Commit graph

18683 commits

Author SHA1 Message Date
Nicola Beghin
5fb1b71cb6 code style fix 2017-03-15 17:22:31 +01:00
Nicola Beghin
74f700882c local variable optimization 2017-03-15 16:27:27 +01:00
Nicola Beghin
089a0ae087 using $request->header in place of $_SERVER['HTTP_AUTHORIZATION'] 2017-03-15 15:06:39 +01:00
Nicola Beghin
a15c5c7a70 BasicAuthenticate - added check to avoid parsing if "Authorization: Bearer <token>" is in place 2017-03-15 14:08:17 +01:00
Nicola Beghin
f5795f05a5 BasicAuthenticate - code styling and strong type comparison 2017-03-15 13:59:56 +01:00
Nicola Beghin
41851d60b4 fix HTTP Basic Auth on FastCGI PHP 2016-08-28 19:16:59 +02:00
Mark Story
51963ab8fc Merge pull request #9349 from cakephp/2.x-sort-locale
2.x sort locale backport
2016-08-26 11:13:21 -04:00
Mark Story
1a4631b9cd Merge pull request #9348 from ndm2/backport-9341
2.x - Backport `Folder::inPath()` changes.
2016-08-26 10:55:11 -04:00
Mark Sch
ee319baec1 Backport skip 2016-08-26 16:15:39 +02:00
mscherer
03df288e78 Re-add spacing. 2016-08-26 14:45:59 +02:00
mscherer
dab4b85596 Backport Hash::sort() support for type locale. 2016-08-26 14:32:21 +02:00
ndm2
87d86aaed9 Fix/tighten Folder::inPath() checks.
The current checks are way too relaxed, and are more like testing
for a substring, which makes it easy for invalid paths to slip
trough, for example `/foo/var/www` is falsely tested to reside in
`/var/www`.

Passing an empty path never worked properly, it was triggering a
warning, didn't worked on Windows, and the behavior that the current
top level directory would be assumed for empty paths wasn't
documented.

Similar is true for relative paths. While they did match at one point,
this was incorrect behavior, and matching actual path fragments seems
out of scope for this method.

This change makes the `$path` argument required, requires it to be an
absolute path, and throws an exception in case a non-absolute path is
being passed.
2016-08-26 13:45:45 +02:00
Mark Story
0565081db6 Merge pull request #9314 from mvdriel/add-support-for-confirm-option-to-submit-in-formhelper
Added support for confirm (message) option to submit in FormHelper
2016-08-22 09:18:30 -04:00
Mark Sch
b096005561 Fix CS 2016-08-21 20:31:45 +02:00
Mark van Driel
e3b0aca95e Removed bug fix for Helper::_confirm to keep the code compatible 2016-08-21 17:09:43 +02:00
Mark van Driel
34afc377ec Added support for confirm (message) option to submit in FormHelper 2016-08-20 12:51:13 +02:00
Mark Sch
d66011d0fa Merge pull request #9300 from ken880guchi/fix-php-doc
fix php document of File::write()
2016-08-18 20:56:38 +02:00
Kenya Yamaguchi
777e39531e fix php document of File::write() 2016-08-19 02:52:44 +09:00
José Lorenzo Rodríguez
3937a4f02e Merge pull request #9255 from cakephp/issue-9229-restore
Restore header() behavior inadvertantely removed.
2016-08-15 09:51:10 +02:00
mark_story
3e16f8911d Add tests covering basic use of <> in deleteAll()
Refs #9253
2016-08-13 22:48:02 -04:00
mark_story
a10bdb226a Document the ext/memcached version requirements.
Refs #9252
2016-08-13 19:38:31 -04:00
mark_story
bc73e928b6 Restore header() behavior inadvertantely removed.
In eaa2bbbcae I changed the behavior to
now use the TitleCased name as I didn't understand the intended behavior
or how apache was working in the reporter's specific case.

Refs #9229
2016-08-11 21:54:24 -04:00
Mark Story
5019cbddfe Merge pull request #9249 from ravage84/2.x-docblocks-superfluous
Remove superfluous "Class" from doc blocks
2016-08-10 16:22:46 -04:00
Marc Würth
f2638b3e38 Remove superfluous "Class" from doc blocks 2016-08-10 12:22:09 +02:00
mark_story
eaa2bbbcae Merge branch 'auth-header' into 2.x
Refs #9229
2016-08-09 22:07:46 -04:00
mark_story
20a2af8c16 Fix casing issues with Authorization header.
We need to check the upper case versions of headers in $_SERVER.
Also fix lint issues.
2016-08-09 22:06:49 -04:00
Mark Story
dd6191186e Merge pull request #9231 from nojimage/patch-testshell
Improve TestShell
2016-08-08 09:21:03 -04:00
nojimage
9a5d5705cd TestShell support --coverage-text option 2016-08-08 20:13:40 +09:00
nojimage
e71d83c612 TestShell passes the 'directive' option to PHPUnit correctly 2016-08-08 20:09:37 +09:00
Sebastien Barre
345375b6b6 add test 2016-08-07 23:08:55 -04:00
Sebastien Barre
acc32f5c58 Work around Apache handling the Authorization: header differently 2016-08-07 19:50:23 -04:00
mark_story
0a22058e35 Update version number to 2.8.6 2016-08-02 22:15:04 -04:00
ADmad
ba829f758f Merge pull request #9204 from cakephp/fix-api
fix api generation
2016-08-03 01:40:16 +05:30
antograssiot
6dbd5c659d fix api generation 2016-08-02 22:01:35 +02:00
Mark Story
0a38dbdd09 Merge pull request #9201 from Linnk/2.x
Consistency improvement: Type declaration of CakeEmail parameter.
2016-08-02 10:40:27 -04:00
Juan I. Benavides
60bd98a593 Consistency with other methods: Type declaration of CakeEmail parameter. 2016-08-02 02:30:43 -05:00
Mark Story
8818b9094c Merge pull request #9199 from Linnk/2.x
Avoiding circular object reference in SmptTransport
2016-08-01 19:42:16 -04:00
Juan I. Benavides
d37f88b20e Documentation and declaration of object type in method's parameter
This should make pass the phpcs check. #9199
2016-08-01 16:46:25 -05:00
Juan I. Benavides
93db51cf10 Avoiding circular object reference in SmptTransport
This fixes a memory leak while sending multiple emails.

Fixes: #9198
2016-08-01 13:09:45 -05:00
Mark Story
774af90830 Merge pull request #9180 from mvdriel/prevent-unnecessary-joins-in-delete
Prevent unnecessary joins / complex conditions in delete
2016-07-27 17:35:18 -04:00
Mark van Driel
4dc8e54131 Fixed typo 2016-07-27 20:27:15 +02:00
Mark van Driel
5caac5f340 Prevent unnecessary joins / complex conditions in delete 2016-07-27 16:31:57 +02:00
Mark Story
b17d580ec2 Merge pull request #9175 from CakeDC/issue/9174
Fix CakeSchema compare when changing field length to the default one
2016-07-26 21:56:05 -04:00
Andrej Griniuk
e7f3365d8b fix on php < 5.5 2016-07-26 23:57:14 +03:00
Andrej Griniuk
147693618c refs #9174 fix CakeSchema compare when changing field length to the default one 2016-07-26 23:39:09 +03:00
Mark Story
a73a707231 Merge pull request #9165 from mvdriel/prevent-unnecessary-joins-complex-conditions-in-delete
Prevent unnecessary joins / complex conditions in delete
2016-07-26 09:22:27 -04:00
Mark van Driel
c01525f2cc Make check more strict to respect existing queries 2016-07-26 11:25:27 +02:00
Mark van Driel
d6e45131ad Prevent unnecessary joins / complex conditions in delete 2016-07-25 17:15:18 +02:00
Mark Story
b50c06423d Merge pull request #9115 from biesbjerg/ticket-7488
Fire Controller.shutdown and Dispatcher.afterDispatch events when exceptions are thrown
2016-07-19 22:49:02 -04:00
Mark Story
ade7ff7051 Merge pull request #9138 from ravage84/patch-5
Add fix for the httpoxy vulnerability
2016-07-19 13:11:02 -04:00