adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 19:38:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
18772 commits 7 branches 0 tags 44 MiB
Commit graph

3742 commits

Author SHA1 Message Date
mark_story
af046fc7d6 Merge branch 'request-ip' into 2.x 2016-03-13 23:00:47 -04:00
mark_story
fef3090717 Fix incorrectly inheriting permissions. 
When child inherits from a deny parent the '*' permission should reflect
permissions on all nodes not just the leaf node. Previously once a node
with all permissions set to inherit was found, the check would pass.
Instead it should cascade to the parent nodes and look for explicit
allow/deny.

Refs #8450
 2016-03-11 23:18:50 -05:00
mark_story
48af49ddde Don't trust CLIENT_IP 
The client_ip header can easily be forged. In 'safe' modes we should
only trust the remote_addr which comes from the sapi. Remove support for
http_clientaddress as I can't seem to find where this ever came from in
PHP on the http specs.
 2016-03-10 22:04:13 -05:00
Mark Story
18b0334890 Merge pull request #8384 from garas/mailtransport-log-subject 
Email log missing Subject and To headers when using MailTransport
 2016-03-02 21:29:13 -05:00
mark_story
3ad68db5eb Tweak fix from #8359 
This fixes a regression introduced in that change that we didn't
previously have tests for. The issue fixed in #8359 was related to
PHP7.0, whereas PHP5 didn't have an issue. Now both versions will work
the same.
 2016-03-02 12:30:48 -05:00
Edgaras Janušauskas
2386a86adc Include Subject and To in email log when using MailTransport 2016-03-01 22:21:14 +02:00
mark_story
3ed321dff4 Handle negative numbers in Redis correctly. 
Update number sniff to handle negative numbers. We need to do number
sniffing so we can maintain compatbility between write() and
increment()/decrement().

Refs #8364
 2016-02-27 00:07:58 -05:00
Mark Story
eae7a8926b Merge pull request #8345 from cakephp/issue-8330 
Fix parsing empty header values.
 2016-02-26 23:01:59 -05:00
Mark Story
31b3f39b67 Merge pull request #8310 from cakephp/secure-random 
2.x - Secure random
 2016-02-25 22:05:08 -05:00
mark_story
1a170e1eec Fix parsing empty header values. 
Replace the complex and somewhat unfixable regexp based parser for
a parser that handles each line individually. Normalize multi-line
headers to replace multiple spaces with a single one. Section 4.2 of the
HTTP1.1 standard states

> Any LWS that occurs between field-content MAY be replaced with
> a single SP before interpreting the field value or forwarding the
> message downstream.

This makes me somewhat confident that we can safely normalize
multi-line HTTP header values.

Refs #8330
 2016-02-24 22:25:58 -05:00
mark_story
9c0da41858 Skip test on PHP7 as the warning is not consistent. 2016-02-23 20:54:16 -05:00
Mark Story
ff6cdd4b73 Merge pull request #8279 from cakephp/issue-8114 
Fix inherited permissions when checking the '*' permission.
 2016-02-22 14:48:58 -05:00
mark_story
7df99fff1f Backport Security::randomBytes() to 2.x 
I decided to leave the warning in. People who can't upgrade their
applications should at least be aware of the risks they are taking.

I'm flexible if people are strongly opposed to a warning, but I feel
that these kinds of warnings can be supressed in production if they
really are in a jam and don't care.

Refs #8282
 2016-02-22 00:14:44 -05:00
mark_story
4389c79442 Update tests. 
The old tests were relying on the fixed inherit bug. Instead check
a specific permission which will result in a deny.

Refs #8114
 2016-02-18 21:24:52 -05:00
mark_story
8f3df8b13e Make tests not fail when extensions are installed 
If the extensions are installed but memcached/redis are not running
errors should not be emitted.
 2016-02-18 21:14:55 -05:00
mark_story
b2509ea13d Fix inherited permissions when checking the '*' permission. 
When checking inherited permissions for '*' also copy inherited
permissions onto the inherited list. By copying the inherited values, we
get the union of explit allow and inherited permissions, which if all
things go well will match the permission key list.

Refs #8114
 2016-02-16 22:30:19 -05:00
Mark Story
68082fad02 Merge pull request #8207 from CakeDC/feature/uuid 
Add support for Postgres native uuid datatype
 2016-02-16 21:53:08 -05:00
Chris Hallgren
bf22e84d65 CS fixes 2016-02-15 20:44:27 -06:00
Chris Hallgren
849abab6a4 Fixing test case 2016-02-15 19:34:05 -06:00
Chris Hallgren
0c183b9b8e Read content type in a more compatible way. 
Not all webservers set CONTENT_TYPE. The built-in PHP webserver for
example sets HTTP_CONTENT_TYPE instead. Add a public method to the
request object to smooth over this difference.

Refs #6051, #8267
 2016-02-15 19:31:24 -06:00
Marc Würth
b5655d63ff Remove lighthouse references 2016-02-10 12:27:34 +01:00
mark_story
e4b939bba0 Backport fix for Validation::uploadedFile to 2.x 
Don't fail validation when the keys are not the expected order.

Refs #8201
 2016-02-08 22:37:25 -05:00
mark_story
c0d897b45c Merge branch '2.x' into 2.8 2016-02-06 20:55:08 -05:00
Mark Story
41a12e9aa2 Merge pull request #8067 from cakephp/issue-7906 
Make the session cacheLimiter a configuration option.
 2016-02-06 20:30:48 -05:00
Edgaras Janušauskas
f389231058 Improve ExtractTask when CakePHP installed via Composer 2016-02-03 14:52:15 +02:00
Jorge M. González Martín
3ca3ffeeee fix phpcs 2016-01-29 08:56:36 +00:00
mark_story
3b5a71df37 Merge branch '2.7' into 2.8 2016-01-28 21:51:59 -05:00
mark_story
fc57dee72f Fix error in PHP 5.3 2016-01-28 21:50:56 -05:00
Mark Story
aa449b194d Merge pull request #8125 from CakeDC/issue/7978 
Add support for NOT IN in Model::find() conditions.

Refs #7978 fixing regex to take in account IN operator
 2016-01-28 21:48:04 -05:00
Yevgeny Tomenko
70c4e40532 Fix value check and formatting. 2016-01-28 23:36:07 +03:00
Pedro Fernandes Steimbruch
bf8e6ce576 Refs #7978 fixing code standard 2016-01-28 17:55:19 -02:00
Pedro Fernandes Steimbruch
eaeb7cea9e Refs #7978 fixing regex to take in account IN operator 2016-01-28 17:34:08 -02:00
Yevgeny Tomenko
e83a532af0 Fixed array syntax. 2016-01-28 22:12:24 +03:00
Yevgeny Tomenko
06853a137a Merge remote-tracking branch 'remotes/origin/2.8' into feature/uuid 2016-01-28 22:08:10 +03:00
Yevgeny Tomenko
209cdd71a9 code formatting fixes 2016-01-28 21:54:49 +03:00
Yevgeny Tomenko
296f698db3 Added test cases covering native uuid field usage for Postgres class 2016-01-28 21:13:33 +03:00
mark_story
3e67685c7c Merge branch '2.7' into 2.8 2016-01-21 21:46:51 -05:00
mark_story
4b8d628a2e Backport SecurityComponent fixes from #8071 to 2.x 
If the request manages to have data set outside of post/put we should
still validate the request body. This expands SecurityComponent to cover
PATCH and DELETE methods, as well as request methods that should be
safe, but somehow end up not safe.
 2016-01-20 21:34:58 -05:00
mark_story
91109c33b2 Merge branch '2.7' into 2.8 2016-01-19 21:15:08 -05:00
José Lorenzo Rodríguez
835fc9ce01 More CS fixes 2016-01-19 13:52:16 -04:30
José Lorenzo Rodríguez
2962b387d7 Fixed CS error 2016-01-19 11:17:06 -04:30
mark_story
57f620fc22 Make the session cacheLimiter a configuration option. 
Instead of hardcoding to must-revalidate, developers can use a more
suitable option if they do not have to support IE8.

Refs #7096
 2016-01-18 22:18:38 -05:00
Jose Lorenzo Rodriguez
bd53ef01a6 Better method overriding emulation for GET 2016-01-18 20:34:32 -04:30
Seth Tanner
e75858d342 refs #7929 update uuid test 2016-01-15 12:15:59 -08:00
mark_story
d773644232 Merge branch '2.7' into 2.8 2016-01-12 22:14:16 -05:00
Mischa ter Smitten
8d472a5d78 Memcached can not connect using a socket 
Fixes #8018
 2016-01-12 21:01:14 +01:00
Mark Scherer
3fb752a577 Fix CS 2016-01-07 11:09:48 +01:00
Mark Scherer
b1f1003ebe Allow 3.x backport of url=>false in 2.x 2016-01-07 10:48:20 +01:00
Mark Scherer
55ca2ddabd Fix CS. 2016-01-04 15:53:48 +01:00
Mark Scherer
cd59ab9c40 Fix tests 2016-01-04 15:08:31 +01:00
Mark Scherer
7076e6d481 Add missing test that is present in 3.x. 2016-01-04 14:29:00 +01:00
Mark Scherer
a2ce6c8c1f Deprecate action in Form::create() 2016-01-04 14:22:40 +01:00
mark_story
4de92123fa Back port fixes from #7899 to 2.x 
Fix XmlView failing when return => domdocument is used.
 2016-01-03 22:08:09 -05:00
Larry E. Masters
0aa8847762 Merge pull request #7840 from cakephp/2.8-PHP7 
2.8 PHP7 compatibility
 2015-12-29 00:27:33 -05:00
Larry E. Masters
e7a313edee getting sloppy as I get older, fixing code sniffer errors 2015-12-29 00:06:44 -05:00
Larry E. Masters
b1d93377b6 Removing invalid test 2015-12-28 23:36:37 -05:00
Larry E. Masters
bc005cd014 Fixing Undefined index: Session 2015-12-28 23:32:18 -05:00
Larry E. Masters
a966e46545 Allowing returning numeric 0 from read 2015-12-28 23:26:06 -05:00
Larry E. Masters
34b4261e6d Fixes: A non well formed numeric value encountered - php 7 2015-12-28 17:42:56 -05:00
Larry E. Masters
027e32ce00 Reverted change setting $_SESSION to an array. Commenting out a test that is invalid. 
This test creates a numeric key of 0 in $_SESSION which is not a valid session key. This causes error - session_write_close(): Skipping numeric key 0 error.
 2015-12-28 17:19:31 -05:00
Larry E. Masters
c2449c9d16 Fixing Code Sniffer errors 2015-12-28 17:15:23 -05:00
Larry E. Masters
1fd329311b Fixes tests to expect changes made to read and write methods - This could be a possible BC change 
Since php 7 expects write to return true or false this needed to change, previous implementation would return the values sent to write on success and false on failure. Similar change to read method test CakeSession::read() now returns results or ''.
 2015-12-28 11:29:17 -05:00
Larry E. Masters
3c21f4a8af Fixes session_write_close(): Skipping numeric key 0 error 2015-12-28 11:18:03 -05:00
mark_story
7c2ec5b451 Merge branch '2.7' into 2.8 2015-12-27 10:51:41 -05:00
mark_story
72b98f58a8 Backport paginator changes for string integers. 
Backport the intent of #7845 into 2.x. The implementation differs a bit
from 3.x but paginator helper internals are pretty different in both
branches.

Refs #7092
 2015-12-26 22:52:57 -05:00
mark_story
430612f1df Split mega test up. 
The previous testNumbers() method was a behemoth. Split out the
scenarios for first/last a bit.

Refs #7902
 2015-12-26 22:37:25 -05:00
mark_story
b5e64bbad5 Merge branch '2.7' into 2.8 2015-12-24 16:20:27 -05:00
mark_story
7d052bdbc1 Backport 5714cf14a9ca4b439b872aaf3ad6e5bfddda46ad to 2.x 
Fix file:// paths being mishandled on windows.

While I don't think its feasible to fix all the cases reported in #7275
as certain paths have different meaning in windows, we can fix file://
not working.

Refs #7275
 2015-12-24 16:19:57 -05:00
Larry E. Masters
1c593eea63 Adding return types to Session test classes. 2015-12-22 16:20:24 -05:00
mark_story
8343f6c81d Merge branch '2.8' of github.com:cakephp/cakephp into 2.8 2015-12-21 12:41:52 -05:00
mark_story
37fe25909f Merge branch '2.7' into 2.8 2015-12-20 21:59:43 -05:00
Edgaras Janušauskas
4101a96a95 Use correct context when parsing MO file. 2015-12-18 12:59:00 +02:00
Richard van den Berg
2d178b7e10 PHPCS fixes 2015-12-15 19:58:11 +01:00
Richard van den Berg
e47b26aa6b Do not redefine TestHttpSocket 2015-12-15 16:58:12 +01:00
Larry E. Masters
577e1b089f Revert "Forcing bool return" 
This reverts commit fac95baee7.
 2015-12-14 19:31:08 -06:00
Larry E. Masters
fac95baee7 Forcing bool return 2015-12-13 20:05:54 -06:00
Larry E. Masters
894d233fd6 add @throws anotation to fix travis PHP_CODESNIFFER warnings 2015-12-13 15:16:49 -06:00
Larry E. Masters
48e018e707 Allowing tests to run on PHP 7 2015-12-13 14:12:31 -06:00
Richard van den Berg
077f157adf Test case for proxy authentication when request is HTTPS 2015-12-12 11:13:41 +01:00
Mark Scherer
f662b2f5aa Skip error for now. 2015-12-06 12:50:09 +01:00
Qing Wu
48dd778bd0 Fixed issue #7579 on the 2.7 branch 2015-12-02 10:24:16 +11:00
Gareth Ellis
3f992695b2 Use traditional array syntax 2015-12-01 15:16:54 +00:00
Gareth Ellis
1bd22e5277 Add test for ConsoleOutputStub 2015-12-01 14:32:59 +00:00
Gareth Ellis
eafee25d13 PHPCS fixes 2015-12-01 14:26:22 +00:00
Gareth Ellis
6b6a90e5c1 Add table shell helper 2015-12-01 13:29:08 +00:00
Gareth Ellis
53b9dc83f6 Add helper method to shell class for loading/fetching helper instances 2015-12-01 13:07:56 +00:00
Gareth Ellis
2854940693 Renamed progress helper files to include Shell to avoid conflicts with existing view helpers 2015-12-01 13:07:32 +00:00
Gareth Ellis
788c57dd4b Add progress helper 2015-12-01 12:03:09 +00:00
Gareth Ellis
e580ad813e Add overwrite method to ConsoleOutput class 2015-12-01 12:01:39 +00:00
chinpei215
415661b18a Fix data type and docblock 2015-11-30 00:02:00 +09:00
chinpei215
f2f8f3f1ea Add test for #7224 2015-11-29 23:38:09 +09:00
Yasushi Ichikawa
5b098af240 remove extract function in the Validation::comparison 2015-11-29 22:42:55 +09:00
Mark Story
5ac7b875e9 Merge pull request #7680 from chinpei215/magic-find 
Magic call with custom finders
 2015-11-15 21:02:18 -05:00
mark_story
48450e71fa Merge branch '2.7' into 2.8 2015-11-11 22:53:45 -05:00
chinpei215
726699ee7a Magic call with custom finders 
Now we can use findListBy, etc - closes #7674
 2015-11-11 22:43:19 +09:00
mark_story
1a6f733286 Merge branch '27-pages-fix' into 2.7 2015-11-05 22:30:25 -05:00
Jose Lorenzo Rodriguez
18544c5aaa Fix validation allowing arrays. 
Accepting arrays can cause a number of adverse effects. While this may
be a breaking change the alternatives are worse.
 2015-11-04 21:35:05 -05:00
Jorge González
cb6a17c34e add Flash back to Controller, fix Scaffold to use Flash instead 2015-11-04 10:41:35 +00:00
mark_story
5e60cc5d18 Fix plugin view names being able to escape the plugin root directory. 
Remove the ability to specify completely arbitrary view files. This is
possibly a breaking change. However, I feel the risks out weigh the
benefits in this situation. Now absolute paths must be located *within*
a configured view path.
 2015-11-01 22:04:15 -05:00
mark_story
bc977544c5 Use a more stable timezone. 
Regina does not observe DST meaning this test won't fail twice a year.
 2015-10-26 22:28:00 -04:00
Mark Scherer
8287981855 Make sure direction values are lowercased to be consistent. 2015-10-26 23:20:30 +01:00
mark_story
c26b7bbffe Fix PHPCS errors and failing test. 
Refs #7577
 2015-10-20 21:08:57 -04:00
vanquang9387
0cdfed0aee Add more test on UploadedFileSize validation 2015-10-20 09:00:32 +07:00
vanquang9387
af8c992655 2.x uploadedFile validation (backported from #4524) 2015-10-19 15:15:28 +07:00
mark_story
8c404ad6a7 Merge branch '2.7' into 2.8 2015-10-17 21:00:26 -04:00
mark_story
dea32345c8 Add failing test for #7570 
Documented behavior that exists in 3.x is not working in 2.x
 2015-10-17 20:54:40 -04:00
mark_story
707915e693 Merge branch '2.7' into 2.8 2015-10-15 22:10:56 -04:00
mark_story
94aeee438b Merge branch pull request #7496 into 2.7 
Adds ssl_ context options to SmtpTransport via CakeSocket. Both
CakeSocket and SmtpTransport can now use all the SSL context options
with the same syntax as HttpSocket.
 2015-10-12 22:07:40 -04:00
mark_story
3a4facbf8d Remove allowSelfSigned() method. 
This method is no longer needed as the low level socket understands the
`ssl_*` options now.

Refs #7496
 2015-10-12 21:58:55 -04:00
mark_story
cc3531d288 Move SSL context options into CakeSocket. 
Having all the options consolidated in one places enables all the SSL
context options to be used in the SmtpTransport instead of just allowing
self_signed as proposed in #7496
 2015-10-12 21:56:20 -04:00
mark_story
29490eb84f Add tests for #7516 2015-10-10 22:32:41 -04:00
Ian den Hartog
5dfb780970 Change names 2015-10-06 10:10:34 +02:00
Ian den Hartog
bb7e7850ae Add test for Self-signed certificates 2015-10-02 16:17:26 +02:00
mark_story
506051f688 Correct input generation for postgres numeric types. 
Numeric types in postgres are treated like decimals, except they can
have no length, precision or scale components defined.

IE does not accept 1.00000 as a valid step attribute so we'll default to
any when we encounter decimal types with no length.

Refs #7497
 2015-10-01 21:46:21 -04:00
Ian den Hartog
e2c303b2b9 Add support for Self Signed certificates with smtp 2015-10-01 23:02:43 +02:00
mark_story
a6a699b4b9 Merge branch '2.7' into 2.8 2015-09-28 21:17:45 -04:00
mark_story
13f147940f Correct inflection of virus. 
Instead of viri, it should be viruses.

Refs #7466
 2015-09-28 21:04:23 -04:00
mark_story
ae83e197dc Merge branch '2.8' of github.com:cakephp/cakephp into 2.8 2015-09-27 11:13:12 -04:00
mark_story
8a57d78dba Merge branch '2.7' into 2.8 2015-09-27 11:12:55 -04:00
Marc Würth
a6d62cb6a8 Removed $stringClean 
Resfs: https://github.com/cakephp/cakephp/pull/7448#discussion_r40450663
 2015-09-25 20:10:47 +02:00
Marc Würth
1ede742d92 Various improvements to the CakePHP test files 
Mostly CS, doc blocks and unused variables.
 2015-09-25 17:22:00 +02:00
Mark Story
b8b7282264 Merge pull request #7436 from cakephp/2.8-fix-order-merge 
Only array-wrap 'order' if it's not already an array.
 2015-09-22 12:24:02 -04:00
Marc Würth
5b41a9b52d Swallow the "--quiet" shell parameter before calling PHPUnit. 
PHPUnit does not provide a silent or quiet mode, so we cannot pass it along:
https://phpunit.de/manual/3.7/en/phpunit-book.html#textui.clioptions

Resolves #7432
 2015-09-22 14:25:53 +02:00
Mark Scherer
8909b2ed42 Fix remaining test. 2015-09-22 14:21:04 +02:00
Mark Scherer
81cbb52f74 Only array-wrap 'order' if it's not already an array. 2015-09-22 13:04:28 +02:00
mark_story
c14d1ffe93 Add tests for #7428 2015-09-21 21:39:51 -04:00
Mark Scherer
97b6f8674c Fix CS 2015-09-21 13:45:18 +02:00
Mark S.
c87de2a069 Fix CS 2015-09-17 11:33:59 +02:00
mark
e7d6319d59 Skip test for versions of < MySQL5.6. 2015-09-17 10:43:43 +02:00
mark
d8a55ad065 Allow CURRENT_TIMESTAMP for datetime columns - MySQL5.6+. 2015-09-16 14:16:58 +02:00
mark_story
e4cce7a441 Fix errors in PHP <5.4 2015-09-06 22:14:04 -04:00
mark_story
60d7bbaa10 Always update updated/modified columns when a fieldList is used. 
When a fieldList is used, and updated is not in the fieldList, the
column should continue to be updated even if the column has a value from
the user. Because the field is not in the fieldList, we must assume that
the intent is for the field to update automatically, as it would have if
the updated column was not present in the save data.

Refs #7076
 2015-09-05 22:01:33 -04:00
mark_story
9b910dff31 Merge branch '2.8-hash-sort-ignore-case' into 2.8 
Refs #7217
 2015-08-25 21:46:08 -04:00
mark_story
a9ef1f8aea Simplify branching and add default options. 
Use fewer conditionals by merging defaults and avoid exceptions
by setting defaults as well.

Refs #7217
 2015-08-25 21:39:02 -04:00
mark_story
51d8f74c50 Merge branch '2.7' into 2.8 2015-08-23 16:29:07 -04:00
mark_story
143c34bdc1 Handle case where a visible input shares a name with an invisible one. 
If a visible input is created *after* a hidden input was created, the
form would always blackhole unless the visible input had the same value
as the hidden input.

Refs #7274
 2015-08-22 23:10:44 -04:00
Jose Lorenzo Rodriguez
3c7f022fa8 Merge branch '2.7-tz-abbr' of https://github.com/rchavik/cakephp into rchavik-2.7-tz-abbr 2015-08-21 10:56:48 +02:00
Jose Lorenzo Rodriguez
40d628530a Merge branch '2.7' into 2.8 2015-08-21 10:54:30 +02:00
Rachman Chavik
e6acacac03 CakeTime::listTimezones(): Add option to Display timezone abbreviations 
Useful for countries that do not have many of its cities, even major ones,
listed. For eg: Indonesia, only have 4 cities listed.

For backward compatibility, abbreviations will not be shown.

Note: You might need to update timezonedb for PHP 5.3

Closes #7271
 2015-08-21 10:54:33 +07:00
Mark Story
d05727b6df Merge pull request #7265 from mattmemmesheimer/issue-7048 
Issue 7048
 2015-08-20 22:32:39 -04:00
ndm2
8fe953548c Fix path traversal check for Windows based systems 
On Windows based systems, both, backward as well as forward
slashes are supported as path separators, thus checking for `DS`
only, would allow to slip in `../` fragments.

refs #5905, cad57dcc28
 2015-08-19 16:47:53 +02:00
mattmemmesheimer
d4467f9acf Fixing unit tests. 2015-08-18 22:14:10 -05:00
James Tancock
5b92c900e6 Missing test fix ModelIntegration 2015-08-18 13:32:16 +01:00
James Tancock
fdb41e01bb Alter Model::exists() to return false with no table 2015-08-18 13:07:30 +01:00
James Tancock
2f7cc052d2 Typo in tests docblock 2015-08-17 13:15:35 +01:00
James Tancock
fd198ce0fa Edits to tests to cover the changes to Model::exists 2015-08-17 12:19:02 +01:00
Adrian Gunawan
2eafcc0f72 Use array() instead of the short notation [] 2015-08-14 14:55:44 +10:00
Adrian Gunawan
bf6574c3b2 Use array() instead of the short notation [] 2015-08-14 14:26:01 +10:00
Adrian Gunawan
b89d8d5efa Use array() instead of the short notation [] 2015-08-14 14:15:00 +10:00
Adrian Gunawan
f23e6589d0 Overload $type parameter instead of adding another parameter for case insensitive sort 2015-08-13 11:16:32 +10:00