 'master' into 2.6
2014-10-24 22:05:46 -04:00
mark_story
cdc67116c5
Handle query string arguments in digest auth data.
...
Handle &, ? in digest auth data uri.
Refs #4908
2014-10-17 23:12:41 -04:00
mark_story
87fcc9f0b9
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/VERSION.txt
2014-10-13 21:11:38 -04:00
Bryan Crowe
e16bef1868
Fix missing 'r' from your
2014-10-08 15:06:30 -04:00
mark_story
cf45d3fab8
Merge branch 'master' into 2.6
2014-09-22 20:46:28 -04:00
Mischa ter Smitten
a69e9bc63b
Cs fixes
2014-09-18 10:50:35 +02:00
mark_story
0d11cf7a33
Merge branch 'master' into 2.6
2014-09-14 23:26:33 -04:00
Joseph Sutton
faaba42aa7
Fixed type-casting for AuthComponent::login()
2014-09-14 11:15:08 -05:00
Joseph Sutton
87a58eeaea
AuthComponent::login() returning deprecated method
...
Changed $this->loggedIn() to $this->user(), as per the PHPDOC for loggedIn() at line 817
2014-09-14 00:28:30 -05:00
ADmad
3fb252ad2f
Merge branch 'master' into 2.6
2014-09-13 00:37:16 +05:30
euromark
04ef39217f
Take care of more int casts.
2014-09-10 16:29:23 +02:00
euromark
e77f96d8b7
Use (int) cast instead of intval() function for performance reasons and to unify it.
2014-09-10 15:52:57 +02:00
mark_story
734bb9223b
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/Core/App.php
lib/Cake/VERSION.txt
2014-09-06 23:04:20 -04:00
Jeremy Harris
3a41433c94
Deprecated AuthComponent::mapActions
2014-09-04 08:35:40 -05:00
Marc Würth
67ba9cb406
Update all @deprecated annotations
...
to adhere to the @deprecated <version> <description> format, where version and description are mandatory.
2014-09-02 17:03:22 +02:00
Jeremy Harris
66b2173566
Made AuthComponent::mapActions() act as a getter refs #3331
2014-08-29 08:23:41 -05:00
euromark
5f5218f3b2
Fix cookie reading.
2014-08-06 22:53:54 +02:00
Steve Tauber
0af698c591
Updating RequestHandlerComponent to accept body of HTTP Delete requests
2014-07-29 16:08:33 +02:00
David Steinsland
b61972871a
Fixed sending of headers when ajaxLogin is set
2014-07-22 13:21:42 +02:00
mark_story
b3dfad614a
Correct pattern matching.
...
Instead of 10 digits, it should limit at 10 groups.
Refs 1988e89e73
2014-07-06 09:42:20 -04:00
Schlaefer
9fa7afa354
fixes #3887 CSRF reusable token expires
2014-07-06 10:39:00 +02:00
mark_story
1988e89e73
Add an upper bound to the POST data SecurityComponent will consider.
...
'Kurita Takashi' has let us know that the previous patterns could be
abused by an evil doer. One could potentially send a very large deeply
nested POST data structure. Matching that structure could overflow the
PCRE limits causing a segmentation fault. Adding an upper bound will
solve the problem and I doubt anyone is doing POST data structures with
more than 10 levels of nesting.
2014-07-03 22:02:00 -04:00
euromark
974ca851c2
Correct doc blocks according to cs guidelines.
...
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
b4bcd74e60
Whitelist more URL-y characters in digest parsing.
...
Android clients include a full URL instead of just the URI. Also handle
situations where URLencoded bytes and document fragments are used.
Refs #3779
2014-06-23 14:39:35 -04:00
euromark
a927f5d954
remove wrong App::uses() call
2014-06-17 05:10:19 +02:00
Bryan Crowe
1db10b4dd1
Basic grammar update to BasicAuthenticate docblock
2014-06-16 21:48:35 -04:00
ADmad
4ee7cf6564
Remove lies from API docblock for BasicAuthenticate class.
...
Add info on how to configure for cookieless/stateless operation without redirection.
2014-06-08 14:05:08 +05:30
mark_story
07b43403fb
Fix doc errors in Component/Acl.
2014-06-06 13:57:15 -04:00
mark_story
7058921275
Fix doc comment errors in Acl classes.
2014-06-05 00:15:45 -04:00
mark_story
975e4c3af0
Allow username of 0 in basic authentication.
...
Refs #3624
2014-06-02 22:02:28 -04:00
mark_story
d1e4dfac47
Add tests for #3624
...
The username of '0' should be accepted by FormAuthenticate.
Refs #3624
2014-06-02 21:58:50 -04:00
KeinBaum
88b3629f4f
#3623 : Allow username "0" with FormAuthenticate
2014-06-02 19:11:02 +02:00
ADmad
3d9b2b80cb
More API docblock fixes.
2014-06-01 03:06:05 +05:30
mark_story
b2207c1ca8
Reverse conditions to make the cheapest condition first.
...
We don't need to do a count() if the page is not 1.
Refs #3333
2014-05-12 22:09:27 -04:00
Toby Cox
823f01601d
enhancement to paginator
...
As pointed out, we need to make sure that we are also on the first page
to make this conditional clause valid
2014-05-12 21:49:08 -04:00
Toby Cox
296ea215b1
Enhancement to paginator
...
No point in finding the count (via model) if the returned result count
is less than our limit. We then know that the count is the count of our
results
2014-05-12 21:49:07 -04:00
mark_story
89cd114e6f
Merge branch 'master' into 2.5
2014-05-12 14:30:02 -04:00
José Lorenzo Rodríguez
751d2d8f2d
Merge pull request #3448 from dereuromark/master-controller
...
Controller::referer() and local URL
2014-05-07 22:42:28 +02:00
Renan Gonçalves
87683b10f1
Allowing same Authenticate object to be setup with different settings.
2014-05-06 22:10:41 +02:00
ADmad
d466e00644
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/Model/Datasource/DboSource.php
lib/Cake/Test/Case/Model/Datasource/Database/MysqlTest.php
lib/Cake/Utility/Folder.php
lib/Cake/VERSION.txt
2014-05-04 14:35:36 +05:30
euromark
7a287a6942
More coding standard corrections.
2014-04-29 14:19:33 +02:00
euromark
43d359b1d7
Make referer() behave as expected.
2014-04-28 17:23:26 +02:00
mark_story
de0062de77
Merge branch 'master' into 2.5
2014-04-25 22:10:02 -04:00
mark_story
f23d811ff5
Use the form action URL in generated form hashes.
...
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.
Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
mark_story
d54fbe6f60
Merge branch 'master' into 2.5
2014-04-18 22:13:56 -04:00
Stephen Young
b55fa98a2d
Updated documentation
...
* Removed references to nonexistent `AclBase` class
* Added references to `AclInterface` requirements
2014-04-11 15:10:56 -04:00
euromark
a7744e6ff4
a few more corrections
2014-04-08 01:49:33 +02:00
euromark
0ece694a75
microptimize options and default merge and other string key array merges
2014-04-08 01:25:14 +02:00
Jose Lorenzo Rodriguez
343d3279b9
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/Test/Case/Utility/FileTest.php
lib/Cake/VERSION.txt
2014-04-06 21:50:41 +02:00
euromark
823909603a
correct deprecation notices
2014-04-04 19:18:02 +02:00
mark_story
f9b45f1b60
Merge branch 'master' into 2.5
2014-03-30 21:24:55 -04:00
sam-at-github
5ceb4abe1a
Removed arbitrary restriction on crud operations. Added some comments to explain parameters to mapActions() better.
2014-03-28 13:35:08 +11:00
mark_story
381b3fc9c3
Merge branch 'master' into 2.5
2014-03-25 21:30:56 -04:00
mark_story
de9a5a5845
Add deprecated flag to methods that are removed in 3.0.
...
A few methods in Controller were not marked as deprecated, but already
removed in 3.0. Shore up that difference.
Refs #3105
2014-03-23 20:40:17 -04:00
ADmad
abacf0d14b
Remove setting of Controller::$ext by RequestHandler.
...
Closes #3022
2014-03-16 20:09:08 +05:30
Mark
3ca338fe26
Merge pull request #2781 from davidsteinsland/2.5
...
Fixed HTTP Status code when ajaxLogin is set
2014-03-06 12:37:51 +01:00
mark_story
0f584c0e8b
Merge branch 'master' into 2.5
2014-02-24 21:19:17 -05:00
Sam
62cb733988
One liner. Dont call function parseAccept() twice in RequestHandlerComponent.
2014-02-21 00:54:10 +11:00
ADmad
9de3418079
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/Model/Permission.php
2014-02-11 18:17:59 +05:30
Eric Martins
2793dca671
Fix ApiGen errors
2014-02-07 18:29:54 -02:00
David Steinsland
f2b9aa5ca4
Fixed HTTP Status code when ajaxLogin is set
2014-02-05 16:05:02 +01:00
euromark
e3befe30df
deprecated loggedIn
2014-01-07 16:12:38 +01:00
mark_story
3cee3b0e99
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/VERSION.txt
2013-12-30 21:28:22 -05:00
Bryan Crowe
49bb441cef
Update some grammar in Controller
2013-12-30 00:13:26 -05:00
mark_story
a7ecf44007
Deprecated scaffold and scaffoldview.
...
They have already been removed in 3.0, so mark them accordingly.
2013-12-20 14:16:44 -05:00
ADmad
27979286b2
Revert change done in 11f543f1f2
.
...
The change is unneeded now as Security::encrypt() no longer throws exception
for falsey values.
2013-12-15 20:29:41 +05:30
Mark Story
bf96ea36d9
Merge pull request #2482 from zoghal/2.5-cookie-fix2
...
fix CookieComponent - when write null or empty string
2013-12-14 16:21:58 -08:00
mark_story
c2b8778ce8
Merge branch 'master' into 2.5
2013-12-14 17:45:49 -05:00
Saleh Souzanchi
11f543f1f2
fix CookieComponent - when write null or empty string
2013-12-15 02:15:36 +03:30
Mark Story
384c3a815d
Merge pull request #2350 from tuffz/formatting_app_uses_blocks
...
formatting app::uses blocks
2013-12-14 12:37:02 -08:00
mark_story
48d2618c62
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/Routing/Router.php
2013-12-08 21:25:59 -05:00
ADmad
738d0e2277
Fixed edge case which allowed login with empty password.
...
Ensure skipping call to FormAuthenticate::_checkFields() does not allow
logging in with empty password. Closes #2441 .
2013-12-07 18:40:08 +05:30
mark_story
8578708e76
Merge branch 'master' into 2.5
2013-12-01 21:37:37 -05:00
ADmad
c72def4840
Moved exception throwing to after paging info it set for request.
...
This fixes the regression caused in 2096d3f632
. When catching exception
thrown by PaginatorComponent::paginate() in controller, developer again
has access to paging info in request object.
Closes #2402
2013-11-30 19:00:08 +05:30
ADmad
dda6080579
Merge branch 'master' into 2.5
2013-11-19 00:27:12 +05:30
Eric Büttner
1e3865acc7
formatting app::uses blocks (refs #2265 )
2013-11-18 11:56:00 +01:00
Marc Würth
229bd69903
Added link to three hash methods
2013-11-17 03:40:39 +01:00
Marc Würth
7cfa0116f4
Removed "PHP 5" from file header DocBlocks
...
This statement does not serve a purpose anymore.
In a long forgotten world it indicated the main version number of PHP which the code in the file was compatible to.
http://pear.php.net/manual/en/standards.sample.php
But since PHP 5.1 and later this is only marginally true.
Thus I propose to remove it from CakePHP.
2013-11-13 22:58:39 +01:00
Kim Egede Jakobsen
f0205f53ad
Try to make same comments for constructors.
...
Conflicts:
lib/Cake/I18n/L10n.php
2013-11-11 11:03:57 +01:00
mark_story
afd182898f
Merge branch 'master' into 2.5
2013-11-01 16:54:57 -04:00
Luis Ramos
db63ba2d8f
Parse cookie values "{}" & "[]" as array
2013-10-30 15:26:50 -06:00
ADmad
d9ca148499
Merge branch 'master' into 2.5
...
Conflicts:
CONTRIBUTING.md
lib/Cake/Model/Model.php
lib/Cake/VERSION.txt
2013-10-30 02:34:09 +05:30
mark_story
a753718387
Update docs for CookieComponent::delete().
...
Refs #2182
2013-10-28 23:13:51 -04:00
mark_story
07f4779efe
Fix cookie component being inconsistent about writes.
...
Instead of treating multi-key and single key writes differently, they
should be treated consistently to allow simpler and more consistent interactions
with the stored data. This also results in fewer cookies being sent
across the wire which is an added benefit.
Fixes #2182
2013-10-28 23:13:51 -04:00
Bryan Crowe
a943ea5c34
Add space between classname(s)
2013-10-22 22:59:50 -04:00
Bryan Crowe
d39ced8381
Correct 'an URL' to 'a URL' in docblocks
2013-10-22 00:09:34 -04:00
mark_story
5a394c379a
Merge branch 'master' into 2.5
2013-10-14 22:57:50 -04:00
euromark
ee0ed3a43a
coding standards
2013-10-13 18:18:24 +02:00
Jose Lorenzo Rodriguez
df549898ad
Merge remote-tracking branch 'origin/2.5' into k-halaburda-master
2013-10-12 01:05:02 +02:00
Bryan Crowe
4242bd4f3d
Additional Cake references to CakePHP and docblock typo
2013-10-09 19:38:16 -04:00
Bryan Crowe
c1dd0e4393
Changed url to URL where appropriate
2013-10-07 23:17:58 -04:00
mark_story
60b0893c79
Merge branch 'master' into 2.5
2013-10-06 23:49:32 -03:00
mark_story
314ae1c8b4
Merge branch 'master' of github.com:cakephp/cakephp
2013-10-01 15:12:34 -04:00
Simon Males
c998888fe7
Do not assume CONTENT_TYPE is available.
...
In some server environments notably the CLI server, _SERVER['CONTENT_TYPE'] is not available.
In these cases, fall back to the HTTP_CONTENT_TYPE header.
Refs #GH-1661
2013-10-01 15:10:33 -04:00
mark_story
5e9b22271a
Merge branch 'master' into 2.5
2013-09-27 22:26:33 -04:00
Frank de Graaf
3e8af8b180
Merge pull request #1689 from dereuromark/master-cakephp-name
...
Cake to CakePHP name
2013-09-27 12:16:25 -07:00
Frank de Graaf
ceb78fee9c
Merge pull request #1671 from ADmad/bugfix/auth-infinite-redirect
...
Fixed infinite redirects when authenticated user tried to access login p...
2013-09-27 12:13:36 -07:00
euromark
df269ba0ef
Cake to CakePHP name
2013-09-27 19:36:43 +02:00
ADmad
4dbf9107a8
Fixed infinite redirects for authenticated users accessing login page.
2013-09-27 22:33:07 +05:30
mark_story
cc5795c67d
Merge branch 'master' into 2.5
2013-09-26 10:07:10 -04:00
Bryan Crowe
ab4bc16463
Updated Controller:: doc block and ControllerMergeVarsTest::
2013-09-25 22:53:23 -04:00
Bryan Crowe
915b51b239
Updated JavaScript casing and JsHelper references in doc blocks
2013-09-25 22:46:38 -04:00
Bryan Crowe
1393325ad1
Use instanceof instead of is_a() in Controller.php
2013-09-23 21:37:27 -04:00
mark_story
a7a6fcae8a
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/VERSION.txt
2013-09-17 10:11:24 -04:00
euromark
e3a3946e89
address casting cs
2013-09-17 15:15:25 +02:00
euromark
12f2f729c8
more cs
2013-09-17 14:53:07 +02:00
euromark
382f75dbfc
cs corrections, bool to boolean and int to integer.
2013-09-17 14:44:34 +02:00
mark_story
a2bd91638e
Merge branch 'master' into 2.5
2013-09-12 19:47:13 -04:00
euromark
a796b26f13
fix renderLayout and update deprecated and outdated code
2013-09-13 00:09:31 +02:00
ADmad
1d0c785725
Fixed setting of order in Paginator options when using model's order. Refs f680c76
, #3902
2013-09-10 22:47:31 +05:30
mark_story
59bb05b433
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/VERSION.txt
2013-09-02 11:35:09 -04:00