When the disabled attribute is just array(1), then the attribute should
be filtered out of select element attributes. This is kind of a hacky
workaround but changing the underlying attribute handling is going to be
pretty tricky and far more dangerous.
Fixes#3546
When sending multi-part emails with no attachments we shouldn't include
the outer multipart/mixed header as it confuses Outlook and causes it to
show the email as having attachments even though there are none.
A bunch of tests need to be adjusted as the empty multipart/mixed
container has been removed.
Fixes#3474
Because count() queries don't happen in many cases now, the lastQueries
index needs to shift up by one because a query isn't happening anymore.
Refs #3333
While including the entire protocol, host, port, path and query would be
even better in theory, it gets complicated when proxies and load
balancers are involved.
Fixes#3442
Sqlserver::describe is expecting a model object (Unlike other drivers which work with either a object or string). While this does work under normal conditions, it causes a "Trying to get property of non-object" notice when using fixtures. The same problem also causes the testLimitOffsetHack test to fail.
This change does a simple test to ensure that the $model variable is an object before trying to access a property of it. All SqlServer tests are now passing.
Not sure why this was here, but constructors shouldn't return a value. Nothing in the docs says that a controller's implementation of appError should return a value either. So I figure this was a mistake.
@deprecated is flagging the function element as deprecated in all IDE's that support phpDOC tags. There is no phpDoc tag to deprecate a function parameter.
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.
Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
Paths containing `..` are generally up to no good. Throw an exception,
as developers can use realpath() if they really need to get relative
paths.
Fixes#3370
I get a load of these errors when running tests in the shell, this check stops the errors from happening
Warning: 2 :: fclose() expects parameter 1 to be resource, integer given on line 298 of CORE\Cake\Console\ConsoleOutput.php
Trace:
fclose - [internal], line ??
ConsoleOutput::__destruct() - CORE\Cake\Console\ConsoleOutput.php, line 298
ToolbarComponent::_saveState() - APP\Plugin\DebugKit\Controller\Component\ToolbarComponent.php, line 307
ToolbarComponent::beforeRedirect() - APP\Plugin\DebugKit\Controller\Component\ToolbarComponent.php, line 307
ObjectCollection::trigger() - CORE\Cake\Utility\ObjectCollection.php, line 132
call_user_func - [internal], line ??
CakeEventManager::dispatch() - CORE\Cake\Event\CakeEventManager.php, line 247
Controller::redirect() - CORE\Cake\Controller\Controller.php, line 765
AuthComponent::_unauthenticated() - CORE\Cake\Controller\Component\AuthComponent.php, line 364
AuthComponent::startup() - CORE\Cake\Controller\Component\AuthComponent.php, line 304
ObjectCollection::trigger() - CORE\Cake\Utility\ObjectCollection.php, line 132
call_user_func - [internal], line ??
CakeEventManager::dispatch() - CORE\Cake\Event\CakeEventManager.php, line 247
Controller::startupProcess() - CORE\Cake\Controller\Controller.php, line 675
Dispatcher::_invoke() - CORE\Cake\Routing\Dispatcher.php, line 182
Dispatcher::dispatch() - CORE\Cake\Routing\Dispatcher.php, line 160
While the had the potential to make 404s going through AssetDispatcher
much faster, they broke plugins + extension routing. While explicit
extensions could be fixed, routing all extensions could not. Because we
are trying to keep 2.x as API compatible as possible it makes sense to
revert the previous changes.
Fixes an error in #2750 where routed extensions would always return
404's for plugin requests. When a file extenion could be handled by
router, AssetDispatcher cannot 404 the request.
Refs #3305
When using comparison with a boolean, as the filter is a string, we have to convert the data boolean to "boolean string" to avoid type-casting troubles.
## Example
```php
$users = [
[
'id' => 2,
'username' => 'johndoe',
'active' => true
],
[ 'id' => 5,
'username' => 'kevin',
'active' => true
],
[
'id' => 9,
'username' => 'samantha',
'active' => false
],
];
$unactiveUsers = Hash::extract($users, '{n}[active=false]');
print_r($unactiveUsers);
```
This example returns the two unwanted active users because `"false"` is `true` but not `false` :)
I think this pull request will fix this issue by converting true/false boolean to string (to match with our filter).
