Commit graph

367 commits

Author SHA1 Message Date
Yoshiyuki Kinjo
00919c5f01 Fix FormHelper::input ignoring value option.
Signed-off-by: mark_story <mark@mark-story.com>

Backport fixes from #7082 to 2.7
2015-07-22 22:00:20 -04:00
Mark Scherer
ccac3b3e06 Allow deep options for radio() just as for select(). 2015-06-16 13:23:51 +02:00
Mark Scherer
c31fcd6f39 Correct default value to false. 2015-04-21 14:32:34 +02:00
Mark Scherer
8cdf222cc0 Also fix hour() 2015-04-20 22:04:33 +02:00
Mark Scherer
a9ae7fd5bb Fix year form field when magic input wrapper is used.
s
2015-04-20 18:31:00 +02:00
mark_story
744952e344 Fix FormHelper::create() dropping 0 value parameter.
When 0 is the first passed parameter we shouldn't drop it.

Fixes #6107
2015-03-19 21:15:20 -04:00
mark_story
8dba9879d4 Don't generate maxlength properties for decimal columns.
Int casting the decimal scale isn't going to work in a number of
situations as users may end up trying to include decimal points, commas
or spaces in larger amounts.

Fixes #5977
2015-02-27 21:08:54 -05:00
mark_story
b974daac7b Don't create invalid maxlength attributes for decimal columns.
Converting the maxlength to an int avoids any commas from decimal
columns.

Refs #5832
2015-02-05 22:53:40 -05:00
Mark Story
1fee3c030e Merge pull request #5616 from cakephp/issue-5603
Fix radio buttons not being added to security hash.
2015-01-09 15:32:44 -05:00
antograssiot
c2f298a8b7 Replace our custom code fence with markdown standard fence 2015-01-09 13:47:25 +01:00
mark_story
98909fb465 Fix radio buttons not being added to security hash.
When some but not all inputs were disabled radio buttons were omitted
from the security hash. This caused blackhole failures as the input was
unexpected.

Refs #5603
2015-01-08 23:25:34 -05:00
mark_story
4d6611b328 Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/VERSION.txt
2014-12-17 21:38:32 -05:00
euromark
e1c128bb99 Consolidate with conditions sniff. 2014-12-09 03:17:35 +01:00
euromark
41c646c5a1 Simplification of return types. No need to return more mixed than necessary. 2014-11-08 20:07:47 +01:00
euromark
345a18f15f Merge branch 'master' into 2.6 2014-11-05 23:29:06 +01:00
euromark
768f2c809c Correct doc block return types. 2014-11-05 13:03:27 +01:00
mark_story
177b797aab Merge branch 'master' into 2.6 2014-10-26 21:25:05 -04:00
Jan Ptacek
797635d26b fixing testcases + do not disable the hidden input on partial disables 2014-10-25 21:05:37 +02:00
ptica
abb0c7cb9d Update FormHelper.php
disabled multiple checkbox input should not generate an enabled hidden input,
as it leads to saving empty data upon submission -> carrying the disabled attribute to the hidden input prevents this
2014-10-24 18:25:31 +02:00
euromark
03d92494f1 Fix maxlength for manual type set and add textarea maxlength support. 2014-09-13 04:03:33 +02:00
ADmad
3fb252ad2f Merge branch 'master' into 2.6 2014-09-13 00:37:16 +05:30
euromark
04ef39217f Take care of more int casts. 2014-09-10 16:29:23 +02:00
ADmad
713f430fc4 Merge branch 'master' into 2.6 2014-08-03 01:05:36 +05:30
Anthony GRASSIOT
aa42b80a4d a / an typo fixes fot API 2014-07-30 22:11:03 +02:00
ADmad
53259cb389 Deprecate $confirmMessage argument. 2014-07-10 23:31:51 +05:30
euromark
974ca851c2 Correct doc blocks according to cs guidelines.
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
849ad9a4f5 Remove dead, untested and unreachable code in FormHelper.
Closes #3650
2014-06-06 08:17:49 -04:00
ADmad
16df061d66 Fix api docblocks for View layer classes. 2014-05-30 01:23:12 +05:30
mark_story
db86b0c050 Don't disable the entire select when disabled is array(1)
When the disabled attribute is just array(1), then the attribute should
be filtered out of select element attributes. This is kind of a hacky
workaround but changing the underlying attribute handling is going to be
pretty tricky and far more dangerous.

Fixes #3546
2014-05-23 13:26:11 -04:00
akiyan
781430c4af Removed unnecessary conditional branch, fixed test and comment. 2014-05-22 14:08:18 -04:00
akiyan
67f256297d Fixed secure form hash for special url.
No htmlspecialchars encode and without fragment identifer.
2014-05-22 14:08:11 -04:00
euromark
8af76a3705 Hotfix for older baked templates regarding postLink() 2014-05-13 20:51:39 +02:00
mark_story
e9ecfe0936 Remove x bit on files.
PHP files should not have executable permission set.
2014-05-13 12:30:14 -04:00
mark_story
89cd114e6f Merge branch 'master' into 2.5 2014-05-12 14:30:02 -04:00
mark_story
51909ae738 Only parse URLs when they contain ://
Parsing incomplete URLs fails in PHP5.2.
2014-05-09 17:01:24 -04:00
mark_story
5469840c80 Fix incorrectly generated URL path.
Refs #3442
2014-05-07 08:52:42 -04:00
mark_story
1103ca7816 Ensure that only the path and query are used to make the hash.
While including the entire protocol, host, port, path and query would be
even better in theory, it gets complicated when proxies and load
balancers are involved.

Fixes #3442
2014-05-06 23:00:11 -04:00
ADmad
d466e00644 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/Model/Datasource/DboSource.php
	lib/Cake/Test/Case/Model/Datasource/Database/MysqlTest.php
	lib/Cake/Utility/Folder.php
	lib/Cake/VERSION.txt
2014-05-04 14:35:36 +05:30
mark_story
e1057e3e6b Fix FormHelper::postLink() not working when SecurityComponent is enabled.
The action attribute value was not being included in the generated hash,
so postLink() forms never worked properly.

Fixes #3418
2014-04-29 11:23:52 -04:00
euromark
7a287a6942 More coding standard corrections. 2014-04-29 14:19:33 +02:00
mark_story
cf96e9f54f Merge branch 'master' into 2.5 2014-04-26 22:04:19 -04:00
Mark Story
5b46eb71ec Merge pull request #3397 from steinkel/fix-formhelper-with-model-mock
fixed FormHelper to allow create() on Mock Models without errors
2014-04-26 08:53:43 -04:00
Jorge González
5cf2ce723c fixed FormHelper to allow create() on Mock Models without errors 2014-04-26 10:33:58 +01:00
mark_story
de0062de77 Merge branch 'master' into 2.5 2014-04-25 22:10:02 -04:00
mark_story
f23d811ff5 Use the form action URL in generated form hashes.
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.

Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
euromark
0ece694a75 microptimize options and default merge and other string key array merges 2014-04-08 01:25:14 +02:00
mark_story
afc8587949 Merge branch 'master' into 2.5 2014-03-18 22:12:14 -04:00
mark_story
ee895a8bb1 Add form attribute to hidden inputs when present.
If inputs are placed outside of the form elements the form attribute
needs to be set on the hidden inputs. Without this attribute the empty
state does not submit correctly.

Fixes #3053
2014-03-18 22:11:57 -04:00
ADmad
a0c399e374 Remove whitespace. 2014-02-26 10:40:53 +05:30
mark_story
0f584c0e8b Merge branch 'master' into 2.5 2014-02-24 21:19:17 -05:00