Commit graph

6113 commits

Author SHA1 Message Date
ADmad
1eccec02e4 Merge pull request #3872 from CostaC/response-sharable-fix
Fix for CakeResponse::sharable() header to include private caches
2014-07-04 10:32:51 +05:30
mark_story
3936cce4b8 Disallow hexadecimal input with inList.
Instead of turning on/off strict mode based on the user supplied input,
cast everything to strings and always use a strict check. This avoids
the potential issue of a bad user using hexadecimal when they should not
be allowed to do so. Thanks to 'Kurita Takashi' for pointing this out.
2014-07-03 22:10:49 -04:00
mark_story
1988e89e73 Add an upper bound to the POST data SecurityComponent will consider.
'Kurita Takashi' has let us know that the previous patterns could be
abused by an evil doer. One could potentially send a very large deeply
nested POST data structure. Matching that structure could overflow the
PCRE limits causing a segmentation fault. Adding an upper bound will
solve the problem and I doubt anyone is doing POST data structures with
more than 10 levels of nesting.
2014-07-03 22:02:00 -04:00
mark_story
765be87d88 Overwrite the schemaName property if it is not defined in the class.
If a model class does not define a schemaName we should use the
datasource's schemaName. We can assume that people using schemaName want
to lock the model onto a specific schema given the changes in #3210

Fixes #3720
2014-07-03 21:53:54 -04:00
Costa Caruso
8bfebd64fb Fix for failing test "Whitespace found at end of line" 2014-07-03 15:45:03 -04:00
Costa Caruso
4f559f5cc9 Fixed failing test for CakeResponse::sharable + spacing 2014-07-03 15:03:48 -04:00
euromark
974ca851c2 Correct doc blocks according to cs guidelines.
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
33a5b6e451 Fix additional missing API doc tags. 2014-07-02 23:38:34 -04:00
Costa Caruso
1164c0bcad Fix for CakeResponse::sharable() header to include private caches 2014-07-02 17:34:09 -04:00
Mark Story
2c53bc8a1b Merge pull request #3838 from cakephp/revert-3646-no-truncate-fixture
Revert "No truncate when drop table."

Not truncating tables when they are created causes a number of 
issues in ControllerTestCases as indicated by the comments in #3646 post merge.
2014-07-01 22:02:57 -04:00
mark_story
adcf9ab723 Fix failing test.
CakeEmail now has a default validation pattern.

Refs #3742
2014-06-30 13:29:39 -04:00
mark_story
dc34d80f6f Relax email validation rules even more.
While filter_var() allows a number of email addresses that
Validation::email() does not, it misses out of email address that
contain IDN host names, and unicode mailboxes. Both of these are
generally deliverable, and should be permitted. filter_var() also fails
on local mailboxes like `root@localhost` which is useful in the context
of cron jobs.

Fixes #3742
2014-06-30 10:42:37 -04:00
Mark
1686edf016 Revert "No truncate when drop table." 2014-06-30 14:14:20 +02:00
Mark Story
a966f089d2 Merge pull request #3832 from ADmad/2.5-inflector
Add pluralization rule for "stadia" to uninflected list.
2014-06-29 09:34:09 -04:00
ADmad
607200fa7b Add pluralization rule for "stadia".
Refs #3830
2014-06-29 14:51:23 +05:30
mark_story
91721244a4 Fix more doc block errors in lib/ 2014-06-27 22:58:34 -04:00
Bryan Crowe
a1ae31e554 Fix identifier typos 2014-06-26 23:06:08 -04:00
euromark
73dcb2cb91 cs correction 2014-06-26 14:22:34 +02:00
Renan Gonçalves
1a89a3cb9d Exiting with 1 when Exception::getCode() returns non-integer values.
From php.net/exception.getcode
> Returns the exception code as integer in Exception but possibly as other type in Exception descendants (for example as string in PDOException).
2014-06-26 13:26:20 +02:00
euromark
b3507b199a Update doc blocks regarding return $this 2014-06-25 00:06:51 +02:00
José Lorenzo Rodríguez
bf33e1cf57 Merge pull request #3761 from aka-toxa/master
improving acl perfomance
2014-06-24 21:58:30 +02:00
José Lorenzo Rodríguez
3df972faa2 Merge pull request #3782 from cakephp/issue-3779
Whitelist more URL-y characters in digest parsing.
2014-06-24 21:56:40 +02:00
José Lorenzo Rodríguez
e9e09bf19a Merge pull request #3788 from dereuromark/master-composer
Fix composer app issues with cake.php
2014-06-24 21:56:01 +02:00
euromark
05709908a7 Fix composer app issues with cake.php 2014-06-24 17:49:18 +02:00
suzuki86
8f9589f7c8 Fix typo 2014-06-25 00:20:54 +09:00
euromark
26fe1265ab Mark App::pluginPath as deprecated and don't use it anymore. 2014-06-24 11:52:29 +02:00
mark_story
b4bcd74e60 Whitelist more URL-y characters in digest parsing.
Android clients include a full URL instead of just the URI. Also handle
situations where URLencoded bytes and document fragments are used.

Refs #3779
2014-06-23 14:39:35 -04:00
Anatoliy Petrovskiy
ad678e3988 improving acl perfomance 2014-06-23 13:51:52 +03:00
mark_story
59c3b73f7a Skip autoloaders for APCIterator
We can skip autoloaders for this class as it is provided by
a C extension and will never come from userland code.
2014-06-22 21:22:00 -04:00
mark_story
ffe811935c Remove else.
By returning early we can avoid the else statement entirely.
2014-06-20 16:07:47 -04:00
mark_story
e683616329 Apply patch from 'biesbjerg' to ApcEngine
This set of changes allows ApcEngine to work with APCu and newer
versions of APC.

Fixes #3749
2014-06-20 13:59:05 -04:00
Anatoliy Petrovskiy
bb15271622 improving acl perfomance by adding indexes on acl tables and reorganization joins in getting acl node function 2014-06-20 20:49:02 +03:00
euromark
d81d568cc0 make coredispatcher fully BC again 2014-06-20 14:05:18 +02:00
Mark Story
282a5d1cb5 Merge pull request #3731 from cakephp/issue-3656
Fix TextHelper::autoLinkEmail() near HTML

Refs #3656
2014-06-18 09:53:30 -04:00
Mark Story
163cacbd1d Merge pull request #3734 from voycey/patch-1
Add 'research' to the list of uninflected words.
2014-06-18 09:31:54 -04:00
Mark Story
c99c68684b Merge pull request #3646 from nanapi/no-truncate-fixture
Don't truncate test fixtures when the table has been freshly created.
2014-06-18 09:18:24 -04:00
Mark Story
562ed73562 Merge pull request #3726 from dereuromark/master-console-cake-unification
DS console cake unification
2014-06-18 08:55:53 -04:00
Dan Voyce
4915639efb Update Inflector.php
Added Research
2014-06-18 11:48:16 +10:00
euromark
6161aae54e also bring template one in sync. 2014-06-17 13:08:13 +02:00
euromark
a927f5d954 remove wrong App::uses() call 2014-06-17 05:10:19 +02:00
Bryan Crowe
1db10b4dd1 Basic grammar update to BasicAuthenticate docblock 2014-06-16 21:48:35 -04:00
mark_story
9136f63874 Fix autoLinkEmail() not working when emails are adjacent to HTML.
When an email address is adjacent to HTML it should be autolinked
correctly.

Refs #3656
2014-06-16 21:48:30 -04:00
mark_story
74d8e9ea40 Convert test to use a dataprovider instead of multiple calls.
Dataproviders are generally a bit easier to work with in the future.
2014-06-16 21:46:34 -04:00
euromark
a9de83daeb console cake cleanup and unification
remove duplicate define
2014-06-17 02:28:52 +02:00
mark_story
96df2c4b68 Update version number to 2.5.2 2014-06-14 21:36:39 -04:00
mark_story
fa19c34580 Fix Hash::extract() not matching 1/0 to true/false.
Historically [prop=1] has matched prop=true as well. This restores that
and also fixes [prop=0] not finding falsey values.

This makes the typing less strict in Hash::extract() but I don't think
it is unreasonable given PHP's type juggling.

Refs #3288
2014-06-12 11:30:48 -04:00
Bryan Crowe
d8b4c3967c Fix typo 2014-06-10 23:31:42 -04:00
ADmad
0b4ba0b049 Fix api docblocks for behaviors. 2014-06-10 00:38:44 +05:30
ADmad
4ee7cf6564 Remove lies from API docblock for BasicAuthenticate class.
Add info on how to configure for cookieless/stateless operation without redirection.
2014-06-08 14:05:08 +05:30
mark_story
146053c980 Update datasource API docs. 2014-06-06 14:06:32 -04:00
mark_story
d8b0083632 Fix api doc errors in TestSuite/ 2014-06-06 13:57:48 -04:00
mark_story
07b43403fb Fix doc errors in Component/Acl. 2014-06-06 13:57:15 -04:00
mark_story
849ad9a4f5 Remove dead, untested and unreachable code in FormHelper.
Closes #3650
2014-06-06 08:17:49 -04:00
akiyan
6d2402fbf6 No truncate when drop table. 2014-06-05 13:37:22 +09:00
mark_story
ab5da2a09f Fix the test suite package doc block errors. 2014-06-05 00:24:01 -04:00
mark_story
7058921275 Fix doc comment errors in Acl classes. 2014-06-05 00:15:45 -04:00
ADmad
1d40f3e685 Fix API docblock CS errors. 2014-06-05 00:28:55 +05:30
mark_story
55672b6df3 Merge branch 'router-stars' from Hikkijp
Refs #3582, #3581
2014-06-02 22:38:27 -04:00
mark_story
4362f7bf8b Add tests for CakeRoute::match() and trailing * routes.
Add tests for /pages/** routes, and fix coding standards errors.

Refs #3581
2014-06-02 22:37:37 -04:00
mark_story
9ba7abd89f Merge branch 'FormAuthenticate_empty_fix' from KeinBaum
Closes #3624
2014-06-02 22:03:40 -04:00
mark_story
975e4c3af0 Allow username of 0 in basic authentication.
Refs #3624
2014-06-02 22:02:28 -04:00
mark_story
d1e4dfac47 Add tests for #3624
The username of '0' should be accepted by FormAuthenticate.

Refs #3624
2014-06-02 21:58:50 -04:00
KeinBaum
88b3629f4f #3623: Allow username "0" with FormAuthenticate 2014-06-02 19:11:02 +02:00
ADmad
e7debd8692 More API docblock CS fixes. 2014-06-02 18:27:11 +05:30
Stefan Dickmann
91907b5c6c correct docblock
invalid certificate domain
2014-06-01 13:23:47 +02:00
mark_story
47ce5928e1 Fix api doc errors in Cache. 2014-05-31 22:02:55 -04:00
mark_story
86a071353d Fix api doc comment errors in Error/ 2014-05-31 21:57:17 -04:00
mark_story
fe2003888b Fix api doc errors in basics.php 2014-05-31 21:53:54 -04:00
mark_story
15f63e9c81 Removing peer verification failure test.
Since we are not running a domain with an invalid certificate relying on
someone else to do that is quite unreliable.
2014-05-31 21:51:03 -04:00
Mark Story
e467457319 Merge pull request #3612 from cakephp/api-doc-comments
More API docblock fixes.
2014-05-31 19:12:20 -04:00
ADmad
3d9b2b80cb More API docblock fixes. 2014-06-01 03:06:05 +05:30
MaziyarMK
596c1c27cb added HTML for styling tables
added <thead> and <tbody> to table for easier styling of generated templates.
2014-05-31 20:50:29 +00:00
ADmad
543066f34a Set default sort direction to 'asc'. 2014-05-30 19:43:09 +05:30
ADmad
16df061d66 Fix api docblocks for View layer classes. 2014-05-30 01:23:12 +05:30
mark_story
390441d3b9 Accept older blowfish hashes.
Both `2a` and `2x` are valid types of blowfish hashes, that while being
older should be accepted.

Backport 00c94bd582b83f8b92228b750aea0e8816a4ea89 from 3.x to 2.5.x,
I see this as a bug fix as it fixes incompatibilities with hashes
created by hash_password().

Refs #3575
2014-05-28 22:53:21 -04:00
ADmad
7a4244d0a6 More docblock CS fixes. 2014-05-28 22:09:54 +05:30
mark_story
f6c868d706 Fix remaining doc block errors in Console/ 2014-05-27 23:34:53 -04:00
mark_story
8f5acb0932 Fix CS errors in skel/ 2014-05-27 23:21:32 -04:00
mark_story
bb58bbe642 Fix API doc errors in Console/ 2014-05-27 23:16:05 -04:00
Mark Story
f287bc76c0 Force .bat files to have CRLF endings.
Newer versions of git convert line endings on checkout. This also causes
these files to show up as always modified when the repo is cloned
because the index and working copy have different line endings.

Hopefully this fixes the issue.

Fixes #3585
2014-05-27 19:06:08 -04:00
Hikkijp
c622a9dfc2 Fixes bug #3581
Fixes bug #3581 and the issue noticed by markstory
2014-05-27 17:30:38 -03:00
Hikkijp
f7e98e7427 Revert "Fixes bug described in #3581"
This reverts commit e6c6e0bf2c.
2014-05-27 17:25:28 -03:00
Hikkijp
e6c6e0bf2c Fixes bug described in #3581
Routes with '/**' are now correctly handled by the HtmlHelper->link()
2014-05-27 14:03:56 -03:00
Hikkijp
952c7192f4 Revert "Fixes bug described in #3581"
This reverts commit 6c75e3697d.
2014-05-27 14:00:20 -03:00
Hikkijp
6c75e3697d Fixes bug described in #3581
Routes with '/**' are now correctly handled when called by
$this->Html->link() in a view.
2014-05-27 13:50:08 -03:00
Mischa ter Smitten
329fd3fe4c Consistent use of Shell::err for errors 2014-05-27 12:29:09 +02:00
mark_story
db86b0c050 Don't disable the entire select when disabled is array(1)
When the disabled attribute is just array(1), then the attribute should
be filtered out of select element attributes. This is kind of a hacky
workaround but changing the underlying attribute handling is going to be
pretty tricky and far more dangerous.

Fixes #3546
2014-05-23 13:26:11 -04:00
mark_story
81875cfeb1 Optimize renew().
Don't call session_id() twice when we can use a local variable to store
the current session id.

Fixes #3531
2014-05-22 14:28:56 -04:00
mark_story
cd68002246 Add additional test case for named parameters.
Refs #3525
2014-05-22 14:14:35 -04:00
akiyan
781430c4af Removed unnecessary conditional branch, fixed test and comment. 2014-05-22 14:08:18 -04:00
akiyan
67f256297d Fixed secure form hash for special url.
No htmlspecialchars encode and without fragment identifer.
2014-05-22 14:08:11 -04:00
mark_story
270e8774e4 Fix incorrect status line parsing in HttpSocketResponse.
Allow for multi-word status reasons.

Closes #3545
2014-05-21 21:53:18 -04:00
Mark Story
b1fe9134c6 Merge pull request #3528 from Marlinc/patch-1
Add 'feedback' to uninflected single and plurals
2014-05-19 16:46:16 -04:00
Marlin Cremers
1977d51a49 Add 'feedback' to uninflected single and plurals 2014-05-19 20:57:11 +02:00
Brian Porter
9452d5e1b6 Harden the bin/cake script to avoid breakage when local shell environment has a CDPATH set. 2014-05-19 11:05:28 -05:00
mark_story
0fd12c7a68 Update version number to 2.5.1 2014-05-17 22:39:27 -04:00
mark_story
153141a6c7 Make help clearer around how to use UpgradeShell.
Closes #3504
2014-05-15 11:32:32 -04:00
euromark
143e8e4c56 Make sure invalid arrays return empty array instead of throwing notices. 2014-05-14 23:53:58 +02:00
James Watts
992ab5ea11 Removed the little doc that lied
View::get() never looked up blocks
2014-05-14 20:06:37 +02:00
mark_story
20ef10aca2 Fix inline attachments being broken when only sending an HTML text body.
The rel boundary was closed too early causing inline images to be
incorrectly included in the email message.

Refs #3474
2014-05-14 09:42:25 -04:00