Commit graph

241 commits

Author SHA1 Message Date
Mark Story
5b46eb71ec Merge pull request #3397 from steinkel/fix-formhelper-with-model-mock
fixed FormHelper to allow create() on Mock Models without errors
2014-04-26 08:53:43 -04:00
Jorge González
5cf2ce723c fixed FormHelper to allow create() on Mock Models without errors 2014-04-26 10:33:58 +01:00
mark_story
f23d811ff5 Use the form action URL in generated form hashes.
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.

Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
euromark
0d09a54033 more missing doc block tags added 2014-04-02 03:02:37 +02:00
mark_story
f12b272758 Fix a few flaky/bad attribute matchers. 2014-03-21 22:52:52 -04:00
mark_story
ee895a8bb1 Add form attribute to hidden inputs when present.
If inputs are placed outside of the form elements the form attribute
needs to be set on the hidden inputs. Without this attribute the empty
state does not submit correctly.

Fixes #3053
2014-03-18 22:11:57 -04:00
ADmad
a707709e1d Added test for FormHelper::radio().
Tests generating radio input for field with model other than one used
in create(). Refs #2911.
2014-02-28 02:34:16 +05:30
mark_story
0776b87214 Fix postLink() & postButton() with nested data.
Flatten deeply nested array data before generating hidden inputs.
This solves 'Array to string conversion' errors.

Closes #2894
2014-02-24 21:17:31 -05:00
jalbertocr
35f152b333 Make sure a datetime instance is valid to avoid fatal errors. 2014-02-19 20:50:30 -03:00
AD7six
adc0bf3ded BC fix for checkbox ids
Revert to previous behavior for id generation of checkboxes, This commit
can be reverted for 2.5+ is desired

Fixes #2733
2014-02-03 17:57:26 +00:00
mark_story
605351d0c9 Allow empty values in checkboxes.
Allow the checkbox value attribute to be empty. This is required to make
checkboxes with a value of 0.

Fixes #2717
2014-01-30 21:12:06 -05:00
mark_story
f25e84f4fb Don't select year 0 when there are all 0's.
Year 0 is almost never a 'good' selection value and causes odd behavior
when paired with MySQL.

Fixes #2658
2014-01-15 10:23:45 -05:00
Mark Story
1cb7e4f0ff Merge pull request #1635 from dereuromark/master-dom-ids
Fix duplicate ID generation of for multiple checkboxes.
2013-12-24 07:02:38 -08:00
euromark
b392254c92 fix cs 2013-12-24 15:20:32 +01:00
mark_story
5bddc477a3 Fix incorrectly handled time values around 12:00:00
When using 12 hour formats & intervals, values around 12:00 were
incorrecly converted to midnight.

Fixes #2507
2013-12-19 17:36:27 -05:00
mark_story
30e139412d Fix input type inference when type=>checkbox
FormHelper should not infer types when the explicit type is checkbox.
Instead the provided type should be used.

Fixes #2491
2013-12-16 23:26:20 -05:00
euromark
8ebf004450 Also make DOM ids for radio element values unique. 2013-12-04 02:14:08 +01:00
euromark
587a04ab84 prevent possible XSS attack via form helper selects and unescaped output. 2013-12-04 01:51:39 +01:00
euromark
aae0f762dd Collision free approach to resolve the DOM ID issue in a clean way. Fix to generation of ids for multiple checkboxes. Resolves ticket 4064. 2013-12-04 01:30:57 +01:00
Marc Würth
7cfa0116f4 Removed "PHP 5" from file header DocBlocks
This statement does not serve a purpose anymore.
In a long forgotten world it indicated the main version number of PHP which the code in the file was compatible to.
http://pear.php.net/manual/en/standards.sample.php
But since PHP 5.1 and later this is only marginally true.
Thus I propose to remove it from CakePHP.
2013-11-13 22:58:39 +01:00
mark_story
a07608cbb9 Fix incorrect CSRF token fields when using postLink()
Creating a postLink after creating a GET form would result in the
incorrect fields being generated.

Fixes #2308
2013-11-11 21:56:55 -05:00
Bryan Crowe
c1dd0e4393 Changed url to URL where appropriate 2013-10-07 23:17:58 -04:00
ADmad
aa60b8791a Fixed setting "required" attribute for file input. Closes #4124
In general fixed the issue where enabling SECURE_SKIP for a field
skipped "required" attribute check altogether. Instead now "required"
is set to false for hidden fields by default.
2013-10-04 20:35:38 +05:30
euromark
0b45a2eca8 correct order of params 2013-09-25 22:07:52 +02:00
euromark
9844da8e99 Don't use comp. wrappers anymore. 2013-09-25 20:58:29 +02:00
euromark
2455af09c5 Resolves ticket #4100 2013-09-25 14:01:35 +02:00
euromark
382f75dbfc cs corrections, bool to boolean and int to integer. 2013-09-17 14:44:34 +02:00
mark_story
5ec9b145bf Fix label element for attributes not matching their inputs.
Radio elements would contain ModelModelFieldValue instead of
ModelFieldValue like they should. This was caused by the fix for #3936
and lack of tests for create() + radio().

Fixes #4071
2013-09-16 22:38:28 -04:00
mark_story
e3e4efba0a Add test for issue #3936
radio() method should accept an array for the label element.

Refs #3936
2013-09-05 11:04:47 -04:00
mark_story
42feb8dff6 Fix failing test.
Quote encoding in confirm handlers has changed in 2.4. Update the
relevant test.
2013-08-24 21:51:42 -04:00
mark_story
53d265cfba Merge branch 'master' into 2.4 2013-08-23 12:56:43 -04:00
mark_story
24123e2374 Add test for postLink with escape false + confirm option.
Closes #4008
2013-08-21 13:09:47 -04:00
Alexander Hofbauer
80e589f19d Correctly encode confirm handlers
With encode set to false the onclick handler will be sent through
h() regardless, making links and postLinks work again.
2013-08-13 10:11:22 +02:00
Jose Lorenzo Rodriguez
9d07fc4330 Merge branch 'master' into 2.4
Conflicts:
	lib/Cake/Console/ShellDispatcher.php
	lib/Cake/Utility/CakeNumber.php
	lib/Cake/View/Elements/sql_dump.ctp
2013-08-11 23:31:10 +02:00
José Lorenzo Rodríguez
890d4a9e2c Merge pull request #1478 from aleho/2.4
Use a protected method to generate confirm() links
2013-08-11 13:51:29 -07:00
euromark
1339a9dfe1 coding standards according to new sniffer rules 2013-08-08 01:03:21 +02:00
Mark
6c30851783 Merge pull request #1424 from dereuromark/2.4-form-helper-datetime-rounding
provide ability for rounding - closes #1986
2013-08-07 10:15:35 -07:00
Alexander Hofbauer
8601e0078a Implement a Helper method to generate confirm() links
This allows for overriding the default behavior of showing
confirm()-dialogs in Html and Form helpers.
2013-08-06 10:04:44 +02:00
ADmad
38b050a711 Merge branch 'master' into 2.4
Conflicts:
	lib/Cake/Console/Command/ConsoleShell.php
2013-08-04 19:26:55 +05:30
David Gallagher
37ab0611ae Fix whitespace 2013-07-30 11:26:49 +10:00
David Gallagher
35cc737261 Add for required fields when using only ModelValidator::add() 2013-07-30 11:11:49 +10:00
euromark
b412e2cbb1 provide ability for rounding - closes #1986 2013-07-16 15:42:08 +02:00
ADmad
d161b21ae1 Merge branch 'master' into 2.4
Conflicts:
	lib/Cake/Controller/Component/AuthComponent.php
2013-07-14 10:58:55 +05:30
euromark
a643295e4c remove @access and unnecessary $name 2013-07-08 15:50:50 +02:00
mark_story
f09693f6e8 Merge branch 'master' into 2.4 2013-06-29 23:26:26 -04:00
euromark
ee5e8c95dd fix issue with FormHelper and undefined variable and extract 2013-06-25 12:11:10 +02:00
euromark
290c343a74 tests to disprove that input date and partial dateFormat does not work 2013-06-25 11:54:29 +02:00
mark_story
dcf7df39d2 Merge branch 'master' into 2.4 2013-06-21 17:47:37 -04:00
mark_story
68db74d32d Cleanup from previous commit.
Refs #GH-1352
2013-06-19 15:06:51 -04:00
Lucas Machado
dc3f9113b0 Fix to the date input year field
Create the field if no value is informed only to the maxYear and not to
the current date.
2013-06-19 15:05:15 -04:00