Commit graph

310 commits

Author SHA1 Message Date
dogmatic69
e09bf02467 Cleaning up the RequestHandlerCompoent
removing redundant code and shifting a few things around so there
are less nested ifs and making things easier to follow.

Removing some variable setting, returning function calls instead.
2012-09-14 17:19:40 +01:00
Mark Story
ec4333de29 Merge pull request #845 from dogmatic69/security-component-cleanup
You cant pass func_get_args() in PHP < 5.3
2012-09-14 08:17:11 -07:00
dogmatic69
c7faad9f78 You cant pass func_get_args() in PHP < 5.3 2012-09-14 15:29:48 +01:00
mark_story
0282194c20 Make permission denied redirects host relative.
This helps fix infinite redirect loops when HTTP_X_FORWARDED_HOST is
set, and fixes redirects back to external domains on authentication
errors.

Fixes #3207
2012-09-14 09:39:45 -04:00
dogmatic69
2c70319d27 Cleaning up the AuthComponent
Simplify if statements, return early and less variable use
2012-09-14 01:50:24 +01:00
Mark Story
51e0715001 Merge pull request #838 from dogmatic69/security-component-cleanup
cleaning up the code, removing extra variables set and un-needed else
2012-09-13 14:50:37 -07:00
dogmatic69
bf18fc4dda cleaning up the code, removing extra variables set and un-needed else 2012-09-13 22:10:57 +01:00
dogmatic69
eb98fed1e3 Cleaning up the paginator component by removing extra else statements and shifting code around. 2012-09-13 21:49:21 +01:00
Ceeram
0b0d83f261 remove cookie reading in startup 2012-09-07 00:04:03 +02:00
Kyle Robinson Young
bc40ac7d3f Remove unused variables and code 2012-09-05 17:19:13 -07:00
mark_story
6664acba79 Merge branch 'master' into 2.3
Conflicts:
	lib/Cake/VERSION.txt
2012-09-05 20:15:36 -04:00
Kyle Robinson Young
602240c08e Fix $readReceipt variable in EmailComponent::send 2012-09-05 12:49:09 -07:00
euromark
2170d87488 check() for CookieComponent and Configure (similar to CakeSession::check()) 2012-09-04 01:04:48 +02:00
mark_story
6a95b5746a Remove un-necessary parameter. 2012-08-30 14:48:13 +01:00
mark_story
19c2a58185 Fix strict errors. 2012-08-30 14:46:29 +01:00
Ceeram
f1ce3f9ae5 remove settings parameter from initialize as this is not being passed. only the constructor gets settings passed 2012-08-27 11:42:57 +02:00
Thom Seddon
f3ba2bdb7d Remove legacy test for all actions allowed (*) in startup and tidy code 2012-08-24 19:30:25 +01:00
Mark Story
fe3d99cdfc Merge pull request #775 from sitedyno/BlowfishAuthenticate
Add BlowfishAuthenticate adapter.
2012-08-23 13:16:34 -07:00
Heath Nail
d24bbcb255 Add BlowfishAuthenticate adapter. 2012-08-23 11:23:51 -04:00
mark_story
c83e941497 Merge branch 'master' into 2.3 2012-08-15 21:00:49 -04:00
mark_story
cdc70fc427 Make RequestHandlerComponent better simulate GET requests.
Modify the global state to simulate a GET request.  This avoids issues
where PUT data would be processed during simulated redirect.

Fixes #3113
2012-08-14 12:46:47 -04:00
Ceeram
21431cba64 Add viewClass map method to RequestHandler component, to map content types to viewclass. 2012-08-10 09:54:22 +02:00
Tigran Gabrielyan
617d470427 Renamed disabledActions to unlockedActions 2012-08-03 11:01:19 -07:00
Tigran Gabrielyan
df8ec17626 Added disabledActions feature to SecurityComponent 2012-08-02 18:27:52 -07:00
mark_story
d94cdc67fe Merge branch 'master' into 2.3 2012-07-27 22:38:24 -04:00
Spencer Ellinor
8a41fb0c34 Fix issue and remove unneccesary code. The (fixed) conditional doesn't do anything, since if Hash::get returns null, the function still returns null. 2012-07-25 15:09:22 -04:00
Mark Story
f77bebcc38 Merge pull request #730 from dereuromark/2.3-missing-app-uses
another correction for app uses
2012-07-21 18:50:52 -07:00
euromark
93eb8c2c58 another correction for app uses 2012-07-22 03:38:39 +02:00
mark_story
71507796c7 Add docs. 2012-07-21 21:35:45 -04:00
euromark
4fe1ab1bf6 missing app uses statements 2012-07-21 13:34:33 +02:00
Christian Winther
bce82a2322 Better custom find for pagination
Instead of shuffling the paginator settings you can now simply add a new "findType" key and it will automatically change the find() type accordingly
2012-07-19 15:57:51 +02:00
mark_story
3c6b50953b Merge branch 'master' into 2.3
Conflicts:
	lib/Cake/VERSION.txt
2012-07-18 22:12:51 -04:00
euromark
3945c0e6a8 rtim files 2012-07-18 03:55:29 +02:00
mark_story
3baaecc81c Type check before unset()
Calling unset() on string indices fails fatally on 5.3.x and lower.

Fixes #3027
2012-07-11 15:54:24 -04:00
mark_story
f528bb29ba Fix lint error. 2012-07-05 22:50:54 -04:00
Rachman Chavik
22373868bb if blackHoleCallback is set, requests _must_ get blackholed 2012-07-03 19:27:02 +07:00
Ceeram
03e2263b69 Merge branch '2.1' into 2.2 2012-06-19 18:35:36 +02:00
mark_story
f9ddc9c64c Move error disabling to the error controller. 2012-06-18 22:08:39 -04:00
mark_story
7ef83b89f5 Merge branch '2.1' into 2.2
h origin especially if it merges an updated upstream into a topic branch.
2012-06-17 20:54:59 -04:00
mark_story
fec6c1c6cb Fix security component causing black holes on error pages.
Fixes #2966
2012-06-17 20:50:00 -04:00
mark_story
8da42dfcfa Merge branch '2.1' into 2.2 2012-06-02 20:57:05 -04:00
mark_story
d1819dcabb Fix page 0 issue.
Refs #2929
2012-06-02 20:56:38 -04:00
mark_story
15a423ad70 Restrict page number passed to view.
Limit the page number to the max page number when passing data to the
view.  This prevents the helper from generating a huge number of links.

Fixes #2929
2012-06-02 20:26:09 -04:00
Mark Story
085ad0bb42 Merge pull request #672 from sitedyno/cookie-encryption-#471
Add stronger encryption, and make it available in cookiecomponent.

Fixes #471
Fixes #176
Fixes #2043
Fixes #1524
2012-05-31 17:44:49 -07:00
Ceeram
6c9b2a1fec Fix user() return value for nested data 2012-05-31 15:13:24 +02:00
Heath Nail
304d001dfb Implement rijndael optional cookie encryption. 2012-05-30 03:49:25 -04:00
Jelle Henkens
f7ce5262b7 Updating mixed @param documentation to seperate list of accepted types 2012-05-21 21:55:10 +01:00
Mark Story
37d235fa16 Merge pull request #594 from tigrang/auth-ext
Added `contain` option to AuthComponent's Authentication objects
2012-05-09 17:48:44 -07:00
Jose Lorenzo Rodriguez
bf0f5ab118 Merge remote-tracking branch 'origin/2.1' into 2.2 2012-04-29 20:05:39 -04:30
Kyle Robinson Young
b8488b8dfe Update 1.x @link in docblocks 2012-04-26 19:49:18 -07:00
mark_story
b6de177ffa Merge branch '2.1' into 2.2 2012-04-23 21:50:36 -04:00
mark_story
9e3fe633bb Remove double encoding on addresses in EmailComponent.
CakeEmail should be handling all the encoding now, duplicating it is
silly.

Fixes #2797
2012-04-23 21:41:31 -04:00
mark_story
9f9feec222 Merge branch '2.2-hash' into 2.2
Conflicts:
	lib/Cake/Test/Case/Model/Datasource/DboSourceTest.php
	lib/Cake/View/Helper/FormHelper.php
2012-04-10 21:32:37 -04:00
Ceeram
c2a8fca00c Merge branch '2.1' into 2.2
Conflicts:
	lib/Cake/Test/Case/Model/Datasource/DboSourceTest.php
2012-04-05 23:27:21 +02:00
Ceeram
223604fb0d update docblock of AclComponent 2012-04-05 13:51:00 +02:00
Tigran Gabrielyan
3c4087da4f Fixing default value of contain 2012-04-04 19:06:54 -07:00
Tigran Gabrielyan
bf628c493c Added ability for Auth login to use contain 2012-04-04 18:09:38 -07:00
mark_story
f09e5a36d2 Fix SessionComponent::id() not returning the id.
When reading the id() with SessionComponent, the session should
auto start, otherwise you could get null back. This makes the return
more consistent.

Fixes #2749
2012-04-03 13:21:52 -04:00
mark_story
475a1596b7 Merge branch '2.1' into 2.2 2012-04-01 15:37:21 -04:00
Kyle Robinson Young
319d154aee Default to loginRedirect, if set, on authError in AuthComponent
Implements #2390
Based on the patch written by @dereuromark
2012-03-27 22:51:47 -07:00
mark_story
19e0d8d946 Switch usage to Hash where possible. 2012-03-26 22:32:53 -04:00
mark_story
c58b61c17b Merge branch '2.1' into 2.2
Conflicts:
	lib/Cake/Test/Case/Model/ModelWriteTest.php
2012-03-18 21:26:45 -04:00
mark_story
6a55749e27 Fix reading multiple keys in a single request.
Fixes #2676
2012-03-15 21:45:48 -04:00
Rachman Chavik
8fdb11121e Merge branch '2.1' into 2.2 2012-03-15 20:07:26 +07:00
mark_story
f1931e43ef Add class_exists() check for view class.
Check that the view class hasn't already been mapped in the autoloader
before mapping it. This allows developers to map view classes from
plugins.

Fixes #2684
2012-03-14 20:57:11 -04:00
mark_story
4e94ebe710 Fix doc blocks. 2012-03-13 21:04:56 -04:00
Juan Basso
c754fb2dcb Updated copyright to 2012. 2012-03-12 22:46:46 -04:00
Juan Basso
3b1bd90ad6 Updated copyright to 2012. 2012-03-12 22:46:07 -04:00
Ceeram
a4952166f7 make acl methods available in permission model 2012-03-11 17:07:42 +01:00
Thomas Ploch
79cab67be7 Adding missing 'recursive' option to DigestAuthenticate object.
Used integer casting in _findUser() method for 'recursive' option.
2012-03-05 11:06:46 +01:00
mark_story
61aba0f0f8 Fix most coding standard issues in Controller. 2012-03-03 19:27:46 -05:00
euromark
22452f61f8 type hinting controllers and views 2012-02-25 19:46:06 -05:00
Mark Story
9e8152f949 Merge pull request #417 from 0x20h/php-acl
PHP config file based ACL implementation
2012-02-19 19:34:56 -08:00
Majna
0cd9a93e9e Remove unused variables and statements. 2012-02-17 21:10:43 +01:00
mark_story
6fda055a1e Move initialize logic to __construct().
Fixes #2582
2012-02-15 14:15:44 -05:00
Thomas Ploch
574b5dcd41 Merge branch '2.1' of https://github.com/cakephp/cakephp into 2.1-cookie-response 2012-02-13 09:56:39 +01:00
Jose Lorenzo Rodriguez
4f176d4284 Merge remote-tracking branch 'origin/2.0' into 2.1 2012-02-12 21:04:35 -04:30
mark_story
ad09b910ee Remove pointless comparison. 2012-02-12 10:09:25 -05:00
mark_story
2afb05b590 Merge branch '2.0' into 2.1
Conflicts:
	app/View/Pages/home.ctp
	lib/Cake/Config/config.php
	lib/Cake/Core/App.php
	lib/Cake/VERSION.txt
	lib/Cake/View/Helper/NumberHelper.php
2012-02-12 10:06:13 -05:00
mark_story
ab09229d40 Update API docs
View switching only happens for known mime types.
Refs #2565
2012-02-11 11:45:06 -05:00
mark_story
7e17da0ae8 Fix notice error when reading empty values.
When reading empty values a notice error would be triggered.
Slicing the first char off and comparing that solves this.

Fixes #2537
2012-02-11 11:33:04 -05:00
mark_story
6f914174a6 Fix issues with double / & leading/trailing /
Authorize classes should remove // and leading trailing /
Without this incorrect paths that fail to match nodes can be
generated.  This also allows settings[actionPath] to be
permissive in what it accepts.

Fixes #2563
2012-02-11 10:29:18 -05:00
Thomas Ploch
059a5f21ed Fixed TODO: Refactored setting of Cookies into CakeResponse. 2012-02-09 14:24:10 +01:00
0x20h
3abfaeecf3 Don't let every role inherit from default role. Filter empty aco paths 2012-02-05 15:30:26 +01:00
mark_story
ace9fefb02 Merge branch '2.0' into 2.1 2012-02-03 21:54:50 -05:00
mark_story
e697c68da5 Uncommented code works better. 2012-02-01 20:24:02 -05:00
mark_story
b03d7ba9b3 Fix reset() missing delivery property.
Fixes #2533
2012-02-01 20:20:14 -05:00
mark_story
a4740f02f1 Remove odd inflection.
This additional inflection isn't needed.  People can type the classname
they want.

Refs #2514
2012-01-29 13:56:53 -05:00
mark_story
e770c7a72d Split the AclComponent classes up.
Refs #2514
2012-01-29 13:54:26 -05:00
Jose Lorenzo Rodriguez
a1daaf5960 Merge branch '2.1-http' into 2.1 2012-01-21 15:51:34 -04:30
mark_story
df5d9ac3d1 Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Model/Model.php
	lib/Cake/Test/Case/Routing/RouterTest.php
2012-01-20 20:28:15 -05:00
Jose Lorenzo Rodriguez
5df2a0957f Not sending the response in beforeRender, better let Dispatcher do its work 2012-01-19 22:26:32 -04:30
mark_story
ad304e0b43 Reformat long line. 2012-01-19 21:50:51 -05:00
Stefano Zoffoli
c3b806ce8c Prevent blackhole auth error where are present multi fields 2012-01-19 17:48:39 +01:00
Jose Lorenzo Rodriguez
979f7a28b5 Fixing a couple bugs in CakeResponse::checkNotModified() and implementing conditional rendering in
RequestHandlerComponent
2012-01-19 01:08:45 -04:30
Jose Lorenzo Rodriguez
b79e0ad8f3 Moving checkModified() to CakeResponse, having it in the RequestHandler has too restrivtive 2012-01-19 01:08:45 -04:30
Jose Lorenzo Rodriguez
dffe84cfbc Implementing RequestHandler::checkNotModified() as a helper for HTTP caching 2012-01-19 01:08:44 -04:30
0x20h
4532659fed code cleanup, added some tests 2012-01-18 20:59:44 +01:00
0x20h
9838338976 docblocks 2012-01-13 23:34:35 +01:00
0x20h
bfaea78504 allow more elaborate regex rules 2012-01-13 23:29:23 +01:00