Commit graph

303 commits

Author SHA1 Message Date
mark_story
1333cc4b3e Merge branch 'postlink-token' into 2.x
Fix inline postLink() calls corrupting the containing form's tampering
token.

Refs #8387
2016-04-01 23:08:41 -04:00
mark_story
c551faad46 Add tests for changes in #8387
Add tests covering the new behavior.
2016-04-01 23:08:31 -04:00
mark_story
f57f038c09 Fix for PHP 5.3 2016-03-16 21:17:42 -04:00
mark_story
745f3a33e6 Fix boolean values in select widgets.
Boolean `false` should be treated like `0` when comparing option values.

Refs #8468
2016-03-15 22:59:03 -04:00
Mark Scherer
3fb752a577 Fix CS 2016-01-07 11:09:48 +01:00
Mark Scherer
b1f1003ebe Allow 3.x backport of url=>false in 2.x 2016-01-07 10:48:20 +01:00
Mark Scherer
55ca2ddabd Fix CS. 2016-01-04 15:53:48 +01:00
Mark Scherer
cd59ab9c40 Fix tests 2016-01-04 15:08:31 +01:00
Mark Scherer
7076e6d481 Add missing test that is present in 3.x. 2016-01-04 14:29:00 +01:00
Mark Scherer
a2ce6c8c1f Deprecate action in Form::create() 2016-01-04 14:22:40 +01:00
mark_story
506051f688 Correct input generation for postgres numeric types.
Numeric types in postgres are treated like decimals, except they can
have no length, precision or scale components defined.

IE does not accept 1.00000 as a valid step attribute so we'll default to
any when we encounter decimal types with no length.

Refs #7497
2015-10-01 21:46:21 -04:00
mark_story
143c34bdc1 Handle case where a visible input shares a name with an invisible one.
If a visible input is created *after* a hidden input was created, the
form would always blackhole unless the visible input had the same value
as the hidden input.

Refs #7274
2015-08-22 23:10:44 -04:00
Yoshiyuki Kinjo
e25be3a47e Add failing test for FormHelper::input
FormHelper::input does not respect 'value' option when form is of date/time type.

Signed-off-by: mark_story <mark@mark-story.com>

Backport fixes from #7082 to 2.7
2015-07-22 21:59:44 -04:00
mark_story
664ba53c89 Merge branch '2.6' into 2.7 2015-06-20 10:03:14 -04:00
Mark Scherer
ccac3b3e06 Allow deep options for radio() just as for select(). 2015-06-16 13:23:51 +02:00
mark_story
d7d8b90986 Merge branch '2.6' into 2.7 2015-05-28 19:34:59 -04:00
nojimage
8ebc9cdd87 refs #6635 FormHelper::radio() return collect id attributes with multibyte 2015-05-25 22:10:50 +09:00
Mark Scherer
4f3602ad5f Adjust bake, docblocks and tests for notBlank. 2015-05-17 22:27:16 +02:00
Mark Scherer
3ba4308356 Use hour as field name. 2015-04-20 18:39:54 +02:00
Mark Scherer
c71a478876 Add test case. 2015-04-20 18:38:19 +02:00
mark_story
744952e344 Fix FormHelper::create() dropping 0 value parameter.
When 0 is the first passed parameter we shouldn't drop it.

Fixes #6107
2015-03-19 21:15:20 -04:00
mark_story
8dba9879d4 Don't generate maxlength properties for decimal columns.
Int casting the decimal scale isn't going to work in a number of
situations as users may end up trying to include decimal points, commas
or spaces in larger amounts.

Fixes #5977
2015-02-27 21:08:54 -05:00
mark_story
b974daac7b Don't create invalid maxlength attributes for decimal columns.
Converting the maxlength to an int avoids any commas from decimal
columns.

Refs #5832
2015-02-05 22:53:40 -05:00
mark_story
03d8c40d99 Fix PHPCS error. 2015-01-09 15:32:33 -05:00
mark_story
98909fb465 Fix radio buttons not being added to security hash.
When some but not all inputs were disabled radio buttons were omitted
from the security hash. This caused blackhole failures as the input was
unexpected.

Refs #5603
2015-01-08 23:25:34 -05:00
mark_story
177b797aab Merge branch 'master' into 2.6 2014-10-26 21:25:05 -04:00
Jan Ptacek
797635d26b fixing testcases + do not disable the hidden input on partial disables 2014-10-25 21:05:37 +02:00
euromark
c65cb6f62b wording 2014-09-13 13:39:11 +02:00
euromark
03d92494f1 Fix maxlength for manual type set and add textarea maxlength support. 2014-09-13 04:03:33 +02:00
euromark
974ca851c2 Correct doc blocks according to cs guidelines.
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
Bryan Crowe
a1ae31e554 Fix identifier typos 2014-06-26 23:06:08 -04:00
mark_story
db86b0c050 Don't disable the entire select when disabled is array(1)
When the disabled attribute is just array(1), then the attribute should
be filtered out of select element attributes. This is kind of a hacky
workaround but changing the underlying attribute handling is going to be
pretty tricky and far more dangerous.

Fixes #3546
2014-05-23 13:26:11 -04:00
mark_story
cd68002246 Add additional test case for named parameters.
Refs #3525
2014-05-22 14:14:35 -04:00
akiyan
781430c4af Removed unnecessary conditional branch, fixed test and comment. 2014-05-22 14:08:18 -04:00
akiyan
67f256297d Fixed secure form hash for special url.
No htmlspecialchars encode and without fragment identifer.
2014-05-22 14:08:11 -04:00
mark_story
e9ecfe0936 Remove x bit on files.
PHP files should not have executable permission set.
2014-05-13 12:30:14 -04:00
mark_story
89cd114e6f Merge branch 'master' into 2.5 2014-05-12 14:30:02 -04:00
mark_story
5469840c80 Fix incorrectly generated URL path.
Refs #3442
2014-05-07 08:52:42 -04:00
mark_story
1103ca7816 Ensure that only the path and query are used to make the hash.
While including the entire protocol, host, port, path and query would be
even better in theory, it gets complicated when proxies and load
balancers are involved.

Fixes #3442
2014-05-06 23:00:11 -04:00
mark_story
559d9d39e7 Make test names match the rest of the tests. 2014-05-06 22:13:44 -04:00
ADmad
d466e00644 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/Model/Datasource/DboSource.php
	lib/Cake/Test/Case/Model/Datasource/Database/MysqlTest.php
	lib/Cake/Utility/Folder.php
	lib/Cake/VERSION.txt
2014-05-04 14:35:36 +05:30
mark_story
e1057e3e6b Fix FormHelper::postLink() not working when SecurityComponent is enabled.
The action attribute value was not being included in the generated hash,
so postLink() forms never worked properly.

Fixes #3418
2014-04-29 11:23:52 -04:00
mark_story
cf96e9f54f Merge branch 'master' into 2.5 2014-04-26 22:04:19 -04:00
Mark Story
5b46eb71ec Merge pull request #3397 from steinkel/fix-formhelper-with-model-mock
fixed FormHelper to allow create() on Mock Models without errors
2014-04-26 08:53:43 -04:00
Jorge González
5cf2ce723c fixed FormHelper to allow create() on Mock Models without errors 2014-04-26 10:33:58 +01:00
mark_story
de0062de77 Merge branch 'master' into 2.5 2014-04-25 22:10:02 -04:00
mark_story
f23d811ff5 Use the form action URL in generated form hashes.
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.

Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
Jose Lorenzo Rodriguez
343d3279b9 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/Test/Case/Utility/FileTest.php
	lib/Cake/VERSION.txt
2014-04-06 21:50:41 +02:00
euromark
0d09a54033 more missing doc block tags added 2014-04-02 03:02:37 +02:00
mark_story
8acb75425d Merge branch 'master' into 2.5
Conflicts:
	CONTRIBUTING.md
	lib/Cake/Model/Datasource/DboSource.php
2014-03-21 22:55:28 -04:00