Mark Story
3bf93b7f76
Merge pull request #11526 from cakephp/post-conditions
...
Make postConditions() less permissive.
2017-12-15 14:36:38 -05:00
mark_story
340059be15
Check model names for bad characters as well.
2017-12-13 00:01:09 -05:00
mark_story
a9618f67f7
Use a permitted list instead of a ban list.
...
This should be safer as we are more confident on what is coming in.
2017-12-13 00:01:05 -05:00
Koji Tanaka
fba7f1c617
Fix Phpdoc for CakeObject::log()
2017-12-12 20:00:21 +09:00
mark_story
f66dec8a96
Make postConditions() less permissive.
...
We were notified by `ooooooo_q` that postConditions() is vulnerable to
SQL injection if used without SecurityComponent tampering prevention.
This change attempts to make postConditions() safer by exploding in
unsafe scenarios.
2017-12-10 21:44:47 -05:00
chinpei215
6ad30946d8
Fix CS
2017-12-04 23:31:32 +09:00
chinpei215
9f65402d2c
Fix CakeRequest::referer(true) returning scheme-relative URLs
...
Backport of #11503 (and #8795 )
2017-12-04 21:18:27 +09:00
dereuromark
eaf7454628
Clarify migration path to 3.x
2017-11-29 19:57:01 +01:00
Mark Story
abec95d3ea
Merge pull request #11469 from db-bogdan/issue11468
...
fixes #11468 sending user data on basic auth in API environment
2017-11-28 21:52:59 -05:00
chinpei215
4ae9f13dfd
Fix 'order' not working with a single expressions
2017-11-29 00:17:57 +09:00
db-bogdan
e824346cca
extra fix
2017-11-28 11:43:55 +02:00
db-bogdan
94e06dfeb3
add unit test
2017-11-28 11:31:46 +02:00
db-bogdan
5695fef46f
fixes #11468
2017-11-27 11:59:34 +02:00
Mischa ter Smitten
d7b9e55e98
Fix indent
2017-11-23 14:12:13 +01:00
Mischa ter Smitten
05954ff405
Consistency changes
2017-11-23 10:09:25 +01:00
Mischa ter Smitten
4faac8e09a
Improved readability
2017-11-23 10:06:14 +01:00
Mischa ter Smitten
bc1678cf2a
Add option to make _validAgentAndTime
3.x compatible
2017-11-23 10:02:38 +01:00
Val Bancer
a2cc9843e4
added missing ob_end_flush() call
2017-11-21 15:20:14 +01:00
mark_story
10fcd7633d
Update version number to 2.10.5
2017-11-20 21:09:55 -05:00
mark_story
f788c90b3c
Fix typo
2017-11-05 22:34:47 -05:00
Mark Story
b175270f62
Merge pull request #11404 from ynaderi/2.x
...
- DigestAuthenticate modification for cakephp 2.X
2017-11-05 22:34:17 -05:00
Yaser Naderi
26a683f36f
- DigestAuthenticate modification for cakephp 2.X
2017-11-03 14:53:54 -04:00
Milan van As
7de5ae4438
Force email domain lookups to work in fallback case.
2017-10-25 08:45:57 +02:00
saeideng
b59b64db29
replace tab with space
2017-10-21 22:44:15 +03:30
mark_story
549c181926
Update version number to 2.10.4
2017-10-18 21:54:49 -04:00
chinpei215
19bbb7da17
Simplify CookieComponent::read()
...
Also, this commit fixes an issue of when the second level key is empty.
Previously, read('foo.0') returned incorrect result.
2017-10-16 21:01:19 +09:00
chinpei215
bbea91090d
Fix CookieComponent::delete() not working for deep children
2017-10-16 20:55:00 +09:00
mark_story
e85f489c1f
Add test for #11284
2017-10-13 21:55:56 -04:00
Mark Story
d3a4ce1216
Merge pull request #11284 from kolorafa/patch-1
...
msSQL - also handle offset as string
2017-10-13 21:55:21 -04:00
Mark Story
fb44035177
Merge pull request #11299 from tenkoma/2.x-fix-cc-number-jcb-pattern
...
[2.x]Fix Credit card number pattern(JCB) is wrong
2017-10-08 10:09:19 -04:00
Koji Tanaka
7d2d902b57
[2.x]Fix Credit card number pattern(JCB) is wrong
2017-10-08 16:15:10 +09:00
Mark Story
e889535e41
Merge pull request #11288 from mensler/session-without-cookies-2.x
...
Check for session.use_trans_sid and session ID in URL when cookies are disabled (2.x)
2017-10-07 12:17:30 -04:00
Clemens Weiß
61eddc6bde
Fixed formatting
2017-10-07 11:11:45 +02:00
Mark Story
a71cad0420
Merge pull request #11283 from chinpei215/2.x-cookie-component-1
...
[2.x] Fix fatal error thrown when replacing scalar with array
2017-10-06 16:45:38 -04:00
Clemens Weiß
7f64ea37f9
Restored formatting
2017-10-06 17:11:09 +02:00
Clemens Weiß
5d5e791a31
Check for session.use_trans_sid and session ID in URL in case cookies are disabled (backport of cakephp/cakephp#10828 for 2.x)
2017-10-06 17:04:53 +02:00
chinpei215
deac8f9109
Backport #7080 , #8233 and #11060
2017-10-06 22:02:37 +09:00
chinpei215
ccf634e5f3
Docblock update
2017-10-06 21:59:48 +09:00
chinpei215
959f45a6c6
Fix fatal error thrown when replacing scalar with array
...
Refs #11280
2017-10-06 13:43:32 +09:00
kolorafa
22d2564de9
msSQL - also handle offset as string
...
When doing pagination you could get offset not as a int(eg. 10) but string(eg. "10") and it will not paginate at all.
For example DataTables plugin pass offset from params and all params from http request are strings wrapped in numbers.
Adding ctype_digit($offset) will also check the case.
2017-10-05 11:45:33 +02:00
LustyRain
e1e5a292f2
Fix: revert return
2017-10-05 00:09:51 +09:00
LustyRain
0f00d73c70
Fix delete space, restored return
2017-10-04 21:02:48 +09:00
LustyRain
1f09318724
Fix delete space, restored return
2017-10-04 20:40:57 +09:00
LustyRain
8bb07c0fd7
Fix called twice
2017-10-04 11:39:31 +09:00
LustyRain
31b13edf8a
Fix: phpdoc miss
...
## did
- void unReturn
- miss return void
- add return type
- type miss typing
- add param type and return type
- string → string|array
- change ClassName
2017-10-04 00:22:42 +09:00
LustyRain
bececc421d
Fix: void unreturn
2017-10-02 15:40:48 +09:00
Ionut-Mihai Burlacu
31ed2d5dfb
Test Case
2017-09-22 11:45:38 +03:00
Ionut-Mihai Burlacu
5540569fcc
Test Case
2017-09-22 11:39:39 +03:00
Ionut-Mihai Burlacu
3bc55f6341
Fixes #11221
2017-09-21 14:33:10 +03:00
mark_story
c3a612aa94
Update version number to 2.10.3
2017-09-17 22:12:29 -04:00
LustyRain
715dca8701
fixed basic.php
...
The return value is incorrect
2017-09-15 11:42:54 +09:00
Jeremy Harris
0558c253f6
Replaced short array syntax with longer form
2017-08-31 09:02:08 -05:00
Jeremy Harris
f9f06e68b1
Stacking messages in SessionComponent::setFlash
2017-08-30 10:06:56 -05:00
mark_story
81d824077a
Update version number to 2.10.2
2017-08-29 21:19:36 -04:00
Jeremy Harris
2e75f12a4f
Fixed SessionHelper not handling stacked messages
2017-08-22 10:06:37 -05:00
Mike Fellows
0b658697f2
Sqlserver DboSource does not allow the persistent option to be true.
...
This is backported from CakePHP 3. The SQL Server PHP PDO driver does not
support the PDO::ATTR_PERSISTENT attribute. So throw an exception if the
'persistent' option is set in the database config. Also removes that
option from the Sqlserver base config.
2017-08-16 11:23:42 -07:00
Mark Story
12a2909e71
Merge pull request #11000 from bancer/truncate-performance-2
...
Improved performance of CakeFixtureManager.
2017-08-11 21:48:01 -04:00
mark_story
be534eacef
Fix hiddenField option not working for radio.
...
The hiddenField option was not working as documented for radio buttons.
Instead of using the provided value, the hidden input's value was
hardcoded to ''
Refs #11002
2017-08-08 22:02:07 -04:00
Luis Cano
1e5ea2451a
Fixes "Whitespace found at end of line"
2017-08-08 14:42:57 -04:00
Luis Cano
3307665cbb
Fixed syntax to work with PHP5.3
2017-08-08 14:28:11 -04:00
Luis Cano
9f175f22f4
Abiding to code standards
2017-08-08 12:59:33 -04:00
Luis Cano
90f14bc07b
fixes cakephp/cakephp#11016
2017-08-08 12:28:57 -04:00
mark_story
95e0a21439
Update version number to 2.10.1
2017-08-07 21:21:35 -04:00
Val Bancer
d91059460b
Improved performance of CakeFixtureManager.
2017-08-05 22:15:10 +02:00
bclay
8f92a87558
remove extra whitespace
2017-08-04 09:22:16 -04:00
bclay
38161917eb
Address CakeEmail regression when data is defined with no mimetype
2017-08-03 17:00:58 -04:00
mark_story
7c2ad08da5
Clean up formatting.
...
Refs #10912
2017-08-03 13:17:05 -04:00
Val Bancer
746bb4619e
Merge pull request #2 from cakephp/2.x
...
2.x to phpunit-5.7
2017-08-03 02:10:37 +02:00
Val Bancer
ac227f35a7
Merge pull request #1 from cakephp/2.x
...
2.x to phpunit-5.7
2017-07-28 09:18:37 +02:00
Mark Story
cd6fba1361
Revert "Takes into account the current recursive value in deleteAll()."
2017-07-24 00:09:01 -04:00
mark_story
fef1029f98
Update version number to 2.10.0
2017-07-22 15:06:53 -04:00
mark_story
aa6770fa45
Merge branch '2.x' into 2.next
2017-07-22 14:59:41 -04:00
Mark Story
314a2c0c4f
Merge pull request #10863 from bancer/paginator-i18n-not
...
Pagination 'NOT' notation fails with i18n
2017-07-22 13:33:43 -04:00
Koji Tanaka
7e50fc9ee6
Add test for shell unknown option
2017-07-21 00:46:02 +09:00
Val Bancer
5e92034ad8
improved code style
2017-07-18 22:31:28 +02:00
Koji Tanaka
65841081e9
2.x Console: Display error message when unknown option is specified
2017-07-18 00:27:39 +09:00
Val Bancer
15f0fe31b1
Fixed PHPUnit 5.7 warnings
2017-07-16 16:02:31 +02:00
Val Bancer
7ba52d0c53
Fixed code style.
2017-07-16 00:27:20 +02:00
Val Bancer
93696b65e4
Fixed indefinite loop in getMock().
2017-07-16 00:09:36 +02:00
Val Bancer
eefd3ac847
adapter for the getMock() depricated in phpunit
2017-07-15 23:23:14 +02:00
Val Bancer
d1c3cca924
makes the test more stable
2017-07-12 20:42:06 +02:00
Val Bancer
d71bc4acae
Fixed code style
2017-07-12 01:00:33 +02:00
Val Bancer
5cc0d7a5cf
Some tests refactored. Skipped non-compartible tests in MySQL
...
ONLY_FULL_GROUP_BY mode.
2017-07-12 00:46:02 +02:00
mark_story
0d68007e5c
Revert changes in 2290b612f8
...
I think they broke the builds in our CI environments.
Refs #10894
2017-07-11 10:01:08 -04:00
Val Bancer
2290b612f8
set order in HABTM in unit tests to make it stable in mysql 5.7
2017-07-11 00:14:08 +02:00
Val Bancer
d72c2d7e0e
fixed code style, skipped pgsql and sqlite incompartible tests
2017-07-09 20:05:53 +02:00
Val Bancer
794ce22f37
fixed unit tests and docs
2017-07-09 19:24:51 +02:00
Val Bancer
f0bbcb3ffc
fixed parsing of conditions with 'NOT' in TranslateBehavior
2017-07-08 16:51:32 +02:00
Val Bancer
3440615323
Refactroing in TranslateBehavior. Some code was moved to protected
...
methods, simplified the coditions.
2017-07-07 01:20:09 +02:00
Val Bancer
d9f2117436
more unit tests
2017-07-07 00:41:04 +02:00
Val Bancer
76ab1f4537
more unit tests
2017-07-06 00:03:00 +02:00
Val Bancer
85e0ebd7fd
more unit tests added
2017-07-05 23:22:58 +02:00
Val Bancer
50334679d6
added a unit test
2017-07-05 22:40:41 +02:00
Val Bancer
31fd4217b1
more PaginatorComponent unit tests
2017-07-04 23:01:17 +02:00
mark_story
32f6b96060
Fix formatting.
2017-07-02 11:06:39 -04:00
Kurre Ståhlberg
4ec195f9c8
Fix error when default value is reported as CURRENT_TIMESTAMP() with parenthesis
2017-06-27 11:46:51 +03:00
mark_story
fb42b15ce8
Update version number to 2.10.0-RC1
2017-06-26 22:02:00 -04:00
mark_story
aaa37fa809
Merge branch '2.next' of github.com:cakephp/cakephp into 2.next
2017-06-26 21:51:55 -04:00
mark_story
2032fef772
Merge branch '2.x' into 2.next
2017-06-26 21:51:41 -04:00
Mark Story
8cd930d19e
Merge pull request #10764 from bancer/translate-inner-joins
...
Add left join support in TranslateBehavior
2017-06-26 21:40:42 -04:00
Val Bancer
5b37d42f97
joinType moved from $settings to $runtime
2017-06-26 23:02:06 +02:00
Mark Story
2b8447dc5b
Merge pull request #10766 from cakephp/issue-10763
...
Fix encoding of addreses contain comma & unicode
2017-06-16 21:37:54 -04:00
Mark Story
05d30a6f05
Merge pull request #10749 from ikuwow/2.next-fix-broken-cookie
...
Fix broken cookie issue
2017-06-15 21:15:13 -04:00
Mark Story
52790443e8
Merge pull request #9705 from CakeDC/feature/backport-paginate-multiple-queries
...
2.next - Backport multiple paginators
2017-06-14 21:41:13 -04:00
mark_story
c4766d667b
Fix PHPCS error.
2017-06-14 09:38:06 -04:00
Mark Story
8289b367f9
Merge pull request #10698 from lucasferreira/2.next
...
Cake 2.x - Some fix into Paginator component for order / sort classic sintax
2017-06-14 00:13:00 -04:00
Val Bancer
0bfb19f126
left join support in TranslateBehavior
2017-06-12 21:41:35 +02:00
mark_story
738b20a19b
Fix encoding of addreses containin comma & unicode
...
Email addresses that contain both unicode and commas will not be
correctly encoded by mime_encode_header if the comma precedes the
unicode. In this scenario we have to quote the encoded address.
Refs #10763
2017-06-12 10:58:44 -04:00
Marc Würth
a99f60fb75
Revert URl change in test
2017-06-11 01:11:32 +02:00
Marc Würth
1ce2389069
Fix broken tests
2017-06-11 01:02:49 +02:00
Marc Würth
4dfae7ad7a
Use HTTPS for other URLs
2017-06-11 00:50:09 +02:00
Marc Würth
88aadf3804
Use HTTPS for the www.cakephp.org URL
...
Do not change those in tests.
2017-06-11 00:43:06 +02:00
Marc Würth
deee18c96e
Use HTTPS for the community.cakephp.org URL
2017-06-11 00:30:48 +02:00
Marc Würth
d5aa04e39d
Use HTTPS for the plugins.cakephp.org URL
2017-06-11 00:28:44 +02:00
Marc Würth
d03a682eeb
Use HTTPS for the bakery.cakephp.org URL
2017-06-11 00:27:59 +02:00
Marc Würth
98f31dd791
Use HTTPS for the api.cakephp.org URL
2017-06-11 00:26:56 +02:00
Marc Würth
da8414e13b
Use HTTPS for the opensource.org MIT license URL
2017-06-11 00:23:22 +02:00
Marc Würth
04efc7ba50
Use HTTPS for the book.cakephp.org URL
2017-06-11 00:15:36 +02:00
Marc Würth
10b89b51a9
Use HTTPS for the cakefoundation.org URL
2017-06-11 00:10:59 +02:00
Marc Würth
17314baa15
Use HTTPS for the cakephp.org URL
2017-06-10 23:40:28 +02:00
mark_story
f4ea6ca644
Don't use default in test.
...
It likely doesn't exist.
2017-06-10 17:35:45 -04:00
mark_story
ef45d24134
Fix tests that failed because of CONFIG dir change.
2017-06-10 17:31:29 -04:00
Ikuo Degawa
655a5fe0ae
Fix broken cookie issue #10724
...
This change makes Security::cipher() encoding and decoding same as 2.7 and below.
2017-06-10 15:20:25 +09:00
Mischa ter Smitten
377aa2aa74
Drop short array syntax for PHP < 5.4
2017-06-08 20:31:34 +02:00
Mischa ter Smitten
ddbdf170e6
Fix discrepancy in Model::field when Model::id is null
...
When using ClassRegistry::init for instance
2017-06-08 20:22:29 +02:00
Val Bancer
2677cf4053
Takes into account the current recursive value in deleteAll().
2017-06-07 23:38:12 +02:00
Lucas Ferreira
3258199193
Remove personal comments for pull request
2017-05-31 08:33:41 -03:00
mark_story
cf679a3233
Merge branch '2.x' into 2.next
2017-05-27 21:47:22 -04:00
Lucas Ferreira
ee1980b8f5
- Tests for array order syntax fix
2017-05-26 18:36:50 -03:00
Lucas Ferreira
b539161b2d
- Some fix into Paginator component for order / sort classic sintax
2017-05-26 15:05:18 -03:00
Henrik Gemal
3f0fb07122
fix
2017-05-26 15:39:06 +02:00
Henrik Gemal
04e5fdc9b2
add polish locale
2017-05-26 11:11:10 +02:00
mark_story
bfd2d21d78
Update version number to 2.9.9
2017-05-25 21:15:23 -04:00
Marc Würth
bef0c766b6
Add inline type hint annotations
...
Improves the experience when debugging in an IDE
2017-05-16 13:24:25 +02:00
Mark Story
57ddc24b35
Merge pull request #10647 from josephzidell/2.next-custom-config-dir-loc
...
Add constant specifying the location of the Config dir
2017-05-14 21:41:09 -04:00
Joe
70ead28a1d
Redo commits on 2.next branch
2017-05-12 02:02:36 -04:00
Mark Story
88a804f552
Merge pull request #10497 from swordbeta/2.next-update-phpunit
...
Make test suite compatible with PHPUnit 5.
2017-05-08 09:44:04 -04:00
chinpei215
a97bd234ee
Fix _validatePost returns true when empty form is submitted
...
Backport of #10625
2017-05-06 21:59:29 +09:00
mark_story
5e35064a0b
Read basic auth credentials from Authorization header
...
Merge branch 'issue-9365' into 2.x
Refs #9365
2017-04-28 21:49:47 -04:00
mark_story
275385d676
Add test covering basic auth reading from headers.
...
In some FastCGI setups basic auth values will only be present in the
header. Fallback to reading that value if the PHP_AUTH super globals are
empty.
Refs #9365
2017-04-28 21:49:27 -04:00
Nicola Beghin
09a981ba38
code style fix as requested
2017-04-23 18:44:42 +02:00
Nicola Beghin
99d02a8698
fix permission
2017-04-23 18:41:45 +02:00
Nicola Beghin
a1eb067c71
bugfix basic to Basic
2017-04-23 18:27:09 +02:00
mark_story
043b320358
Update version number to 2.9.8
2017-04-21 21:26:39 -04:00
Mark Story
eb937e3c79
Merge pull request #10557 from ndm2/2.x-fix-controller-test-case-base-incompatibility
...
2.x - Fix query string data in URL arrays not being passed anymore (#10517 follow-up)
2017-04-18 20:01:38 -04:00
ndm2
efb3474420
Fix query string data in URL arrays not being passed anymore.
...
refs #10555 , #10517 , #5473
2017-04-18 20:54:34 +02:00
mark_story
ea05b04193
Add additional test for -0.0
...
In PHP5 `-0.0` doesn't work. Include the other way of making -0 for
PHP5.
Refs #10521
2017-04-16 23:00:31 -04:00
mark_story
9007a7fe58
Fix notBlank() to pass on -0.0
...
Copy the implementation from 3.x as it works with -0.0 already.
Refs #10521
2017-04-16 09:57:36 -04:00
ndm2
d9059b6d3b
Fix array_intersect_key()
argument order, the source comes first.
2017-04-15 21:27:29 +02:00
ndm2
7d74818d9a
Fix ControllerTestCase::testAction()
incompatibility with App.base
.
...
When using array URLs with `testAction()`, the generated URL possibly
contains the configured `App.base` path, which needs to be stripped when
set on the request object, as otherwise routes cannot be matched
correctly.
When passing the URL as an option to the `CakeRequest` constructor, the
it will be set as-is, unlike when the URL is being generated by
`CakeRequest::_url()`, which grabs the URL from the environment, and
strips the possible base path.
2017-04-13 14:15:32 +02:00