Added ability to turn off HTTP_USER_AGENT check in a Controller::beforeFilter(),
Added id() to Session helper and component to return current Session id, the component accepts a $id parameter to force setting the Session id which must be called in a Controller::beforeFilter().
Sessions id are not longer renewed if a request is from Ajax, or from requestAction();
When Security.level (1.2) or CAKE_SECURITY (1.1) is set the 'high' renewing of Session id only happens if request is 2 seconds after the last request.
Added $_Session[Config][timeout] which forces renewing Session if request are within the 2 second limit and over 10 request.
If an application is expected to make multiple request (more than 10) to the server in a single proccess, Configure::write('Security.level', 'medium'); (1.2) or $this->Session->security = 'medium'; (1.1) should be used in a beforeFilter for the specific methods.
1.2 Sessions allow using CacheEngines to store Sessions, be aware that using memory caching as the only storage of Sessions is not reliable. Further work will be done to allow using the CacheEngines with database Sessions, etc.
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5982 3807eeeb-6ff5-0310-8944-8be069107fe0
Closes#3396, i18n fixes
Fixed TranslateBehavior::_getLocale() throwing error if I18n class had not been loaded
Added [P]roject to bake
Updated locale pot file
Removed css and js directories from skel
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5809 3807eeeb-6ff5-0310-8944-8be069107fe0
Closes#2909, Emailcomponent SMTP authentication.
Closes#2916, EmailComponent: Add read receipt header.
Closes#2969, change default charset in emailcomponent from ISO-8859-15 to utf-8.
Closes#3304, EmailComponent doesn't allow custom view class.
Fixes#3353, Email Component, content not shown when a file is attached.
Fixes#3381, Email::__wrap function ignores the $_newLine configuration property.
Fixed ThemeView::renderElement() to load helpers
Changed View::renderElement() to search core elements also
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5788 3807eeeb-6ff5-0310-8944-8be069107fe0
Fixes#2988, AclComponent check() does not inherit permissions.
Fixes#3022, Inconsistent table alias quoting crashes Acl node lookup with PostgreSQL.
Fixes#3129, Console ACL Shell ACO View Broken
Fixes#3176, Problems with ACL support on Microsoft SQL Server.
Closes#3311 as invalid, DboSourceTest::testArrayConditionsParsing tests added
Fixes#3312, DB_ACL::check() fail returning right permission
Fixes#3344, Model->field adds incorrect condition under certain circumstances.
Fixes#3400, Cookie Component: When reading a non-existing key it throws a notice.
Fixes#3407, Since [5768] CookieComponent throws warning when used in beforeFilter().
Closes#3401, Added form test to ensure $Form->fields array is what the security component requires.
Updated AclComponentTest
Merged changes in app/ to cake/console/libs/templates/skel
Fixed generated link to Run More Test after running Group > All tests
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5776 3807eeeb-6ff5-0310-8944-8be069107fe0
Deprecated define('MAX_MD5SIZE', (5 * 1024) * 1024); in core.php
Removing additional defines in core.php, replaced with Configure::write();
Added CakeSession::__startSession() to check for sent headers before attempting to start the session.
Added notices to Configure::__loadBootstrap() that will be removed before stable release.
Refactored Folder::tree().
Added additional FolderTest cases
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5768 3807eeeb-6ff5-0310-8944-8be069107fe0
changed fieldname 'row_id' to 'foreign_key'
now allows fallbacks for not-existing translations by setting model's locale to array of locales
model used for hasMany associations and for saving/deleting of translation records is configurable by Model::$translateModel property, db field 'i18n.field' is configurable by property $displayField of this custom model, instance of this model is obtainable by $this->ModelName->translateModel()
Added tests for translate behavior.
Added i18n shell script
Correcting translation function calls in various files
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5669 3807eeeb-6ff5-0310-8944-8be069107fe0
Added test for changes to Dispatcher.
Updating Model::_ _saveMulti(), moved the insert statement to DboSource::insertMulti() this will allow database that do not support multiple inserts in one statement to save data.
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5460 3807eeeb-6ff5-0310-8944-8be069107fe0
Adding fix for #2196, allow creation of user defined headers in email component.
Adding fix for #2215, EmailComponent header injection protection and cleaning.
Adding fix for #2717, EmailComponent should account for SAFE_MODE restriction on php mail function.
Adding fix for #2855, EmailComponent methods and parameters (to, subject, message, from etc.) should be email injection safe
Adding fix for #2859, EmailComponent does not send email when adding cc: and bcc:
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5389 3807eeeb-6ff5-0310-8944-8be069107fe0
Adding fix for #2667 move the CookieComponent::startup() implementation to CookieComponent::initialize().
Deprecated the use of the Controller properties to set the CookieComponent properties
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5262 3807eeeb-6ff5-0310-8944-8be069107fe0
Corrected errors when multiple hidden fields used in a form.
Fixed SecurityComponent::_ _validatePost() that would invalidate a form when checkboxes used.
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5238 3807eeeb-6ff5-0310-8944-8be069107fe0
/basics.php
* normalizeList() Deprecated: see Set::normalize
* countdim() see Set::countDim
libs/controller/components/request_handler.php
* RequestHandler::disableStartup = false; see RequestHandler::$enabled
* RequestHandlerComponent::setView() see RequestHandlerComponent::renderAs()
* RequestHandlerComponent::setAjax() see RequestHandlerComponent::renderAs()
libs/controller/components/session.php
* SessionComponent::flash() use $session->flash('key'); in your views
libs/controller/controller.php
* Controller::_setTitle() see Controller::set()
libs/model/datasources/dbo_source.php
* DboSource::fetchArray() see DboSource::fetchRow()
* DboSource::one() see DboSource::fetchRow()
libs/model/db_acl.php
* DB_ACL::getAco() see AclComponent::$Aco::node()
* DB_ACL::getAro() see AclComponent::$Aro::node()
libs/neat_array.php
* Class is not longer available use libs/set.php Set class
libs/sanitize.php
* Sanitize::sql() see Sanitize::escape()
* Sanitize::cleanArray() see Sanitize::clean()
* Sanitize::cleanArrayR() see Sanitize::clean()
* Sanitize::cleanValue() see Sanitize::clean()
libs/view/helper.php
* Helper::parseHtmlOptions() see HtmlHelper::_parseAttributes()
libs/view/helpers/form.php
* define('TAG_DIV', '<div class="%s">%s</div>');
* define('TAG_P_CLASS', '<p class="%s">%s</p>');
* define('TAG_LABEL', '<label for="%s">%s</label>');
* define('TAG_FIELDSET', '<fieldset><legend>%s</legend>%s</label>');
* FormHelper::labelTag() see FormHelper::label()
* FormHelper::divTag() see HtmlHelper::div()
* FormHelper::pTag() see HtmlHelper::para
* FormHelper::generateInputDiv() see FormHelper::input()
* FormHelper::generateCheckboxDiv() see FormHelper::input()
* FormHelper::generateDate() see FormHelper::input()
* FormHelper::generateTime() see FormHelper::input()
* FormHelper::generateDateTime() see FormHelper::input()
* FormHelper::generateAreaDiv() see FormHelper::input()
* FormHelper::generateSelectDiv() see FormHelper::input()
* FormHelper::generateSubmitDiv() see FormHelper::input()
* FormHelper::generateFields() see FormHelper::input()
libs/view/helpers/html.php
* HtmlHelper::file() see FormHelper::file()
* HtmlHelper::submit() see FormHelper::submit()
* HtmlHelper::selectTag() see FormHelper::select()
* HtmlHelper::formTag() see FormHelper::create()
* HtmlHelper::linkEmail() see HtmlHelper::link()
* HtmlHelper::dayOptionTag() see FormHelper::day()
* HtmlHelper::yearOptionTag() see FormHelper::year()
* HtmlHelper::monthOptionTag() see FormHelper::month()
* HtmlHelper::hourOptionTag() see FormHelper::hour()
* HtmlHelper::minuteOptionTag() see FormHelper::minute()
* HtmlHelper::meridianOptionTag() see FormHelper::meridian()
* HtmlHelper::dateTimeOptionTag() see FormHelper::dateTime()
libs/view/helpers/javascript.php
* JavascriptHelper::linkOut() see JavascriptHelper::link()
libs/view/view.php
* View::setLayout() use $this->layout in your view
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4981 3807eeeb-6ff5-0310-8944-8be069107fe0
Example of using this would be javascript that changes hidden fields, adding additional fields added using javascript, etc.
This is set in a Controller::beforeFilter().
Example usage:
{{{
$this->Security->disabledFields = array('fieldname', 'additional fields');
$this->Security->disabledFields = array('Model.fieldname', 'OtherModel.fieldname');
}}}
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4978 3807eeeb-6ff5-0310-8944-8be069107fe0
Forcing checking of Session form token if security component is used.
Enhancement will not allow a form to be submitted if the fields in the form created with the FormHelper do not match the fields in the submitted form.
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4968 3807eeeb-6ff5-0310-8944-8be069107fe0
Added ability to cache queries to Model::query() by passing true as a second param.
Before this method would turn off caching automatically and there was no way to turn it on.
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4784 3807eeeb-6ff5-0310-8944-8be069107fe0
Adding fix for Ticket #2335
Adding fix for Ticket #2344
Merged changes in dbo from 1.2 to 1.1
Merged changes to session handling in 1.2 to 1.1
Merged changes to Model::_ _saveMulti() in 1.2 to 1.1
Added Set::pushDiff() to append differences in array 2 to array 1
Added SessionComponent::activate() and SessionHelper::activate() to turn sessions usage on if AUTO_SESSION is set to false
Added test for Ticket #2343
Added change to AclNode to use correct table naming
Added garbage clean up to CakeSession::_ _close(); some installs, like Debian, have removed garbage clean
up and use a cron job instead. Currently this change is only supported for database session.
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4752 3807eeeb-6ff5-0310-8944-8be069107fe0
