adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 11:28:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
17416 commits 7 branches 0 tags 44 MiB
Commit graph

79 commits

Author SHA1 Message Date
Marc Würth
67ba9cb406 Update all @deprecated annotations 
to adhere to the @deprecated <version> <description> format, where version and description are mandatory.
 2014-09-02 17:03:22 +02:00
mark_story
b3dfad614a Correct pattern matching. 
Instead of 10 digits, it should limit at 10 groups.

Refs 1988e89e73
 2014-07-06 09:42:20 -04:00
Schlaefer
9fa7afa354 fixes #3887 CSRF reusable token expires 2014-07-06 10:39:00 +02:00
mark_story
1988e89e73 Add an upper bound to the POST data SecurityComponent will consider. 
'Kurita Takashi' has let us know that the previous patterns could be
abused by an evil doer. One could potentially send a very large deeply
nested POST data structure. Matching that structure could overflow the
PCRE limits causing a segmentation fault. Adding an upper bound will
solve the problem and I doubt anyone is doing POST data structures with
more than 10 levels of nesting.
 2014-07-03 22:02:00 -04:00
euromark
974ca851c2 Correct doc blocks according to cs guidelines. 
Remove superfluous empty lines.
 2014-07-03 15:36:42 +02:00
euromark
bd074e7dc7 Stricter string comparisons. 2014-04-29 12:05:47 +02:00
mark_story
f23d811ff5 Use the form action URL in generated form hashes. 
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.

Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
 2014-04-25 22:05:58 -04:00
Marc Würth
7cfa0116f4 Removed "PHP 5" from file header DocBlocks 
This statement does not serve a purpose anymore.
In a long forgotten world it indicated the main version number of PHP which the code in the file was compatible to.
http://pear.php.net/manual/en/standards.sample.php
But since PHP 5.1 and later this is only marginally true.
Thus I propose to remove it from CakePHP.
 2013-11-13 22:58:39 +01:00
euromark
ee0ed3a43a coding standards 2013-10-13 18:18:24 +02:00
euromark
a796b26f13 fix renderLayout and update deprecated and outdated code 2013-09-13 00:09:31 +02:00
Simon Males
0adef209e3 Camel case SecurityComponent::blackHole() method call 2013-08-02 12:07:33 +08:00
Marc Würth
4c9f0414cb Improved the DocBlocks and other code cleanup 
Fixed @license tag, url comes first
Whitespace and other minor code cleanup
Added some docblocks
 2013-05-31 00:11:19 +02:00
mark_story
fee6172958 Update docs for SecurityComponent::requireAuth() 2013-02-09 14:06:24 -05:00
mark_story
e4110b1e01 Deprecate features in SecurityComponent 
These features are available in CakeRequest now. The CakeRequest
version is improved as it raises more appropriate exceptions.
 2013-02-09 13:57:55 -05:00
Graham Weldon
66d856d883 Added extra line for referencing license file for copyright 2013-02-08 21:22:51 +09:00
Graham Weldon
7b860debe4 This commit is dedicated to Mark Story, who has put in much dedicated time and effort into CakePHP over the years. 
I just wanted to ruin his evening, because this change needs to be merged into CakePHP 3.0.
 2013-02-08 20:59:49 +09:00
mark_story
4c98e39c1f Merge branch 'master' into 2.3 
Conflicts:
	lib/Cake/Controller/Component/SecurityComponent.php
 2012-12-29 11:44:59 -05:00
mark_story
1117ad2f1c Blackhole requests when the action is the blackhole callback. 
When a user requests the blackhole callback as an action we should
blackhole that request. The blackhole callback should not be URL
accessible.

Fixes #3496
 2012-12-29 11:43:06 -05:00
euromark
b811afbc44 double spaces to single ones 2012-12-22 23:48:15 +01:00
dogmatic69
641ba9f3e6 Merge branch '2.3' into type-checks 
Conflicts:
	lib/Cake/Error/ExceptionRenderer.php
	lib/Cake/Routing/Dispatcher.php
 2012-10-24 19:03:44 +01:00
mark_story
f457f07b5c Force field validation to use sha1 
When using blowfish as your application's hashing strategy, form field
validation would fail horribly.  Forcing sha1 fixes this and restores
behavior consistent with 2.2.x

Fixes #3280
 2012-10-18 21:26:26 -04:00
Adam Taylor
4090c2e932 Remove trailing whitespace from comments 
See http://groups.google.com/d/topic/cakephp-core/fuHTYMKVJno/discussion
 2012-10-15 18:19:37 -06:00
dogmatic69
408e619c9f Merge branch '2.3' into type-checks 
Conflicts:
	lib/Cake/Console/Command/Task/ModelTask.php
	lib/Cake/Controller/Component/RequestHandlerComponent.php
	lib/Cake/Model/Datasource/Database/Mysql.php
	lib/Cake/Utility/CakeNumber.php
 2012-10-01 02:08:00 +01:00
euromark
213d4caa85 coding standards 2012-09-20 01:50:15 +02:00
dogmatic69
cf8fccae96 converting $foo == null / $foo == false to !$foo 2012-09-14 18:26:30 +01:00
dogmatic69
c7faad9f78 You cant pass func_get_args() in PHP < 5.3 2012-09-14 15:29:48 +01:00
dogmatic69
bf18fc4dda cleaning up the code, removing extra variables set and un-needed else 2012-09-13 22:10:57 +01:00
Tigran Gabrielyan
617d470427 Renamed disabledActions to unlockedActions 2012-08-03 11:01:19 -07:00
Tigran Gabrielyan
df8ec17626 Added disabledActions feature to SecurityComponent 2012-08-02 18:27:52 -07:00
mark_story
3c6b50953b Merge branch 'master' into 2.3 
Conflicts:
	lib/Cake/VERSION.txt
 2012-07-18 22:12:51 -04:00
euromark
3945c0e6a8 rtim files 2012-07-18 03:55:29 +02:00
mark_story
3baaecc81c Type check before unset() 
Calling unset() on string indices fails fatally on 5.3.x and lower.

Fixes #3027
 2012-07-11 15:54:24 -04:00
mark_story
f528bb29ba Fix lint error. 2012-07-05 22:50:54 -04:00
Rachman Chavik
22373868bb if blackHoleCallback is set, requests _must_ get blackholed 2012-07-03 19:27:02 +07:00
Ceeram
03e2263b69 Merge branch '2.1' into 2.2 2012-06-19 18:35:36 +02:00
mark_story
f9ddc9c64c Move error disabling to the error controller. 2012-06-18 22:08:39 -04:00
mark_story
7ef83b89f5 Merge branch '2.1' into 2.2 
h origin especially if it merges an updated upstream into a topic branch.
 2012-06-17 20:54:59 -04:00
mark_story
fec6c1c6cb Fix security component causing black holes on error pages. 
Fixes #2966
 2012-06-17 20:50:00 -04:00
mark_story
19e0d8d946 Switch usage to Hash where possible. 2012-03-26 22:32:53 -04:00
Juan Basso
c754fb2dcb Updated copyright to 2012. 2012-03-12 22:46:46 -04:00
Juan Basso
3b1bd90ad6 Updated copyright to 2012. 2012-03-12 22:46:07 -04:00
mark_story
61aba0f0f8 Fix most coding standard issues in Controller. 2012-03-03 19:27:46 -05:00
euromark
22452f61f8 type hinting controllers and views 2012-02-25 19:46:06 -05:00
Majna
0cd9a93e9e Remove unused variables and statements. 2012-02-17 21:10:43 +01:00
mark_story
df5d9ac3d1 Merge branch '2.0' into 2.1 
Conflicts:
	lib/Cake/Model/Model.php
	lib/Cake/Test/Case/Routing/RouterTest.php
 2012-01-20 20:28:15 -05:00
mark_story
ad304e0b43 Reformat long line. 2012-01-19 21:50:51 -05:00
Stefano Zoffoli
c3b806ce8c Prevent blackhole auth error where are present multi fields 2012-01-19 17:48:39 +01:00
mark_story
2e8498e166 Merge branch '2.0' into 2.1 
Conflicts:
	lib/Cake/Model/Datasource/Database/Postgres.php
	lib/Cake/Test/Case/Console/TaskCollectionTest.php
	lib/Cake/Test/Case/Model/ModelIntegrationTest.php
	lib/Cake/Test/Case/Utility/ClassRegistryTest.php
	lib/Cake/Utility/ClassRegistry.php
 2011-12-11 22:51:40 -05:00
Kyle Robinson Young
c836ba08a3 Add/move docblocks to make text available in the API docs 2011-12-08 07:35:02 -08:00
mark_story
545694d84b Fix undefined variable error. 2011-12-06 12:35:18 -05:00