Commit graph

7743 commits

Author SHA1 Message Date
Koji Tanaka
61f608abc7
Fix typo 2018-02-25 16:52:34 +09:00
mark_story
8744e53d0e Update version number to 2.10.8 2018-02-24 22:32:53 -05:00
Mark Story
e0e4a3b0d6
Merge pull request #11643 from chinpei215/2.x-make-mcrypt-optional
[2.x] Make mcrypt optional
2018-02-25 01:57:10 +00:00
chinpei215
a6b0271560 Remove Security::engine()
We disscussed and decided to avoid auto selecting which extension to use.
Instead, call Configure::write('Security.useOpenSsl', true) manually.
2018-02-24 12:17:51 +09:00
Val Bancer
1b11fa7a7a
Constructs the default fixture manager if 'fixtureManager' parameter is an empty string. 2018-02-05 16:07:33 +01:00
Mark Sch
df9c7fd96e
Merge pull request #11616 from cakephp/issue-11186
Fix missing field identifier quoting for COUNT(DISTINCT in SQLServer.
2018-02-05 14:48:22 +01:00
mark_story
5816143493 Fix usage of non-existant property.
Use the declared `_result` property instead. I would normally add
a test, but getting to this path requires a query to fail which is not
simple to simulate in the test harness.

Fixes #11615
2018-02-04 11:48:31 -05:00
mark_story
5d9a3cb2ba Fix phpcs error. 2018-01-24 21:17:52 -05:00
David Yell
bcae20029c Fixed the PHPCS warnings 2018-01-24 10:33:45 +00:00
David Yell
230066a14b Added a test case for the helper with no params. Relates to #11658 2018-01-24 10:13:56 +00:00
mark_story
41e3bd82d8 Update version number to 2.10.7 2018-01-20 18:55:27 -05:00
chinpei215
fc397bd481 Pass MCRYPT_DEV_URANDOM to mcrypt_create_iv() explicitly 2018-01-20 00:25:35 +09:00
chinpei215
5289aae64e Change Security::randomBytes() to fallback to mcrypt_create_iv() 2018-01-19 23:54:58 +09:00
chinpei215
d7ed0339b1 Make mcrypt optional
Now Security::encrypt() and Security::decrypt() works with openssl
if the mcrypt extension is unavailable.
Note that Security::rijndael() doesn't work with openssl.
2018-01-19 23:54:53 +09:00
Koji Tanaka
2a14e65b43 Fixed: use $var === null instead of is_null($var) 2018-01-19 13:39:35 +09:00
Koji Tanaka
d3d0501414 Uncountable null convert to array(), revert ControllerTask::bake() signature for backward compatibility. 2018-01-18 15:25:41 +09:00
Koji Tanaka
e1897a8498 Pass PaginatorComponentTest::testPaginateExtraParams() 2018-01-17 23:27:20 +09:00
Koji Tanaka
7099c9d513 Fix Multibyte::strtolower() 2018-01-17 23:02:13 +09:00
Koji Tanaka
aa14c68497 Fix some count() Error in PHP 7.2 2018-01-17 03:35:00 +09:00
Koji Tanaka
f4315d8ba4 When the PHP version is 7.2 or higher ini_set('session.save_handler', 'user') can't be executed, so delete. 2018-01-17 02:30:04 +09:00
Koji Tanaka
701519c637 Execute CakeSession::destroy() on a tearDown with implicit use session test 2018-01-16 00:47:34 +09:00
mark_story
45695b6b5c Fix missing field identifier quoting for COUNT(DISTINCT in SQLServer.
Refs #11186
2018-01-09 17:01:00 -05:00
Mark Story
ab272b09c7
Merge pull request #11581 from bancer/issue-11131-long-cache-key
Hash group cache keys to prevent key overflows in some cache engines
2018-01-06 22:05:39 -05:00
Mark Story
83928f9d74
Merge pull request #11590 from cakephp/issue-11588
Buffer contents of HtmlReporter.
2017-12-31 21:13:28 -05:00
Koji Tanaka
400d45f56c fix code style 2017-12-31 17:05:26 +09:00
Koji Tanaka
74a8611eef [2.x]Fix can't load aliased component on ControllerTestCase 2017-12-31 15:44:05 +09:00
mark_story
d2c4bf2bb2 Buffer contents of HtmlReporter.
Collect HTML output into a buffer so we can provide compatibility across
PHPUnit 3.x and 4.x

Refs #11588
2017-12-30 23:47:11 -05:00
Val Bancer
0f51c75157
replaced vsprintf to implode 2017-12-28 16:15:14 +01:00
Val Bancer
7ae84e3d5d
Makes the cache key shorter by using md5() 2017-12-28 10:02:35 +01:00
mark_story
51206d7358 Update version number to 2.10.6 2017-12-18 21:15:48 -05:00
Mark Story
3bf93b7f76
Merge pull request #11526 from cakephp/post-conditions
Make postConditions() less permissive.
2017-12-15 14:36:38 -05:00
mark_story
340059be15 Check model names for bad characters as well. 2017-12-13 00:01:09 -05:00
mark_story
a9618f67f7 Use a permitted list instead of a ban list.
This should be safer as we are more confident on what is coming in.
2017-12-13 00:01:05 -05:00
Koji Tanaka
fba7f1c617
Fix Phpdoc for CakeObject::log() 2017-12-12 20:00:21 +09:00
mark_story
f66dec8a96 Make postConditions() less permissive.
We were notified by `ooooooo_q` that postConditions() is vulnerable to
SQL injection if used without SecurityComponent tampering prevention.

This change attempts to make postConditions() safer by exploding in
unsafe scenarios.
2017-12-10 21:44:47 -05:00
chinpei215
6ad30946d8 Fix CS 2017-12-04 23:31:32 +09:00
chinpei215
9f65402d2c Fix CakeRequest::referer(true) returning scheme-relative URLs
Backport of #11503 (and #8795)
2017-12-04 21:18:27 +09:00
dereuromark
eaf7454628 Clarify migration path to 3.x 2017-11-29 19:57:01 +01:00
Mark Story
abec95d3ea
Merge pull request #11469 from db-bogdan/issue11468
fixes #11468 sending user data on basic auth in API environment
2017-11-28 21:52:59 -05:00
chinpei215
4ae9f13dfd Fix 'order' not working with a single expressions 2017-11-29 00:17:57 +09:00
db-bogdan
e824346cca extra fix 2017-11-28 11:43:55 +02:00
db-bogdan
94e06dfeb3 add unit test 2017-11-28 11:31:46 +02:00
db-bogdan
5695fef46f fixes #11468 2017-11-27 11:59:34 +02:00
Mischa ter Smitten
d7b9e55e98 Fix indent 2017-11-23 14:12:13 +01:00
Mischa ter Smitten
05954ff405 Consistency changes 2017-11-23 10:09:25 +01:00
Mischa ter Smitten
4faac8e09a Improved readability 2017-11-23 10:06:14 +01:00
Mischa ter Smitten
bc1678cf2a Add option to make _validAgentAndTime 3.x compatible 2017-11-23 10:02:38 +01:00
Val Bancer
a2cc9843e4
added missing ob_end_flush() call 2017-11-21 15:20:14 +01:00
mark_story
10fcd7633d Update version number to 2.10.5 2017-11-20 21:09:55 -05:00
mark_story
f788c90b3c Fix typo 2017-11-05 22:34:47 -05:00