Koji Tanaka
400d45f56c
fix code style
2017-12-31 17:05:26 +09:00
Koji Tanaka
74a8611eef
[2.x]Fix can't load aliased component on ControllerTestCase
2017-12-31 15:44:05 +09:00
mark_story
51206d7358
Update version number to 2.10.6
2017-12-18 21:15:48 -05:00
Mark Story
3bf93b7f76
Merge pull request #11526 from cakephp/post-conditions
...
Make postConditions() less permissive.
2017-12-15 14:36:38 -05:00
mark_story
340059be15
Check model names for bad characters as well.
2017-12-13 00:01:09 -05:00
mark_story
a9618f67f7
Use a permitted list instead of a ban list.
...
This should be safer as we are more confident on what is coming in.
2017-12-13 00:01:05 -05:00
Mark Sch
bdaff46627
Merge pull request #11534 from tenkoma/patch-2
...
[2.x] Fix Phpdoc for CakeObject::log()
2017-12-12 12:29:38 +01:00
Koji Tanaka
fba7f1c617
Fix Phpdoc for CakeObject::log()
2017-12-12 20:00:21 +09:00
mark_story
f66dec8a96
Make postConditions() less permissive.
...
We were notified by `ooooooo_q` that postConditions() is vulnerable to
SQL injection if used without SecurityComponent tampering prevention.
This change attempts to make postConditions() safer by exploding in
unsafe scenarios.
2017-12-10 21:44:47 -05:00
Mark Story
13011f3ecd
Merge pull request #11504 from chinpei215/2.x-fix-non-local-referer
...
[2.x] Fix CakeRequest::referer(true) returning scheme-relative URLs
2017-12-04 19:22:10 -05:00
chinpei215
6ad30946d8
Fix CS
2017-12-04 23:31:32 +09:00
chinpei215
9f65402d2c
Fix CakeRequest::referer(true) returning scheme-relative URLs
...
Backport of #11503 (and #8795 )
2017-12-04 21:18:27 +09:00
Mark Story
7fbeea4fa8
Merge pull request #11479 from cakephp/2.x-depr
...
Clarify migration path to 3.x
2017-11-29 14:27:05 -05:00
dereuromark
eaf7454628
Clarify migration path to 3.x
2017-11-29 19:57:01 +01:00
Mark Story
abec95d3ea
Merge pull request #11469 from db-bogdan/issue11468
...
fixes #11468 sending user data on basic auth in API environment
2017-11-28 21:52:59 -05:00
Mark Story
979eaeef5f
Merge pull request #11472 from chinpei215/2.x-order-expression
...
[2.x] Fix 'order' not working with a single expressions
2017-11-28 14:59:07 -05:00
chinpei215
4ae9f13dfd
Fix 'order' not working with a single expressions
2017-11-29 00:17:57 +09:00
db-bogdan
e824346cca
extra fix
2017-11-28 11:43:55 +02:00
db-bogdan
94e06dfeb3
add unit test
2017-11-28 11:31:46 +02:00
db-bogdan
5695fef46f
fixes #11468
2017-11-27 11:59:34 +02:00
Mark Story
668e7473b9
Merge pull request #11456 from tersmitten/cakephp-2x-3x-sessiontime-inconsistent
...
Add option to make `_validAgentAndTime` 3.x compatible
2017-11-26 21:54:50 -05:00
Mischa ter Smitten
d7b9e55e98
Fix indent
2017-11-23 14:12:13 +01:00
Mischa ter Smitten
c437efd2a5
Improved documentation
2017-11-23 10:13:42 +01:00
Mischa ter Smitten
05954ff405
Consistency changes
2017-11-23 10:09:25 +01:00
Mischa ter Smitten
4faac8e09a
Improved readability
2017-11-23 10:06:14 +01:00
Mischa ter Smitten
bc1678cf2a
Add option to make _validAgentAndTime
3.x compatible
2017-11-23 10:02:38 +01:00
Mark Story
6343219d9b
Merge pull request #11450 from bancer/issue-11448-missing-test-headers
...
Fixed missing header in test.php
2017-11-21 11:08:35 -05:00
Val Bancer
a2cc9843e4
added missing ob_end_flush() call
2017-11-21 15:20:14 +01:00
Val Bancer
9a69363858
Merge pull request #4 from cakephp/2.x
...
2.x sync
2017-11-21 15:17:07 +01:00
mark_story
10fcd7633d
Update version number to 2.10.5
2017-11-20 21:09:55 -05:00
mark_story
f788c90b3c
Fix typo
2017-11-05 22:34:47 -05:00
Mark Story
b175270f62
Merge pull request #11404 from ynaderi/2.x
...
- DigestAuthenticate modification for cakephp 2.X
2017-11-05 22:34:17 -05:00
Yaser Naderi
26a683f36f
- DigestAuthenticate modification for cakephp 2.X
2017-11-03 14:53:54 -04:00
Marc Würth
24e4acf9a3
Merge pull request #11397 from cakephp/2.x-allow-php72-failures
...
Allow the Travis builds on PHP 7.2 to fail
2017-11-02 01:40:40 +01:00
Marc Würth
5524768ea4
Allow the other PHP 7.2 job to fail
2017-11-02 01:18:00 +01:00
Marc Würth
c625269a60
Allow the Travis build on PHP 7.2 to fail
2017-11-02 01:11:58 +01:00
Marc Würth
0cb55916a8
Merge pull request #11347 from josephzidell/patch-1
...
Test against PHP 7.2
2017-11-01 16:42:53 +01:00
Mark Story
65373736a3
Merge pull request #11371 from Milanzor/2.x
...
Force email domain lookups to work in fallback case.
2017-10-25 18:34:33 -04:00
Milan van As
7de5ae4438
Force email domain lookups to work in fallback case.
2017-10-25 08:45:57 +02:00
Mark Story
509cd6f7c2
Merge pull request #11353 from saeideng/patch-1
...
2.x replace tab with space
2017-10-21 19:26:56 -04:00
saeideng
b59b64db29
replace tab with space
2017-10-21 22:44:15 +03:30
Joseph Zidell
46296db373
Test against PHP 7.2
...
Install `mcrypt` from PECL
2017-10-20 12:43:47 -04:00
mark_story
549c181926
Update version number to 2.10.4
2017-10-18 21:54:49 -04:00
Mark Story
79fd4eb4e7
Merge pull request #11332 from chinpei215/2.x-cookie-component-3
...
[2.x] Fix CookieComponent::delete() not working for deep children
2017-10-16 21:28:10 -04:00
chinpei215
19bbb7da17
Simplify CookieComponent::read()
...
Also, this commit fixes an issue of when the second level key is empty.
Previously, read('foo.0') returned incorrect result.
2017-10-16 21:01:19 +09:00
chinpei215
bbea91090d
Fix CookieComponent::delete() not working for deep children
2017-10-16 20:55:00 +09:00
mark_story
e85f489c1f
Add test for #11284
2017-10-13 21:55:56 -04:00
Mark Story
d3a4ce1216
Merge pull request #11284 from kolorafa/patch-1
...
msSQL - also handle offset as string
2017-10-13 21:55:21 -04:00
Mark Story
fb44035177
Merge pull request #11299 from tenkoma/2.x-fix-cc-number-jcb-pattern
...
[2.x]Fix Credit card number pattern(JCB) is wrong
2017-10-08 10:09:19 -04:00
Koji Tanaka
7d2d902b57
[2.x]Fix Credit card number pattern(JCB) is wrong
2017-10-08 16:15:10 +09:00