Commit graph

17056 commits

Author SHA1 Message Date
Mark Story
5ebed62134 Merge pull request #3959 from chinpei215/master-issue3857-fix
Fix a race condition problem

Fixes #3857
2014-07-13 22:03:06 -04:00
chinpei215
ca93bbcd15 Fix CS 2014-07-14 01:21:09 +09:00
chinpei215
ace30fdd8a Fix a race condition problem
Prevents Model::save() from generating a query with WHERE 1 = 1 on race condition.

Refs #3857
2014-07-12 23:27:39 +09:00
mark_story
03c2a8b722 Unify datetime column default values between MySQL and Postgres.
Datetime columns should have 'default' => null, in both Postgres and
MySQL.

Fixes #3837
2014-07-11 23:10:16 -04:00
mark_story
a098d96c94 Remove flaky test that was of questionable value. 2014-07-10 14:39:20 -04:00
Mark Story
5af65f3a28 Merge pull request #3927 from chinpei215/master-h-opt
A micro optimization of h()
2014-07-10 12:30:03 -04:00
chinpei215
1a58b76e42 A micro optimization of h()
In most cases, the first argument of h() will be a string.
2014-07-10 20:53:10 +09:00
Mark
106d4ef12e Merge pull request #3925 from davidyell/patch-1
Update Model.php
2014-07-10 12:49:30 +02:00
David Yell
79be5e6805 Update Model.php
Fixed the case on the link to the book, to match the anchor in the page.
2014-07-10 10:46:48 +01:00
Mark Story
77455e6eae Merge pull request #3913 from chinpei215/master-exception-renderer-fix
Fix an infinite recursion caused by missing plugin
2014-07-09 08:58:37 -04:00
chinpei215
0c1fc36b14 Fix an infinite recursion caused by missing plugin
When a MissingPluginException has caught when rendering an exception,
we should disable the plugin as needed to prevent an infinite recursion.
2014-07-09 15:55:41 +09:00
mark_story
b3dfad614a Correct pattern matching.
Instead of 10 digits, it should limit at 10 groups.

Refs 1988e89e73
2014-07-06 09:42:20 -04:00
Mark Story
1aa7331b0d Merge pull request #3888 from Schlaefer/fix-#3887-reusableCsrfExpires
fixes #3887 CSRF reusable token expires
2014-07-06 09:05:38 -04:00
Schlaefer
1e961a8aac increases time window in CSRF token expiry tests to 2 seconds
travis-cs failed with 1 second margin
2014-07-06 13:54:24 +02:00
Schlaefer
9fa7afa354 fixes #3887 CSRF reusable token expires 2014-07-06 10:39:00 +02:00
José Lorenzo Rodríguez
396725dc8c Merge pull request #3880 from markstory/incorrect-validation
Fix issues with Validation::inList() and SecurityComponent
2014-07-05 14:41:15 +02:00
euromark
009138b326 Fix CS 2014-07-05 13:49:50 +02:00
Mark Story
eb485f82b8 Merge pull request #3878 from ceeram/optimize
minor optimisation, refs comments on 81875cfeb1b8e5c414cf9de3c96dd2dde50...
2014-07-04 13:11:17 -04:00
Ceeram
a266a9493d minor optimisation, refs comments on 81875cfeb1 2014-07-04 17:25:41 +02:00
ADmad
1eccec02e4 Merge pull request #3872 from CostaC/response-sharable-fix
Fix for CakeResponse::sharable() header to include private caches
2014-07-04 10:32:51 +05:30
mark_story
3936cce4b8 Disallow hexadecimal input with inList.
Instead of turning on/off strict mode based on the user supplied input,
cast everything to strings and always use a strict check. This avoids
the potential issue of a bad user using hexadecimal when they should not
be allowed to do so. Thanks to 'Kurita Takashi' for pointing this out.
2014-07-03 22:10:49 -04:00
mark_story
1988e89e73 Add an upper bound to the POST data SecurityComponent will consider.
'Kurita Takashi' has let us know that the previous patterns could be
abused by an evil doer. One could potentially send a very large deeply
nested POST data structure. Matching that structure could overflow the
PCRE limits causing a segmentation fault. Adding an upper bound will
solve the problem and I doubt anyone is doing POST data structures with
more than 10 levels of nesting.
2014-07-03 22:02:00 -04:00
mark_story
765be87d88 Overwrite the schemaName property if it is not defined in the class.
If a model class does not define a schemaName we should use the
datasource's schemaName. We can assume that people using schemaName want
to lock the model onto a specific schema given the changes in #3210

Fixes #3720
2014-07-03 21:53:54 -04:00
Costa Caruso
8bfebd64fb Fix for failing test "Whitespace found at end of line" 2014-07-03 15:45:03 -04:00
Costa Caruso
4f559f5cc9 Fixed failing test for CakeResponse::sharable + spacing 2014-07-03 15:03:48 -04:00
Mark Story
fb15fb6001 Merge pull request #3866 from dereuromark/master-cs-guidelines
Correct doc blocks according to cs guidelines
2014-07-03 11:10:23 -04:00
euromark
974ca851c2 Correct doc blocks according to cs guidelines.
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
65d14c7e97 Remove mention of Role/default as it doesn't exist.
The default role merging was removed in
3abfaeecf3 and shouldn't be mentioned in
the docs.

Fixes #3871
2014-07-03 09:10:20 -04:00
mark_story
3a06e1f638 Update code examples to be consistent with other docs. 2014-07-03 09:09:25 -04:00
mark_story
cee56eaef7 Make PHPCS build passing again. 2014-07-02 23:38:49 -04:00
mark_story
33a5b6e451 Fix additional missing API doc tags. 2014-07-02 23:38:34 -04:00
Costa Caruso
1164c0bcad Fix for CakeResponse::sharable() header to include private caches 2014-07-02 17:34:09 -04:00
Mark Story
2c53bc8a1b Merge pull request #3838 from cakephp/revert-3646-no-truncate-fixture
Revert "No truncate when drop table."

Not truncating tables when they are created causes a number of 
issues in ControllerTestCases as indicated by the comments in #3646 post merge.
2014-07-01 22:02:57 -04:00
Mark Story
2577ca92a8 Merge pull request #3840 from cakephp/issue-3742-relax-email
Relax email validation rules even more.

Fixes #3742
2014-06-30 14:55:15 -04:00
mark_story
adcf9ab723 Fix failing test.
CakeEmail now has a default validation pattern.

Refs #3742
2014-06-30 13:29:39 -04:00
mark_story
dc34d80f6f Relax email validation rules even more.
While filter_var() allows a number of email addresses that
Validation::email() does not, it misses out of email address that
contain IDN host names, and unicode mailboxes. Both of these are
generally deliverable, and should be permitted. filter_var() also fails
on local mailboxes like `root@localhost` which is useful in the context
of cron jobs.

Fixes #3742
2014-06-30 10:42:37 -04:00
Mark
1686edf016 Revert "No truncate when drop table." 2014-06-30 14:14:20 +02:00
Mark Story
a966f089d2 Merge pull request #3832 from ADmad/2.5-inflector
Add pluralization rule for "stadia" to uninflected list.
2014-06-29 09:34:09 -04:00
ADmad
607200fa7b Add pluralization rule for "stadia".
Refs #3830
2014-06-29 14:51:23 +05:30
ADmad
153f530a01 Merge pull request #3829 from cakephp/api-doc-fixes
API doc fixes
2014-06-29 11:51:41 +05:30
mark_story
48c799812e Tidy up and simplify travis.yml file. 2014-06-28 21:23:23 -04:00
mark_story
91721244a4 Fix more doc block errors in lib/ 2014-06-27 22:58:34 -04:00
Bryan Crowe
a1ae31e554 Fix identifier typos 2014-06-26 23:06:08 -04:00
euromark
73dcb2cb91 cs correction 2014-06-26 14:22:34 +02:00
José Lorenzo Rodríguez
8e9c85ef61 Merge pull request #3809 from renan/2.5-non-integer-exception-code
Exiting with 1 when Exception::getCode() returns non-integer values.
2014-06-26 14:09:26 +02:00
Renan Gonçalves
1a89a3cb9d Exiting with 1 when Exception::getCode() returns non-integer values.
From php.net/exception.getcode
> Returns the exception code as integer in Exception but possibly as other type in Exception descendants (for example as string in PDOException).
2014-06-26 13:26:20 +02:00
Mark Story
e8ee25f40d Merge pull request #3792 from dereuromark/master-docblocks
Update doc blocks regarding return $this
2014-06-24 23:39:44 -04:00
euromark
b3507b199a Update doc blocks regarding return $this 2014-06-25 00:06:51 +02:00
José Lorenzo Rodríguez
bf33e1cf57 Merge pull request #3761 from aka-toxa/master
improving acl perfomance
2014-06-24 21:58:30 +02:00
José Lorenzo Rodríguez
3df972faa2 Merge pull request #3782 from cakephp/issue-3779
Whitelist more URL-y characters in digest parsing.
2014-06-24 21:56:40 +02:00