Commit graph

2965 commits

Author SHA1 Message Date
chinpei215
ca93bbcd15 Fix CS 2014-07-14 01:21:09 +09:00
chinpei215
ace30fdd8a Fix a race condition problem
Prevents Model::save() from generating a query with WHERE 1 = 1 on race condition.

Refs #3857
2014-07-12 23:27:39 +09:00
mark_story
03c2a8b722 Unify datetime column default values between MySQL and Postgres.
Datetime columns should have 'default' => null, in both Postgres and
MySQL.

Fixes #3837
2014-07-11 23:10:16 -04:00
mark_story
a098d96c94 Remove flaky test that was of questionable value. 2014-07-10 14:39:20 -04:00
chinpei215
0c1fc36b14 Fix an infinite recursion caused by missing plugin
When a MissingPluginException has caught when rendering an exception,
we should disable the plugin as needed to prevent an infinite recursion.
2014-07-09 15:55:41 +09:00
Schlaefer
1e961a8aac increases time window in CSRF token expiry tests to 2 seconds
travis-cs failed with 1 second margin
2014-07-06 13:54:24 +02:00
Schlaefer
9fa7afa354 fixes #3887 CSRF reusable token expires 2014-07-06 10:39:00 +02:00
José Lorenzo Rodríguez
396725dc8c Merge pull request #3880 from markstory/incorrect-validation
Fix issues with Validation::inList() and SecurityComponent
2014-07-05 14:41:15 +02:00
ADmad
1eccec02e4 Merge pull request #3872 from CostaC/response-sharable-fix
Fix for CakeResponse::sharable() header to include private caches
2014-07-04 10:32:51 +05:30
mark_story
3936cce4b8 Disallow hexadecimal input with inList.
Instead of turning on/off strict mode based on the user supplied input,
cast everything to strings and always use a strict check. This avoids
the potential issue of a bad user using hexadecimal when they should not
be allowed to do so. Thanks to 'Kurita Takashi' for pointing this out.
2014-07-03 22:10:49 -04:00
Costa Caruso
4f559f5cc9 Fixed failing test for CakeResponse::sharable + spacing 2014-07-03 15:03:48 -04:00
euromark
974ca851c2 Correct doc blocks according to cs guidelines.
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
adcf9ab723 Fix failing test.
CakeEmail now has a default validation pattern.

Refs #3742
2014-06-30 13:29:39 -04:00
mark_story
dc34d80f6f Relax email validation rules even more.
While filter_var() allows a number of email addresses that
Validation::email() does not, it misses out of email address that
contain IDN host names, and unicode mailboxes. Both of these are
generally deliverable, and should be permitted. filter_var() also fails
on local mailboxes like `root@localhost` which is useful in the context
of cron jobs.

Fixes #3742
2014-06-30 10:42:37 -04:00
ADmad
607200fa7b Add pluralization rule for "stadia".
Refs #3830
2014-06-29 14:51:23 +05:30
Bryan Crowe
a1ae31e554 Fix identifier typos 2014-06-26 23:06:08 -04:00
Renan Gonçalves
1a89a3cb9d Exiting with 1 when Exception::getCode() returns non-integer values.
From php.net/exception.getcode
> Returns the exception code as integer in Exception but possibly as other type in Exception descendants (for example as string in PDOException).
2014-06-26 13:26:20 +02:00
José Lorenzo Rodríguez
3df972faa2 Merge pull request #3782 from cakephp/issue-3779
Whitelist more URL-y characters in digest parsing.
2014-06-24 21:56:40 +02:00
euromark
26fe1265ab Mark App::pluginPath as deprecated and don't use it anymore. 2014-06-24 11:52:29 +02:00
mark_story
b4bcd74e60 Whitelist more URL-y characters in digest parsing.
Android clients include a full URL instead of just the URI. Also handle
situations where URLencoded bytes and document fragments are used.

Refs #3779
2014-06-23 14:39:35 -04:00
mark_story
9136f63874 Fix autoLinkEmail() not working when emails are adjacent to HTML.
When an email address is adjacent to HTML it should be autolinked
correctly.

Refs #3656
2014-06-16 21:48:30 -04:00
mark_story
74d8e9ea40 Convert test to use a dataprovider instead of multiple calls.
Dataproviders are generally a bit easier to work with in the future.
2014-06-16 21:46:34 -04:00
mark_story
fa19c34580 Fix Hash::extract() not matching 1/0 to true/false.
Historically [prop=1] has matched prop=true as well. This restores that
and also fixes [prop=0] not finding falsey values.

This makes the typing less strict in Hash::extract() but I don't think
it is unreasonable given PHP's type juggling.

Refs #3288
2014-06-12 11:30:48 -04:00
mark_story
55672b6df3 Merge branch 'router-stars' from Hikkijp
Refs #3582, #3581
2014-06-02 22:38:27 -04:00
mark_story
4362f7bf8b Add tests for CakeRoute::match() and trailing * routes.
Add tests for /pages/** routes, and fix coding standards errors.

Refs #3581
2014-06-02 22:37:37 -04:00
mark_story
975e4c3af0 Allow username of 0 in basic authentication.
Refs #3624
2014-06-02 22:02:28 -04:00
mark_story
d1e4dfac47 Add tests for #3624
The username of '0' should be accepted by FormAuthenticate.

Refs #3624
2014-06-02 21:58:50 -04:00
Stefan Dickmann
91907b5c6c correct docblock
invalid certificate domain
2014-06-01 13:23:47 +02:00
mark_story
15f63e9c81 Removing peer verification failure test.
Since we are not running a domain with an invalid certificate relying on
someone else to do that is quite unreliable.
2014-05-31 21:51:03 -04:00
ADmad
543066f34a Set default sort direction to 'asc'. 2014-05-30 19:43:09 +05:30
mark_story
db86b0c050 Don't disable the entire select when disabled is array(1)
When the disabled attribute is just array(1), then the attribute should
be filtered out of select element attributes. This is kind of a hacky
workaround but changing the underlying attribute handling is going to be
pretty tricky and far more dangerous.

Fixes #3546
2014-05-23 13:26:11 -04:00
mark_story
cd68002246 Add additional test case for named parameters.
Refs #3525
2014-05-22 14:14:35 -04:00
akiyan
781430c4af Removed unnecessary conditional branch, fixed test and comment. 2014-05-22 14:08:18 -04:00
akiyan
67f256297d Fixed secure form hash for special url.
No htmlspecialchars encode and without fragment identifer.
2014-05-22 14:08:11 -04:00
mark_story
270e8774e4 Fix incorrect status line parsing in HttpSocketResponse.
Allow for multi-word status reasons.

Closes #3545
2014-05-21 21:53:18 -04:00
euromark
143e8e4c56 Make sure invalid arrays return empty array instead of throwing notices. 2014-05-14 23:53:58 +02:00
mark_story
20ef10aca2 Fix inline attachments being broken when only sending an HTML text body.
The rel boundary was closed too early causing inline images to be
incorrectly included in the email message.

Refs #3474
2014-05-14 09:42:25 -04:00
Schlaefer
bf0edd1112 fixes failing test cases in ModelTaskTest if not run in test-suite
Tests 'testSkipTablesAndAll' and 'testExecuteIntoAll' didn't took fixture
table 'core.number_tree' into account.
2014-05-14 10:34:09 +02:00
mark_story
66e733f8b1 Fix test I forgot to fix in b8fa7ce134 2014-05-13 22:12:39 -04:00
mark_story
b8fa7ce134 Fix issues where emails would have multipart/mixed when they should not.
When sending multi-part emails with no attachments we shouldn't include
the outer multipart/mixed header as it confuses Outlook and causes it to
show the email as having attachments even though there are none.

A bunch of tests need to be adjusted as the empty multipart/mixed
container has been removed.

Fixes #3474
2014-05-13 22:03:06 -04:00
mark_story
e9ecfe0936 Remove x bit on files.
PHP files should not have executable permission set.
2014-05-13 12:30:14 -04:00
Schlaefer
e10e8fcb15 fixes failing test case ValidationTest::testDecimalLocaleSet() on OS X
thousand separator isn't set in de_DE but in da_DK
2014-05-13 13:25:53 +02:00
mark_story
a34d5f733d Fix PaginatorComponent tests.
Because count() queries don't happen in many cases now, the lastQueries
index needs to shift up by one because a query isn't happening anymore.

Refs #3333
2014-05-12 22:10:27 -04:00
mark_story
89cd114e6f Merge branch 'master' into 2.5 2014-05-12 14:30:02 -04:00
José Lorenzo Rodríguez
751d2d8f2d Merge pull request #3448 from dereuromark/master-controller
Controller::referer() and local URL
2014-05-07 22:42:28 +02:00
mark_story
5469840c80 Fix incorrectly generated URL path.
Refs #3442
2014-05-07 08:52:42 -04:00
mark_story
1103ca7816 Ensure that only the path and query are used to make the hash.
While including the entire protocol, host, port, path and query would be
even better in theory, it gets complicated when proxies and load
balancers are involved.

Fixes #3442
2014-05-06 23:00:11 -04:00
mark_story
559d9d39e7 Make test names match the rest of the tests. 2014-05-06 22:13:44 -04:00
Renan Gonçalves
87683b10f1 Allowing same Authenticate object to be setup with different settings. 2014-05-06 22:10:41 +02:00
ADmad
d466e00644 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/Model/Datasource/DboSource.php
	lib/Cake/Test/Case/Model/Datasource/Database/MysqlTest.php
	lib/Cake/Utility/Folder.php
	lib/Cake/VERSION.txt
2014-05-04 14:35:36 +05:30