Commit graph

7551 commits

Author SHA1 Message Date
mark_story
304117d228 Fix query string parsing on requestAction()
This also fixes a long standing oddity around string URLs that include
a query string where the query string data would be duplicated.

Refs #9962
2017-01-04 22:34:19 -05:00
mark_story
e01f5989af Use array conditions for joins.
Use array style conditions instead of using lower-level DboSource API
methods to create safe SQL.

Refs #9927
2016-12-28 23:18:30 -05:00
mark_story
95cafaec3b Update version number to 2.9.4 2016-12-23 13:27:15 -05:00
mark_story
53bcc1550f Fix PHPCS error. 2016-12-13 22:50:07 -05:00
mark_story
99af4bba83 Merge branch 'domingues-2x' into 2.x
Refs #9870
2016-12-13 22:48:12 -05:00
mark_story
3c44ddd10b Add tests for #9870 2016-12-13 22:47:57 -05:00
Mark Story
4a4c83c3e9 Merge pull request #9859 from cakephp/debugger-encoding
2.x - Debugger encoding
2016-12-13 19:26:52 -05:00
domingues
4d77cb059d Fix a bug in Xml::fromArray()
When creating from an array with elements like this: `[ "a" => [ 0 ] ]` or `[ "a" => [ '0' ] ]` it fails and produces XML like this `<a/>` instant of `<a>0</a>`.

The problem is that in PHP `empty('0')` is true, so an exception to this case is needed.
2016-12-13 16:16:12 +00:00
mark_story
ee7739a3bf Try another approach to get the same error in all php versions. 2016-12-13 00:46:13 -05:00
mark_story
69afeb08af Skip error encoding test in PHP5.3
Index errors work funny in PHP5.3, which makes testing them not work
like other versions of PHP.
2016-12-12 21:28:20 -05:00
chinpei215
21502db34a Fix TreeBehavior does access property/method via model 2016-12-13 07:15:48 +09:00
mark_story
edfda47cf4 Fix missing HTML encoding in Debugger
Fix missing HTML encoding when error messages contain HTML. This can
happen when user data is used as an offset in an array in an unchecked
way.

Thanks to Teppei Fukuda for reporting this issue via the responsible
security disclosure process.
2016-12-10 08:47:13 -05:00
Mark Story
420336f536 Merge pull request #9843 from cakephp/php71
Add PHP7.1 to test matrix.
2016-12-07 21:40:54 -05:00
mark_story
12cdc247ac Fix PHPCS errors. 2016-12-07 00:38:55 -05:00
mark_story
0a2a400ea4 Fix type error tests to work in PHP5 & PHP7.1
Catch the TypeErrors that are raised and make the match the PHP5
behavior of a converted error.
2016-12-06 21:21:52 -05:00
Mark Story
9e6e08704e Merge pull request #9838 from cakephp/issue-9779
Fix CookieComponent erroring on corrupted data.
2016-12-05 16:44:24 -05:00
mark_story
e3221b1c38 Fix errors in php7.1
* The constructor of errors has changed in PHP 7.1
* mcrypt is no longer available in PHP 7.1 by default.
2016-12-05 16:14:33 -05:00
chinpei215
26731b93bf Use ternary operator 2016-12-04 21:55:29 +09:00
chinpei215
b7481096c8 Fix redirectUrl issue when loginRedirect is empty
Fixes #9819
2016-12-04 20:06:24 +09:00
mark_story
934bb00b36 Add tests showing recent changes fix #9784 2016-12-03 14:14:57 -05:00
mark_story
27f951fb41 Don't emit errors when operating on corrupted cookie data.
When deleting from corrupted cookie data, there shouldn't be any errors.

Refs #9779
2016-12-03 14:10:47 -05:00
Henrik Gemal
75bb30f6b2 add new locales fixes #9825 2016-12-01 12:39:47 +01:00
mark_story
410df003e6 Update version number to 2.9.3 2016-11-27 21:25:11 -05:00
chinpei215
74c2ded872 Fix directory traversal of .ctp files 2016-11-27 18:14:44 +09:00
Mark Sch
02df9ff72e Add a note about $boot 2016-11-26 18:10:37 +01:00
chinpei215
f9d2a52152 Revert "Remove dead code"
This reverts commit bf908762db.
2016-11-27 01:25:01 +09:00
mark_story
bbb87b3e87 Use null instead of false for failure.
null is better to indicate that a thing doesn't exist.
2016-11-26 10:38:28 -05:00
Mark Story
ba9f62a7a0 Merge pull request #9747 from tersmitten/cache-does-not-expose-configured-engines
Expose Cache engines
2016-11-26 10:16:20 -05:00
mark_story
e057b5572c Fix PHPCS. 2016-11-21 20:51:12 -05:00
mark_story
71b7d6211b Fix AclNode constructor.
It should forward the settings from ClassRegistry::init() so that
aliases can be customized as needed.

Refs #9766
2016-11-19 22:30:18 -04:00
mark_story
66363e6bea Add tests for #9766
I'm not able to reproduce incorrect aliases coming out of ClassRegistry.
As reported.
2016-11-19 10:02:09 -04:00
Marc Würth
5c184190c5 Improve doc block 2016-11-17 14:55:01 +01:00
Mischa ter Smitten
e71afa225e Merge remote-tracking branch 'upstream/2.x' into make-it-possible-to-configure-cachemethodhashalgo-in-dbosource 2016-11-14 16:26:48 +01:00
Mark Story
de3a249199 Merge pull request #9749 from tersmitten/make-it-possible-to-filter-values-per-method-in-dbosourcecachemethod
Make it possible to filter values per method in DboSource::cacheMethod
2016-11-14 10:08:00 -05:00
Mischa ter Smitten
936b9924b3 Add tests for overridden cacheMethodFilter 2016-11-14 12:51:57 +01:00
Mischa ter Smitten
1952d2ee17 Add tests for cacheMethodFilter 2016-11-14 11:44:35 +01:00
Mischa ter Smitten
71535d2d2c Change cacheMethodFilters to be a method 2016-11-14 11:15:08 +01:00
Mischa ter Smitten
5947c2346b Fix failing test 2016-11-14 10:53:33 +01:00
Mischa ter Smitten
7ffb5c3600 Add tests for cacheMethodHasher 2016-11-14 10:00:47 +01:00
Mischa ter Smitten
e186ffc6d3 Change cacheMethodHashAlgo to be a method 2016-11-14 09:42:19 +01:00
Mischa ter Smitten
15ccf057f4 Make it possible to configure cacheMethodHashAlgo in DboSource 2016-11-12 00:18:13 +01:00
Mischa ter Smitten
58cc9b4596 Make it possible to filter values per method in DboSource::cacheMethod 2016-11-11 23:37:23 +01:00
Mischa ter Smitten
dec7f54ecb Fixed typos 2016-11-11 21:43:43 +01:00
Mischa ter Smitten
94572ae384 Do not use deprecated assertIsA 2016-11-11 21:41:23 +01:00
Mischa ter Smitten
175503fafa Expose engines
By implementing the `engine` method just like in version 3
2016-11-11 13:42:22 +01:00
Mark Story
f46f042001 Merge pull request #9717 from bancer/shell-webroot
accept webroot shell parameter
2016-11-08 21:12:50 -05:00
Val Bancer
38518c201c doc blocks adjusted 2016-11-08 11:35:01 +01:00
Val Bancer
7ffa7acea6 fixed shell dispatcher failed unit test 2016-11-08 11:04:27 +01:00
Val Bancer
92e380737d fixed failing shell dispatcher test 2016-11-08 10:44:08 +01:00
Val Bancer
467ee851bf some refactoring to fix failed shell dispatcher tests 2016-11-08 10:03:46 +01:00
mark_story
86b5401778 Update version number to 2.9.2 2016-11-07 21:40:22 -05:00
Val Bancer
aa21244593 accept webroot shell parameter 2016-11-08 00:40:46 +01:00
mark_story
9d94487b23 Fix PHPCS
Refs MATES-9698
2016-11-04 09:31:05 -04:00
mark_story
6a201696dd Fix HttpSocket emitting errors when nameless cookies are encountered.
Refs #9698
2016-11-03 19:07:25 -04:00
Val Bancer
744b455de1 fixed configuration of 'enabled' setting in components inside a
component
2016-10-28 22:14:20 +02:00
mark_story
c935bed8f6 Fix PHPCS 2016-10-21 18:35:05 -04:00
mark_story
816801902e Allow '' to be a valid key for Hash, and Session
By removing a bunch of empty() guards we can make '' behave like all the
other key names. This does change the existing behavior/tests around ''
key, but I think that is ok given the need to manipulate ''.

Refs #9632
2016-10-21 10:54:39 -04:00
TekkCraft
1c37640678 Add connectOptions to doc block 2016-10-12 15:25:31 +02:00
Mark Story
a3577978b0 Merge pull request #9603 from cakephp/issue-9592
Fix warning in PHP 7.1
2016-10-11 17:23:00 -04:00
mark_story
8baf193995 Fix warning in PHP 7.1
Refs #9592
2016-10-11 16:59:35 -04:00
mark_story
6cdf38c2ef Update version number to 2.9.1 2016-10-10 21:36:32 -04:00
mark_story
ecd270d04b Tweak/Add doc blocks. 2016-10-09 11:05:35 -04:00
David Maicher
a932bce3de [Bugfix] use Model::$cacheQueries as default for ->query(...) 2016-10-09 13:43:27 +02:00
Mark Sch
bf908762db Remove dead code 2016-10-07 01:35:26 +02:00
José Lorenzo Rodríguez
9425234b87 Merge pull request #9550 from cakephp/issue-9526
Fix enum column length detection.
2016-10-06 09:29:25 +02:00
mark_story
9c3b17cbc7 Fix failing test in postgres. 2016-10-05 22:28:51 -04:00
mark_story
689d516a99 Fix typo. 2016-10-04 21:38:26 -04:00
mark_story
3a185f9713 Remove incorrrect postgres implementation.
It was wrong, and no longer really needs to exist as the parent method
covers all the scenarios that were previously required other than the
uuid one.
2016-10-02 22:59:13 -04:00
mark_story
3587ac9976 Fix PHPCS error. 2016-10-02 19:06:10 -04:00
Andrej Griniuk
2d6e85ed14 validate table name before generating schema file 2016-10-03 00:23:05 +08:00
mark_story
e41ccdb701 Fix enum column length detection.
Use simpler code to calculate the length of fields. Include more tests
for DboSource as there weren't any before.

Refs #9526
2016-09-30 22:25:25 -04:00
Mark Story
5e0dc218f1 Merge pull request #9488 from tersmitten/lastaction-should-also-work-with-named-parameters-in-the-url-2x
_lastAction() should also work with named parameters in the url
2016-09-24 21:04:14 -04:00
mark_story
57bc0f9c45 Ensure Object is autoloaded.
When Object was renamed to CakeObject we broke behavior where plugins
and app code were relying on Object being configured in the autoloader
automatically.

Refs cakephp/debug_kit#450
2016-09-23 14:22:10 -04:00
Mischa ter Smitten
1ccdc21d5b Possible fix for _lastAction method 2016-09-22 21:33:43 +02:00
Mischa ter Smitten
197c2f4e60 Make use of assertAttributeEquals 2016-09-22 21:30:18 +02:00
Mischa ter Smitten
4c9f1cc154 _lastAction() should also work with named parameters in the url 2016-09-20 15:07:36 +02:00
mark_story
35d04ecb3d Update version number to 2.9.0 2016-09-18 22:24:27 -04:00
mark_story
68abc090ac Rollback version file change.
Build tools will fail otherwise.
2016-09-18 22:24:05 -04:00
mark_story
ad5130cd31 Merge branch '2.next' into 2.x 2016-09-18 22:22:56 -04:00
mark_story
73dcbf2aa3 Update version number to 2.8.9 2016-09-18 22:18:18 -04:00
Mark Story
63533d8f2d Merge pull request #9454 from cakephp/revert-9368-2.x-test-fixtures
Revert "CakeFixtureManager: Truncate tables only if not dropped."
2016-09-17 12:25:24 -04:00
mark_story
835c709dfd Add code fencing on example. 2016-09-16 19:17:08 -04:00
Marc Würth
1b101f73a6 Minor DocBlock improvement 2016-09-16 13:02:55 +02:00
mark_story
bcb2eaee31 Update version number to 2.8.8 2016-09-14 21:40:56 -04:00
mark_story
4f70bdb3b8 The _lastAction property should not double include the base path.
FormHelper should not run URLs through Router twice when determining the
the form's lastAction attribute. However, because we're using the helper
method (see #9414) we do need to HTML decode the URL before using it in
form token generation.

Refs #9455
2016-09-13 22:21:01 -04:00
mark_story
109cfbcf95 Fix whitespace. 2016-09-13 21:46:28 -04:00
Mark Story
35c6f2c771 Revert "CakeFixtureManager: Truncate tables only if not dropped." 2016-09-13 11:00:32 -04:00
mark_story
dc2fa498ef PHPCS. 2016-09-12 23:19:08 -04:00
mark_story
9d1fbb95b3 Allow datasource access in constructors of mocked models.
When mock objects are created from models that access their datasource
in the constructor, an exception would be raised for the missing default
datasource. By changing how configuration data is handled in the mock
creation we can avoid this issue and not reopen #4867

Refs #8225
2016-09-12 22:15:55 -04:00
mark_story
d0041f155d Update version number to 2.8.7 2016-09-09 23:07:15 -04:00
Mark Story
9a66137e65 Merge pull request #9414 from bancer/secure-form-url
Secure form url
2016-09-06 12:42:34 -04:00
mark_story
0c189b555f Update version number to 2.9.0-RC1 2016-09-05 22:18:21 -04:00
Val Bancer
5253f0b3bd fixes postLink form last action
https://github.com/cakephp/cakephp/issues/9392
2016-09-05 23:14:43 +02:00
Val Bancer
427d928d10 minor code style improvements 2016-09-05 21:53:10 +02:00
Val Bancer
98cd278c02 improved performance of insertMulti() in Mysql 2016-09-05 21:28:07 +02:00
mark_story
e8d63725d8 Merge branch '2.x' into 2.next 2016-09-04 23:54:22 -04:00
Mark Story
c303a92fcf Merge pull request #9368 from cakephp/2.x-test-fixtures
CakeFixtureManager: Truncate tables only if not dropped.
2016-08-29 21:56:37 -04:00
mark_story
2ffde69d5b Skip test that always fails on PHP5.3 2016-08-29 21:56:30 -04:00
mark_story
d1cfe203c4 Fix PHPCS error. 2016-08-29 21:53:47 -04:00
mscherer
d52b9fc826 CakeFixtureManager: Truncate tables only if not dropped. 2016-08-29 12:08:57 +02:00
Nicola Beghin
41851d60b4 fix HTTP Basic Auth on FastCGI PHP 2016-08-28 19:16:59 +02:00
Mark Story
51963ab8fc Merge pull request #9349 from cakephp/2.x-sort-locale
2.x sort locale backport
2016-08-26 11:13:21 -04:00
Mark Sch
ee319baec1 Backport skip 2016-08-26 16:15:39 +02:00
mscherer
03df288e78 Re-add spacing. 2016-08-26 14:45:59 +02:00
mscherer
dab4b85596 Backport Hash::sort() support for type locale. 2016-08-26 14:32:21 +02:00
ndm2
87d86aaed9 Fix/tighten Folder::inPath() checks.
The current checks are way too relaxed, and are more like testing
for a substring, which makes it easy for invalid paths to slip
trough, for example `/foo/var/www` is falsely tested to reside in
`/var/www`.

Passing an empty path never worked properly, it was triggering a
warning, didn't worked on Windows, and the behavior that the current
top level directory would be assumed for empty paths wasn't
documented.

Similar is true for relative paths. While they did match at one point,
this was incorrect behavior, and matching actual path fragments seems
out of scope for this method.

This change makes the `$path` argument required, requires it to be an
absolute path, and throws an exception in case a non-absolute path is
being passed.
2016-08-26 13:45:45 +02:00
Mark Story
0565081db6 Merge pull request #9314 from mvdriel/add-support-for-confirm-option-to-submit-in-formhelper
Added support for confirm (message) option to submit in FormHelper
2016-08-22 09:18:30 -04:00
Mark Sch
b096005561 Fix CS 2016-08-21 20:31:45 +02:00
Mark van Driel
e3b0aca95e Removed bug fix for Helper::_confirm to keep the code compatible 2016-08-21 17:09:43 +02:00
Mark van Driel
34afc377ec Added support for confirm (message) option to submit in FormHelper 2016-08-20 12:51:13 +02:00
Kenya Yamaguchi
777e39531e fix php document of File::write() 2016-08-19 02:52:44 +09:00
José Lorenzo Rodríguez
3937a4f02e Merge pull request #9255 from cakephp/issue-9229-restore
Restore header() behavior inadvertantely removed.
2016-08-15 09:51:10 +02:00
mark_story
3e16f8911d Add tests covering basic use of <> in deleteAll()
Refs #9253
2016-08-13 22:48:02 -04:00
mark_story
a10bdb226a Document the ext/memcached version requirements.
Refs #9252
2016-08-13 19:38:31 -04:00
mark_story
bc73e928b6 Restore header() behavior inadvertantely removed.
In eaa2bbbcae I changed the behavior to
now use the TitleCased name as I didn't understand the intended behavior
or how apache was working in the reporter's specific case.

Refs #9229
2016-08-11 21:54:24 -04:00
Marc Würth
f2638b3e38 Remove superfluous "Class" from doc blocks 2016-08-10 12:22:09 +02:00
mark_story
61b3fbd605 Merge branch '2.x' into 2.next 2016-08-09 22:12:26 -04:00
mark_story
eaa2bbbcae Merge branch 'auth-header' into 2.x
Refs #9229
2016-08-09 22:07:46 -04:00
mark_story
20a2af8c16 Fix casing issues with Authorization header.
We need to check the upper case versions of headers in $_SERVER.
Also fix lint issues.
2016-08-09 22:06:49 -04:00
nojimage
9a5d5705cd TestShell support --coverage-text option 2016-08-08 20:13:40 +09:00
nojimage
e71d83c612 TestShell passes the 'directive' option to PHPUnit correctly 2016-08-08 20:09:37 +09:00
Sebastien Barre
345375b6b6 add test 2016-08-07 23:08:55 -04:00
Sebastien Barre
acc32f5c58 Work around Apache handling the Authorization: header differently 2016-08-07 19:50:23 -04:00
mark_story
0a22058e35 Update version number to 2.8.6 2016-08-02 22:15:04 -04:00
ADmad
ba829f758f Merge pull request #9204 from cakephp/fix-api
fix api generation
2016-08-03 01:40:16 +05:30
antograssiot
6dbd5c659d fix api generation 2016-08-02 22:01:35 +02:00
Juan I. Benavides
60bd98a593 Consistency with other methods: Type declaration of CakeEmail parameter. 2016-08-02 02:30:43 -05:00
Juan I. Benavides
d37f88b20e Documentation and declaration of object type in method's parameter
This should make pass the phpcs check. #9199
2016-08-01 16:46:25 -05:00
Juan I. Benavides
93db51cf10 Avoiding circular object reference in SmptTransport
This fixes a memory leak while sending multiple emails.

Fixes: #9198
2016-08-01 13:09:45 -05:00
Mark van Driel
4dc8e54131 Fixed typo 2016-07-27 20:27:15 +02:00
Mark van Driel
5caac5f340 Prevent unnecessary joins / complex conditions in delete 2016-07-27 16:31:57 +02:00
Andrej Griniuk
e7f3365d8b fix on php < 5.5 2016-07-26 23:57:14 +03:00
Andrej Griniuk
147693618c refs #9174 fix CakeSchema compare when changing field length to the default one 2016-07-26 23:39:09 +03:00
Mark van Driel
c01525f2cc Make check more strict to respect existing queries 2016-07-26 11:25:27 +02:00
Mark van Driel
d6e45131ad Prevent unnecessary joins / complex conditions in delete 2016-07-25 17:15:18 +02:00
Mark Story
b50c06423d Merge pull request #9115 from biesbjerg/ticket-7488
Fire Controller.shutdown and Dispatcher.afterDispatch events when exceptions are thrown
2016-07-19 22:49:02 -04:00
Mark Story
876b508797 Merge pull request #9108 from cakephp/issue-9106
Don't split strings headers that lack a ':'.
2016-07-15 22:20:13 -04:00
Kim Biesbjerg
cbdc89ddee Fix CS error 2016-07-14 05:50:37 +02:00
Kim Biesbjerg
38cad279d1 Updated test method name and description 2016-07-14 04:57:25 +02:00
Kim Biesbjerg
c77b628841 Dispatch Controller.shutdown instead of calling afterFilter directly. Updated test 2016-07-14 04:51:49 +02:00
Kim Biesbjerg
a05639a30e Don't save buffered output to var since it is not used 2016-07-14 00:20:33 +02:00
Kim Biesbjerg
5a63ee4e3e Added tests to prove that Dispatcher.afterDispatch event is dispatched by exception renderer on error response 2016-07-14 00:17:02 +02:00
Kim Biesbjerg
bddff7d2b0 Dispatch afterDispatch event when exception is thrown 2016-07-13 23:40:27 +02:00
mark_story
4e1b601ed8 Don't split strings headers that lack a ':'.
Refs #9106
2016-07-12 22:46:47 -04:00
Philippe Saint-Just
be7cecbb00 Removed whitespace 2016-07-10 14:02:55 +01:00
Philippe Saint-Just
b0e5e39e45 Added test case 2016-07-10 09:57:24 +01:00
Philippe Saint-Just
7edcdb0799 Handle plugin association consistently 2016-07-09 16:08:16 +01:00
Kim Biesbjerg
1d7a4da903 Fixed wrong assertion 2016-07-07 09:24:33 +02:00
Kim Biesbjerg
0ea315b2e0 Add assertion to prove session is not started on stateless login 2016-07-07 08:58:51 +02:00
Kim Biesbjerg
c63de8d9f5 Added test to prove stateless login sets user 2016-07-06 12:34:23 +02:00