adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 11:28:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
19242 commits 7 branches 0 tags 44 MiB
Commit graph

766 commits

Author SHA1 Message Date
Mark Story
3bf93b7f76
Merge pull request #11526 from cakephp/post-conditions 
Make postConditions() less permissive.
 2017-12-15 14:36:38 -05:00
mark_story
340059be15 Check model names for bad characters as well. 2017-12-13 00:01:09 -05:00
mark_story
a9618f67f7 Use a permitted list instead of a ban list. 
This should be safer as we are more confident on what is coming in.
 2017-12-13 00:01:05 -05:00
mark_story
f66dec8a96 Make postConditions() less permissive. 
We were notified by `ooooooo_q` that postConditions() is vulnerable to
SQL injection if used without SecurityComponent tampering prevention.

This change attempts to make postConditions() safer by exploding in
unsafe scenarios.
 2017-12-10 21:44:47 -05:00
db-bogdan
5695fef46f fixes #11468 2017-11-27 11:59:34 +02:00
mark_story
f788c90b3c Fix typo 2017-11-05 22:34:47 -05:00
Mark Story
b175270f62
Merge pull request #11404 from ynaderi/2.x 
- DigestAuthenticate modification for cakephp 2.X
 2017-11-05 22:34:17 -05:00
Yaser Naderi
26a683f36f - DigestAuthenticate modification for cakephp 2.X 2017-11-03 14:53:54 -04:00
saeideng
b59b64db29 replace tab with space 2017-10-21 22:44:15 +03:30
chinpei215
19bbb7da17 Simplify CookieComponent::read() 
Also, this commit fixes an issue of when the second level key is empty.
Previously, read('foo.0') returned incorrect result.
 2017-10-16 21:01:19 +09:00
chinpei215
bbea91090d Fix CookieComponent::delete() not working for deep children 2017-10-16 20:55:00 +09:00
chinpei215
959f45a6c6 Fix fatal error thrown when replacing scalar with array 
Refs #11280
 2017-10-06 13:43:32 +09:00
LustyRain
31b13edf8a Fix: phpdoc miss 
## did
- void unReturn
- miss return void
- add return type
- type miss typing
- add param type and return type
  - string → string|array
- change ClassName
 2017-10-04 00:22:42 +09:00
LustyRain
bececc421d Fix: void unreturn 2017-10-02 15:40:48 +09:00
Jeremy Harris
0558c253f6
Replaced short array syntax with longer form 2017-08-31 09:02:08 -05:00
Jeremy Harris
f9f06e68b1
Stacking messages in SessionComponent::setFlash 2017-08-30 10:06:56 -05:00
mark_story
aaa37fa809 Merge branch '2.next' of github.com:cakephp/cakephp into 2.next 2017-06-26 21:51:55 -04:00
mark_story
2032fef772 Merge branch '2.x' into 2.next 2017-06-26 21:51:41 -04:00
Mark Story
52790443e8 Merge pull request #9705 from CakeDC/feature/backport-paginate-multiple-queries 
2.next - Backport multiple paginators
 2017-06-14 21:41:13 -04:00
Mark Story
8289b367f9 Merge pull request #10698 from lucasferreira/2.next 
Cake 2.x - Some fix into Paginator component for order / sort classic sintax
 2017-06-14 00:13:00 -04:00
Marc Würth
da8414e13b Use HTTPS for the opensource.org MIT license URL 2017-06-11 00:23:22 +02:00
Marc Würth
04efc7ba50 Use HTTPS for the book.cakephp.org URL 2017-06-11 00:15:36 +02:00
Marc Würth
10b89b51a9 Use HTTPS for the cakefoundation.org URL 2017-06-11 00:10:59 +02:00
Marc Würth
17314baa15 Use HTTPS for the cakephp.org URL 2017-06-10 23:40:28 +02:00
mark_story
cf679a3233 Merge branch '2.x' into 2.next 2017-05-27 21:47:22 -04:00
Lucas Ferreira
b539161b2d - Some fix into Paginator component for order / sort classic sintax 2017-05-26 15:05:18 -03:00
Mark Story
57ddc24b35 Merge pull request #10647 from josephzidell/2.next-custom-config-dir-loc 
Add constant specifying the location of the Config dir
 2017-05-14 21:41:09 -04:00
Joe
70ead28a1d Redo commits on 2.next branch 2017-05-12 02:02:36 -04:00
chinpei215
a97bd234ee Fix _validatePost returns true when empty form is submitted 
Backport of #10625
 2017-05-06 21:59:29 +09:00
mark_story
5e35064a0b Read basic auth credentials from Authorization header 
Merge branch 'issue-9365' into 2.x

Refs #9365
 2017-04-28 21:49:47 -04:00
mark_story
275385d676 Add test covering basic auth reading from headers. 
In some FastCGI setups basic auth values will only be present in the
header. Fallback to reading that value if the PHP_AUTH super globals are
empty.

Refs #9365
 2017-04-28 21:49:27 -04:00
Nicola Beghin
09a981ba38 code style fix as requested 2017-04-23 18:44:42 +02:00
Nicola Beghin
99d02a8698 fix permission 2017-04-23 18:41:45 +02:00
Nicola Beghin
a1eb067c71 bugfix basic to Basic 2017-04-23 18:27:09 +02:00
chinpei215
31a1837c1d Merge branch '2.x' into 2.next 
Conflicts:
	lib/Cake/Test/Case/View/Helper/FlashHelperTest.php
	lib/Cake/VERSION.txt
	lib/Cake/View/Helper/FlashHelper.php
 2017-03-25 17:12:28 +09:00
Nicola Beghin
7cd9d4381a typo 2017-03-18 14:44:44 +01:00
Nicola Beghin
ca6ca9376e refactoring to avoid tampering with $_SERVER 2017-03-18 13:34:26 +01:00
mark_story
ccc9006620 Unset the active user data on logout. 
When using stateless authentication the current user should be cleared
after logout to maintain consistency with session based authentication.

Refs #10422
 2017-03-16 11:31:20 -04:00
Nicola Beghin
ff210b04d7 code style 2017-03-15 17:32:47 +01:00
Nicola Beghin
5fb1b71cb6 code style fix 2017-03-15 17:22:31 +01:00
Nicola Beghin
74f700882c local variable optimization 2017-03-15 16:27:27 +01:00
Nicola Beghin
089a0ae087 using $request->header in place of $_SERVER['HTTP_AUTHORIZATION'] 2017-03-15 15:06:39 +01:00
Nicola Beghin
a15c5c7a70 BasicAuthenticate - added check to avoid parsing if "Authorization: Bearer <token>" is in place 2017-03-15 14:08:17 +01:00
Nicola Beghin
f5795f05a5 BasicAuthenticate - code styling and strong type comparison 2017-03-15 13:59:56 +01:00
Javier Melero
ba121d8c32 Wrong return type hint in Controller::redirect #9987 2017-01-09 07:38:41 -03:00
mark_story
837741db66 Merge branch '2.x' into 2.next 2016-12-13 22:48:44 -05:00
Mark Story
9e6e08704e Merge pull request #9838 from cakephp/issue-9779 
Fix CookieComponent erroring on corrupted data.
 2016-12-05 16:44:24 -05:00
chinpei215
26731b93bf Use ternary operator 2016-12-04 21:55:29 +09:00
chinpei215
b7481096c8 Fix redirectUrl issue when loginRedirect is empty 
Fixes #9819
 2016-12-04 20:06:24 +09:00
mark_story
27f951fb41 Don't emit errors when operating on corrupted cookie data. 
When deleting from corrupted cookie data, there shouldn't be any errors.

Refs #9779
 2016-12-03 14:10:47 -05:00