Commit graph

62 commits

Author SHA1 Message Date
nate
296e8989ba Adding GET/PUT/DELETE method checks to Security component, refactoring adding tests, closes #4231. Thanks joelmoss.
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6703 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-19 19:25:49 +00:00
mariano.iglesias
ab3b90503f Fixing issue in Security component with modeless field names, fixes #4454. Thanks vuego for the test and patch!
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6685 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-17 22:51:40 +00:00
phpnut
d14b50fc92 "References #4394, additional fixes to multi record forms.
Added additional test cases"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6629 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-03 06:48:56 +00:00
phpnut
5d59938121 "Correcting code block"
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6628 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-03 02:33:41 +00:00
phpnut
f2941a660e "References #4239 Added test from ticket to showing ticket is invalid.
Fixes #4394, fails when the hasMany multi-record form contains hidden fields.
"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6627 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-03 02:29:17 +00:00
phpnut
c5f06674fa "Fixes #4394, SecurityComponent::!__validatePost fails on hasMany multi-record form.
"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6618 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-02 06:08:55 +00:00
phpnut
ecfd70052d "Fixes #4353, SecurityComponent's requireLogin not working if URL spelled different than defined action name
Was not able to reproduce this on local system running php 5, more then likely this is a php 4 issue and not php 5 like ticket suggests.
"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6588 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-03-17 02:28:04 +00:00
phpnut
5374807164 "Fixes #3846, Security blackhole when no radio selected
Fixes #3920, Multiple select w/ checkboxes issues warning when all are unselected
Fixes #3962, validation POST never pass when select multiple is submit
"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6546 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-03-10 00:25:59 +00:00
phpnut
aa32649c02 "Closes #2608, CSRF usability problems
Closes #3436, Security Component and multiple instances of the webapp"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6301 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-01-02 00:38:35 +00:00
phpnut
cb53dc61b0 "Closes #2897, Built-in file validation.
Implemented Validation::extension(); and Vaidation::range();
Updated copyright notices in all files"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6296 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-01-01 22:18:17 +00:00
phpnut
0644112ca9 "Closes #3560, edit form use PUT so SecurityComponent::validatePost() don't call on submit"
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6259 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-12-25 10:49:29 +00:00
phpnut
8a2b51c3ec "Removing all shortcut function usage from the core"
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6128 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-12-08 06:08:03 +00:00
nate
43ed8db5ea Cleaning up test cases
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5946 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-11-04 18:57:23 +00:00
mariano.iglesias
cd4ae338cc Adding documentation for RequestHandlerComponent, SecurityComponent, and SessionComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5870 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-22 21:22:35 +00:00
mariano.iglesias
897825d596 Adding documentation to classes belonging to Cake console.
Standarizing on datatypes used in phpdocblocs and removing unneeded @return types

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5851 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-22 05:52:20 +00:00
phpnut
1aa1164b1d Closes #3394, applied test patch
Deprecated define('MAX_MD5SIZE', (5 * 1024) * 1024); in core.php
Removing additional defines in core.php, replaced with Configure::write();
Added CakeSession::__startSession() to check for sent headers before attempting to start the session.
Added notices to Configure::__loadBootstrap() that will be removed before stable release.
Refactored Folder::tree().
Added additional FolderTest cases

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5768 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-16 09:05:25 +00:00
nate
61c06ae94a Refactoring AuthComponent and implementing digest authentication in SecurityComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5745 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-09 21:00:32 +00:00
phpnut
348e31530a Fixing blackHole when form has more than one model with check boxes
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5742 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-09 18:47:32 +00:00
phpnut
8a90658771 Fixed undefined notice caused in [5739]
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5740 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-09 18:06:10 +00:00
phpnut
2806a2fb61 Fixing multiple checkboxes causing blackHole of forms
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5739 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-09 18:02:17 +00:00
phpnut
47e8b36c92 Adding fix for hidden fields causing blackHole on forms when using SecurityComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5720 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-04 18:27:35 +00:00
phpnut
34a88741bf Fixing sorting of fields used in a form when using the SecurityComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5696 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-09-27 00:38:03 +00:00
phpnut
15e943fff8 Fixes #3164, removed use of uniqid() replaced with String::uuid()
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5683 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-09-21 01:57:27 +00:00
phpnut
3a4b960520 Fixes #2966, soring of fields corrected
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5661 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-09-16 20:09:09 +00:00
phpnut
549d86ac23 Refactoring dispatcher.
Added test for changes to Dispatcher.
Updating Model::_ _saveMulti(), moved the insert statement to DboSource::insertMulti() this will allow database that do not support multiple inserts in one statement to save data.


git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5460 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-07-25 04:38:28 +00:00
nate
8f69b6f551 Moving SecurityComponent constructor code to initialize()
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5451 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-07-22 21:21:08 +00:00
phpnut
82ba2fa716 Fixing bug when using Security component and a form has a hidden field, similar to those use by FormHelper::checkbox()
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5333 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-22 06:19:19 +00:00
phpnut
dac1bd0913 Correcting code structure to standards
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5315 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-20 07:51:52 +00:00
phpnut
23dfd90b29 Correcting code structure to standards
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5313 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-20 06:15:35 +00:00
phpnut
902c6fa173 Adding fix for Ticket #2773, fixes Security Component requireAuth
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5306 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-20 03:10:15 +00:00
phpnut
32c092ecff Adding fix for Ticket #2798, fixes Hidden field causes undefined Index warning in Security Component
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5305 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-20 02:42:17 +00:00
phpnut
3ed6780ac4 Adding fix for #2648, fixes issue with token not being regenerated
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5251 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-06 17:28:32 +00:00
phpnut
52680ffcd3 Adding fix for FormHelper::checkbox() not creating the hidden fields.
Corrected errors when multiple hidden fields used in a form.
Fixed SecurityComponent::_ _validatePost() that would invalidate a form when checkboxes used.


git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5238 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-04 06:11:48 +00:00
phpnut
552d723bad Adding fix to SecurityComponent::_ _validatePost()
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5150 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-21 20:20:55 +00:00
phpnut
7fb6896ab6 Adding fix for #2611, fixes App crashes when using requestAction with Security Component enabled
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5143 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-21 04:34:37 +00:00
phpnut
8be685504e Adding ability to disable specific form data fields from being added to the validation key.
Example of using this would be javascript that changes hidden fields, adding additional fields added using javascript, etc.
This is set in a Controller::beforeFilter().
Example usage:
{{{
$this->Security->disabledFields = array('fieldname', 'additional fields');
$this->Security->disabledFields = array('Model.fieldname', 'OtherModel.fieldname');
}}}

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4978 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-02 02:31:06 +00:00
phpnut
874f06a165 Adding fix for forms that pass an empty value for a hidden field
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4976 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 17:42:09 +00:00
phpnut
7982208113 Reverting changes in last commit
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4975 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 15:17:27 +00:00
nate
154e3ccbb1 Refactoring FormHelper token generation
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4974 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 15:03:35 +00:00
phpnut
29511659a2 Refactoring SecurityComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4972 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 13:09:35 +00:00
phpnut
3f86d27fd7 Fixing typo
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4971 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 10:36:27 +00:00
phpnut
d1701327f8 Adding hidden field values to hash. This will prevent altering of hidden fields in a form when using the FormHelper and adding the var $components = array('Security'); to a controller or the AppController to use by all child controllers
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4969 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 10:13:01 +00:00
phpnut
57023720e6 Adding form security enhancements.
Forcing checking of Session form token if security component is used.
Enhancement will not allow a form to be submitted if the fields in the form created with the FormHelper do not match the fields in the submitted form.

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4968 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 08:56:02 +00:00
nate
bb8c52dac0 Fixing display of core error messages
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4877 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-04-18 16:39:11 +00:00
nate
994cfd3c89 Fixing token key regeneration on requestAction calls (Ticket #2282)
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4682 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-03-26 18:13:52 +00:00
phpnut
a8a91e35be Correcting all headers in the files
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4407 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-02-02 10:39:45 +00:00
phpnut
4f1c5ef386 Wrapping all core messages in translation function
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4129 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-12-22 22:49:47 +00:00
nate
403ff35bdb Refactoring code and updating docblocks in Security and RequestHandler components
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4075 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-12-06 20:37:12 +00:00
nate
33d07d0af9 Refactoring RequestHandler, and updating docblocks for RequestHandler and Security components
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4048 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-12-01 23:51:43 +00:00
phpnut
881dc728cf Adding missing doc comments.
Updated use of Controller::persistModel; Lazy Loading of models now work when this is set to true.
Fixed Scaffold to work with Controller::persistModel = true;

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4003 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-11-28 06:25:11 +00:00