Marc Würth
d9e5d0ca05
Re-add the Equifax Secure Certificate Authority
...
Port change 343e206360
from 3.x to 2.x
2016-04-13 12:27:59 +02:00
Mark Story
1d4e39a45a
Merge pull request #8625 from cakephp/jrbasso/2.x-fix-doc
...
Fixed doc formatting on CakeResponse::cookie
2016-04-11 15:05:23 -04:00
Mark Story
d68342ed36
Merge pull request #8627 from ravage84/2.x-cacert.pem
...
Update bundled CA file
2016-04-11 15:04:45 -04:00
Marc Würth
4fd25e648c
Update bundled CA file
...
Same as https://github.com/cakephp/cakephp/pull/8608 for 3.x
2016-04-11 13:55:28 +02:00
Juan Basso
718a7479e2
Fixed doc formatting on CakeResponse::cookie
...
Fixed doc to show properly in the documentation. This change was already applied on master.
2016-04-10 23:34:01 -04:00
chinpei215
5006cc396a
Add a test case to make sure of backward compatibility
2016-04-11 00:43:35 +09:00
Mark Sch
7207d8f16a
Remove class extension.
2016-04-10 16:38:03 +02:00
Mark Sch
e26cdc989d
Add class_alias()
2016-04-10 16:16:03 +02:00
mscherer
e84ff5e0d5
Fix doc block param types.
2016-04-08 15:12:48 +02:00
mscherer
657b1a1029
Fix doc block param types.
2016-04-08 15:02:03 +02:00
mscherer
bae4a11e5e
Rename test file.
2016-04-08 14:40:30 +02:00
mscherer
3e2b84052a
Add deprecated BC wrapper class.
2016-04-08 14:36:23 +02:00
mscherer
dda9e83ab6
Refactor Object to CakeObject for future PHP7 comp.
2016-04-08 14:33:26 +02:00
mark_story
79db545b69
Fix PHP 5.4 syntax.
2016-04-02 21:45:02 -04:00
mark_story
1333cc4b3e
Merge branch 'postlink-token' into 2.x
...
Fix inline postLink() calls corrupting the containing form's tampering
token.
Refs #8387
2016-04-01 23:08:41 -04:00
mark_story
c551faad46
Add tests for changes in #8387
...
Add tests covering the new behavior.
2016-04-01 23:08:31 -04:00
Mark Story
0a6a6c86c4
Merge pull request #8576 from cakephp/issue-8567
...
Allow N11 exchange numbers as valid.
2016-04-01 21:57:42 -04:00
mark_story
84fc9498b5
Allow N11 exchange numbers as valid.
...
The previous code and commit (fa3d4a0bb5
)
were incorrect about invalid exchange numbers as 1-800-211-4511 is
a real phone number.
I've also removed a duplicate alternation pattern.
Refs #8567
2016-03-31 22:38:16 -04:00
mark_story
13b914917d
Update version number to 2.8.3
2016-03-28 22:17:27 -04:00
mark_story
1926d40d40
Fix possibility for spoofed files to pass validation.
...
Use `is_uploaded_file` to prevent crafty requests that contain bogus
files from getting through. A testing stub class was necessary to avoid
making significant changes to the test suite.
2016-03-28 22:10:36 -04:00
Mark Story
96c9521802
Merge pull request #8518 from garethellis36/customize-logged-error-message
...
[2.x] Extracts error trace in ErrorHandler to a helper function to allow customization
2016-03-23 21:20:30 -04:00
mark_story
a0ea7a0f2a
Fix PHP5.4+ syntax.
...
2.x must be compatible with PHP 5.3
2016-03-23 21:19:19 -04:00
Gareth Ellis
a6702b70d4
Extracts error trace in ErrorHandler to a helper function to allow customization
2016-03-23 19:05:23 +00:00
José Lorenzo Rodríguez
24df4ddf02
Merge pull request #8500 from cakephp/issue-8480-requests
...
Instead of wiping the Router, just clear requests.
2016-03-20 18:34:27 +01:00
mark_story
c6db76d044
Instead of wiping the Router, just clear requests.
...
Clearing the router also removes routes which can cause assertions to
fail. By just removing the stored requests we avoid the error reported
in #8480 and not break as many tests.
2016-03-20 11:10:34 -04:00
José Lorenzo Rodríguez
099369b94c
Merge pull request #8497 from cakephp/issue-8480
...
Clear the router state after testAction().
2016-03-19 17:45:22 +01:00
mark_story
7ceb0993bf
Clear the router state after testAction().
...
When using array urls, internal state in the Router would cause requests
to be incorrectly handled causing multiple testAction calls in a single
test to fail. By reloading the router we start off with a clean slate
each time.
Refs #8480
2016-03-19 12:16:21 -04:00
Mark Story
01d3c2f599
Merge pull request #8475 from cakephp/issue-8468
...
Fix boolean values in select widgets.
2016-03-18 22:20:31 -04:00
José Lorenzo Rodríguez
4d59cdbc84
Merge pull request #8478 from tharlinsmith/hasmany-perf-improvement
...
Replaced nested loop in merging hasMany children with one pass each t…
2016-03-17 21:21:29 +01:00
mark_story
f57f038c09
Fix for PHP 5.3
2016-03-16 21:17:42 -04:00
Thomas Smith
3e86de5bcd
Replaced nested loop in merging hasMany children with one pass each through children and parents
2016-03-16 09:37:15 -07:00
mark_story
745f3a33e6
Fix boolean values in select widgets.
...
Boolean `false` should be treated like `0` when comparing option values.
Refs #8468
2016-03-15 22:59:03 -04:00
Mark Story
61b09024b0
Merge pull request #8470 from ravage84/patch-4
...
Add note about log levels on Wndows
2016-03-15 21:17:55 -04:00
Mark Story
896c6e3010
Merge pull request #8469 from ravage84/patch-3
...
Remove outdated statement about log auto config
2016-03-15 21:09:07 -04:00
Marc Würth
ca5e9c305f
Add note about log levels on Wndows
...
This is a problem if a developer on Windows tries to separate those three levels into separate streams without customizing the CakePHP default levels.
2016-03-15 19:37:14 +01:00
Marc Würth
adc450d18b
Remove outdated statement about log auto config
2016-03-15 19:33:14 +01:00
mark_story
c0a5d2b341
Merge branch '2.x' into 2.next
2016-03-13 23:02:24 -04:00
mark_story
22a2e93c4b
Update version number to 2.8.2
2016-03-13 23:01:17 -04:00
mark_story
af046fc7d6
Merge branch 'request-ip' into 2.x
2016-03-13 23:00:47 -04:00
Mark Story
562d954eea
Merge pull request #8453 from cakephp/issue-8450
...
Fix incorrectly inheriting permissions.
2016-03-12 21:11:12 -05:00
mark_story
fef3090717
Fix incorrectly inheriting permissions.
...
When child inherits from a deny parent the '*' permission should reflect
permissions on all nodes not just the leaf node. Previously once a node
with all permissions set to inherit was found, the check would pass.
Instead it should cascade to the parent nodes and look for explicit
allow/deny.
Refs #8450
2016-03-11 23:18:50 -05:00
mark_story
48af49ddde
Don't trust CLIENT_IP
...
The client_ip header can easily be forged. In 'safe' modes we should
only trust the remote_addr which comes from the sapi. Remove support for
http_clientaddress as I can't seem to find where this ever came from in
PHP on the http specs.
2016-03-10 22:04:13 -05:00
Mark Story
18b0334890
Merge pull request #8384 from garas/mailtransport-log-subject
...
Email log missing Subject and To headers when using MailTransport
2016-03-02 21:29:13 -05:00
mark_story
3ad68db5eb
Tweak fix from #8359
...
This fixes a regression introduced in that change that we didn't
previously have tests for. The issue fixed in #8359 was related to
PHP7.0, whereas PHP5 didn't have an issue. Now both versions will work
the same.
2016-03-02 12:30:48 -05:00
Mark Story
63de5ca4ea
Merge pull request #8359 from phlyper/patch-1
...
verify exists index 0 in $ref
2016-03-02 12:27:49 -05:00
Markus Bauer
95558d0bba
Data passed through FormHelper::postLink is excluded from CSRF creation of an outer form. Subsequent fix for #8387 .
2016-03-02 03:02:43 +01:00
Markus Bauer
7df96b3912
Creating correct CSRF tokens when using FormHelper::postLink within another form. Fixes #8387
2016-03-02 02:51:06 +01:00
Mark Story
bafcba3c71
Merge pull request #8383 from xhs345/patch-1
...
Updated deprecated doc for flash method
2016-03-01 18:19:39 -05:00
Alex
862397325d
fixed typo
2016-03-01 12:41:29 -08:00
Edgaras Janušauskas
2386a86adc
Include Subject and To in email log when using MailTransport
2016-03-01 22:21:14 +02:00