Commit graph

7811 commits

Author SHA1 Message Date
chinpei215
c5ad005475 Add return description 2017-03-02 20:34:28 +09:00
mark_story
03e7fa0710 Update version number to 2.9.6 2017-02-28 22:27:17 -05:00
kanonji
3978f87c58 Stringify values to avoid trap of in_array() type juggling 2017-02-28 03:33:50 +09:00
Mark Story
beff1176b0 Merge pull request #10213 from cakephp/issue-10196
Allow false/true to be read as keys in Hash::get().
2017-02-20 11:54:17 -05:00
Mischa ter Smitten
2304ca379a PHPDoc fixes
Found with Phan
2017-02-17 16:59:35 +01:00
Marcin Stramek
5c1f60baba #10230 - Extend available TLS encrypt methods in CakeSocket - formatting 2017-02-15 10:28:06 +01:00
Marcin Stramek
6b17567ea7 #10230 - Extend available TLS encrypt methods in CakeSocket 2017-02-15 10:25:00 +01:00
mark_story
84a15dc9df Fix short-array usage. 2017-02-14 14:12:38 -05:00
mark_story
34158407b2 Exit early if SMTP connection fails.
If the SMTP connection is disconnected (read() returns false) we should
exit early and not wait for the read timeout. This has the added benefit
of making the mocks much simpler.

Refs #10221
2017-02-13 22:37:44 -05:00
mark_story
3f10a0227a Allow false/true to be read as keys in Hash::get().
While these are not values within the documented types, there exist use
cases in CakeSession that necessitate these to be supported types.

Refs #10196
2017-02-13 21:50:51 -05:00
Livia Scapin
f7360266f0 Fix invalid return value hint 2017-02-08 13:48:22 +01:00
chinpei215
e18029064c Split tests of buildStatement() 2017-02-05 21:27:06 +09:00
chinpei215
abd7a257fe Fix mysql test 2017-02-03 21:13:51 +09:00
chinpei215
923b73a7ba Add support for having/lock options 2017-02-03 17:51:22 +09:00
chinpei215
7944f512ad Fix ModelTaskTest for tests passing 2017-01-30 03:22:50 +09:00
Mischa ter Smitten
043858d9e6 Fixed typo 2017-01-30 03:22:49 +09:00
Mischa ter Smitten
6818268a27 New Validation::(min|max)ByteLength() addition 2017-01-30 03:22:48 +09:00
Mischa ter Smitten
259972a785 Fix for incorrect @return phpdoccomment 2017-01-27 10:33:49 +01:00
Val Bancer
eb00f9aa7d fixed code style 2017-01-26 23:52:14 +01:00
Val Bancer
0c8e3f1977 fixed unit tests 2017-01-26 23:39:47 +01:00
Val Bancer
0bf49966db fixed unit test 2017-01-26 22:39:38 +01:00
Val Bancer
e0b0da86bf fixed unit tests 2017-01-26 22:21:09 +01:00
Val Bancer
ebde8fdfb5 implemented Router::reverseToArray() 2017-01-26 21:52:26 +01:00
Cory Thompson
e1fac3bf5b Fix whitespace 2017-01-24 21:51:54 +11:00
Cory Thompson
55324c0b2a Allow SQL json selects without defining table name 2017-01-24 20:54:07 +11:00
Cory Thompson
990d0a962f Allow database JSON operations in conditions 2017-01-24 19:33:12 +11:00
Cory Thompson
82a64a3729 Merge remote-tracking branch 'doublemap/exclude-column-trailing-hyphen' into ticket-8872 2017-01-24 19:25:24 +11:00
mark_story
7de6cf0aa5 Update version number to 2.9.5 2017-01-23 20:47:14 -05:00
Henrik Gemal
95e0820d62 add ru-ru 2017-01-21 19:58:50 +01:00
Markus Bauer
9b13381b0a Fix error messages if PHP's mail() function fails 2017-01-17 19:42:57 +01:00
mark_story
273a8a2d7d Add support for the parseHuge option.
Sometimes people need to load huge XML files. Add an option to enable
people to enable this flag.

Refs #10031
2017-01-13 21:26:54 -05:00
Javier Melero
ba121d8c32 Wrong return type hint in Controller::redirect #9987 2017-01-09 07:38:41 -03:00
Mark Story
d40b39f18b Merge pull request #9970 from cakephp/issue-9962
Fix query string parsing on requestAction()
2017-01-06 13:47:42 -05:00
chinpei215
94d9bcd674 Fix FlashHelper::render() cannot render default messages
Fixes #9910
2017-01-05 19:00:52 +09:00
mark_story
304117d228 Fix query string parsing on requestAction()
This also fixes a long standing oddity around string URLs that include
a query string where the query string data would be duplicated.

Refs #9962
2017-01-04 22:34:19 -05:00
mark_story
cceeb34d1d Fix docblock formatting. 2017-01-03 11:01:41 -05:00
mark_story
1a8f2202c0 Merge branch '2.x' into 2.next 2017-01-03 11:01:04 -05:00
mark_story
e01f5989af Use array conditions for joins.
Use array style conditions instead of using lower-level DboSource API
methods to create safe SQL.

Refs #9927
2016-12-28 23:18:30 -05:00
mark_story
95cafaec3b Update version number to 2.9.4 2016-12-23 13:27:15 -05:00
Shunsuke Takahashi
3f38318802 Updating doc for options prepend 2016-12-21 19:08:32 +09:00
Shunsuke Takahashi
e19a7b2594 Check for options parameter is array 2016-12-21 18:33:58 +09:00
Shunsuke Takahashi
6f5b16b31f Allow the prepend the addCrumb method 2016-12-21 16:34:35 +09:00
mark_story
53bcc1550f Fix PHPCS error. 2016-12-13 22:50:07 -05:00
mark_story
4c3e9356ba Merge branch '2.next' of github.com:cakephp/cakephp into 2.next 2016-12-13 22:48:57 -05:00
mark_story
837741db66 Merge branch '2.x' into 2.next 2016-12-13 22:48:44 -05:00
mark_story
99af4bba83 Merge branch 'domingues-2x' into 2.x
Refs #9870
2016-12-13 22:48:12 -05:00
mark_story
3c44ddd10b Add tests for #9870 2016-12-13 22:47:57 -05:00
Mark Story
4a4c83c3e9 Merge pull request #9859 from cakephp/debugger-encoding
2.x - Debugger encoding
2016-12-13 19:26:52 -05:00
domingues
4d77cb059d Fix a bug in Xml::fromArray()
When creating from an array with elements like this: `[ "a" => [ 0 ] ]` or `[ "a" => [ '0' ] ]` it fails and produces XML like this `<a/>` instant of `<a>0</a>`.

The problem is that in PHP `empty('0')` is true, so an exception to this case is needed.
2016-12-13 16:16:12 +00:00
mark_story
ee7739a3bf Try another approach to get the same error in all php versions. 2016-12-13 00:46:13 -05:00
mark_story
69afeb08af Skip error encoding test in PHP5.3
Index errors work funny in PHP5.3, which makes testing them not work
like other versions of PHP.
2016-12-12 21:28:20 -05:00
chinpei215
21502db34a Fix TreeBehavior does access property/method via model 2016-12-13 07:15:48 +09:00
mark_story
edfda47cf4 Fix missing HTML encoding in Debugger
Fix missing HTML encoding when error messages contain HTML. This can
happen when user data is used as an offset in an array in an unchecked
way.

Thanks to Teppei Fukuda for reporting this issue via the responsible
security disclosure process.
2016-12-10 08:47:13 -05:00
Mark Story
420336f536 Merge pull request #9843 from cakephp/php71
Add PHP7.1 to test matrix.
2016-12-07 21:40:54 -05:00
mark_story
12cdc247ac Fix PHPCS errors. 2016-12-07 00:38:55 -05:00
mark_story
0a2a400ea4 Fix type error tests to work in PHP5 & PHP7.1
Catch the TypeErrors that are raised and make the match the PHP5
behavior of a converted error.
2016-12-06 21:21:52 -05:00
Mark Story
9e6e08704e Merge pull request #9838 from cakephp/issue-9779
Fix CookieComponent erroring on corrupted data.
2016-12-05 16:44:24 -05:00
mark_story
e3221b1c38 Fix errors in php7.1
* The constructor of errors has changed in PHP 7.1
* mcrypt is no longer available in PHP 7.1 by default.
2016-12-05 16:14:33 -05:00
chinpei215
26731b93bf Use ternary operator 2016-12-04 21:55:29 +09:00
chinpei215
b7481096c8 Fix redirectUrl issue when loginRedirect is empty
Fixes #9819
2016-12-04 20:06:24 +09:00
mark_story
934bb00b36 Add tests showing recent changes fix #9784 2016-12-03 14:14:57 -05:00
mark_story
27f951fb41 Don't emit errors when operating on corrupted cookie data.
When deleting from corrupted cookie data, there shouldn't be any errors.

Refs #9779
2016-12-03 14:10:47 -05:00
Henrik Gemal
75bb30f6b2 add new locales fixes #9825 2016-12-01 12:39:47 +01:00
mark_story
410df003e6 Update version number to 2.9.3 2016-11-27 21:25:11 -05:00
chinpei215
74c2ded872 Fix directory traversal of .ctp files 2016-11-27 18:14:44 +09:00
Mark Sch
02df9ff72e Add a note about $boot 2016-11-26 18:10:37 +01:00
chinpei215
f9d2a52152 Revert "Remove dead code"
This reverts commit bf908762db.
2016-11-27 01:25:01 +09:00
mark_story
bbb87b3e87 Use null instead of false for failure.
null is better to indicate that a thing doesn't exist.
2016-11-26 10:38:28 -05:00
Mark Story
ba9f62a7a0 Merge pull request #9747 from tersmitten/cache-does-not-expose-configured-engines
Expose Cache engines
2016-11-26 10:16:20 -05:00
mark_story
e057b5572c Fix PHPCS. 2016-11-21 20:51:12 -05:00
mark_story
71b7d6211b Fix AclNode constructor.
It should forward the settings from ClassRegistry::init() so that
aliases can be customized as needed.

Refs #9766
2016-11-19 22:30:18 -04:00
mark_story
66363e6bea Add tests for #9766
I'm not able to reproduce incorrect aliases coming out of ClassRegistry.
As reported.
2016-11-19 10:02:09 -04:00
Marc Würth
5c184190c5 Improve doc block 2016-11-17 14:55:01 +01:00
Mischa ter Smitten
e71afa225e Merge remote-tracking branch 'upstream/2.x' into make-it-possible-to-configure-cachemethodhashalgo-in-dbosource 2016-11-14 16:26:48 +01:00
Mark Story
de3a249199 Merge pull request #9749 from tersmitten/make-it-possible-to-filter-values-per-method-in-dbosourcecachemethod
Make it possible to filter values per method in DboSource::cacheMethod
2016-11-14 10:08:00 -05:00
Mischa ter Smitten
936b9924b3 Add tests for overridden cacheMethodFilter 2016-11-14 12:51:57 +01:00
Mischa ter Smitten
1952d2ee17 Add tests for cacheMethodFilter 2016-11-14 11:44:35 +01:00
Mischa ter Smitten
71535d2d2c Change cacheMethodFilters to be a method 2016-11-14 11:15:08 +01:00
Mischa ter Smitten
5947c2346b Fix failing test 2016-11-14 10:53:33 +01:00
Mischa ter Smitten
7ffb5c3600 Add tests for cacheMethodHasher 2016-11-14 10:00:47 +01:00
Mischa ter Smitten
e186ffc6d3 Change cacheMethodHashAlgo to be a method 2016-11-14 09:42:19 +01:00
Mischa ter Smitten
15ccf057f4 Make it possible to configure cacheMethodHashAlgo in DboSource 2016-11-12 00:18:13 +01:00
Mischa ter Smitten
58cc9b4596 Make it possible to filter values per method in DboSource::cacheMethod 2016-11-11 23:37:23 +01:00
Mischa ter Smitten
dec7f54ecb Fixed typos 2016-11-11 21:43:43 +01:00
Mischa ter Smitten
94572ae384 Do not use deprecated assertIsA 2016-11-11 21:41:23 +01:00
Mischa ter Smitten
175503fafa Expose engines
By implementing the `engine` method just like in version 3
2016-11-11 13:42:22 +01:00
Mark Story
f46f042001 Merge pull request #9717 from bancer/shell-webroot
accept webroot shell parameter
2016-11-08 21:12:50 -05:00
Val Bancer
38518c201c doc blocks adjusted 2016-11-08 11:35:01 +01:00
Val Bancer
7ffa7acea6 fixed shell dispatcher failed unit test 2016-11-08 11:04:27 +01:00
Val Bancer
92e380737d fixed failing shell dispatcher test 2016-11-08 10:44:08 +01:00
Val Bancer
467ee851bf some refactoring to fix failed shell dispatcher tests 2016-11-08 10:03:46 +01:00
mark_story
86b5401778 Update version number to 2.9.2 2016-11-07 21:40:22 -05:00
Val Bancer
aa21244593 accept webroot shell parameter 2016-11-08 00:40:46 +01:00
mark_story
3837f40394 Autodetect content-types for email attachments (2.x)
This ports the safe parts of #9619 and updates the tests. Because
existing tests had to change and I was concerned about changing people's
email messages in a bugfix release I'm targetting 2.next with this
change.
2016-11-06 21:49:15 -05:00
mark_story
c0150f62ed Merge branch '2.x' into 2.next 2016-11-06 21:42:31 -05:00
mark_story
9d94487b23 Fix PHPCS
Refs MATES-9698
2016-11-04 09:31:05 -04:00
Rodrigo Pérez
c0aa418984 refs #backport-paginate-multiple-queries fix array notation to be compatible with php 5.3 2016-11-04 11:19:43 +00:00
Rodrigo Pérez
20da4484de refs #backport-paginate-multiple-queries Backporting cakephp 3.3 feature to paginate multiple queries 2016-11-04 11:10:28 +00:00
mark_story
6a201696dd Fix HttpSocket emitting errors when nameless cookies are encountered.
Refs #9698
2016-11-03 19:07:25 -04:00
xhs345
e1c5ef9e7a Add clear option to Flash Message
To give user the option to disable Stacking of messages and being consistent with 3.x
2016-10-30 20:39:00 -07:00
Val Bancer
744b455de1 fixed configuration of 'enabled' setting in components inside a
component
2016-10-28 22:14:20 +02:00
xhs345
924d382bb3 Fix tests 2016-10-28 09:10:01 -07:00
xhs345
c59fb85da8 Add support for stacking Flash messages
See Issue #7830
2016-10-28 09:10:01 -07:00
mark_story
135a24e0f1 Merge branch '2.x' into 2.next 2016-10-28 00:29:46 -04:00
mark_story
c935bed8f6 Fix PHPCS 2016-10-21 18:35:05 -04:00
mark_story
816801902e Allow '' to be a valid key for Hash, and Session
By removing a bunch of empty() guards we can make '' behave like all the
other key names. This does change the existing behavior/tests around ''
key, but I think that is ok given the need to manipulate ''.

Refs #9632
2016-10-21 10:54:39 -04:00
chinpei215
3102d89313 Fix a test for PHP5.3 2016-10-16 22:40:27 +09:00
chinpei215
739664d6c7 Add more tests 2016-10-16 22:28:28 +09:00
chinpei215
d7ae1c92e7 Backport test cases and make sure those pass 2016-10-16 22:04:24 +09:00
chinpei215
0d96b9ff64 Backport changes in SecurityComponent and FormHelper 2016-10-16 21:55:05 +09:00
chinpei215
3ccc35b32c Start working on backporting security debug to 2.x
- Add SecurityException
- Add AuthSecurityException

Refs #8449
2016-10-16 11:47:26 +09:00
TekkCraft
1c37640678 Add connectOptions to doc block 2016-10-12 15:25:31 +02:00
Mark Story
a3577978b0 Merge pull request #9603 from cakephp/issue-9592
Fix warning in PHP 7.1
2016-10-11 17:23:00 -04:00
mark_story
8baf193995 Fix warning in PHP 7.1
Refs #9592
2016-10-11 16:59:35 -04:00
mark_story
6cdf38c2ef Update version number to 2.9.1 2016-10-10 21:36:32 -04:00
mark_story
ecd270d04b Tweak/Add doc blocks. 2016-10-09 11:05:35 -04:00
David Maicher
a932bce3de [Bugfix] use Model::$cacheQueries as default for ->query(...) 2016-10-09 13:43:27 +02:00
Mark Sch
bf908762db Remove dead code 2016-10-07 01:35:26 +02:00
Ashley Pinner
5f22fae1da Adding Base64 support to the HtmlHelper::image() function
Requested by cakephp/cakephp#9560
2016-10-06 09:01:15 +01:00
José Lorenzo Rodríguez
9425234b87 Merge pull request #9550 from cakephp/issue-9526
Fix enum column length detection.
2016-10-06 09:29:25 +02:00
mark_story
9c3b17cbc7 Fix failing test in postgres. 2016-10-05 22:28:51 -04:00
mark_story
689d516a99 Fix typo. 2016-10-04 21:38:26 -04:00
mark_story
3a185f9713 Remove incorrrect postgres implementation.
It was wrong, and no longer really needs to exist as the parent method
covers all the scenarios that were previously required other than the
uuid one.
2016-10-02 22:59:13 -04:00
mark_story
3587ac9976 Fix PHPCS error. 2016-10-02 19:06:10 -04:00
Andrej Griniuk
2d6e85ed14 validate table name before generating schema file 2016-10-03 00:23:05 +08:00
Gareth Ellis
5eb9dde78a Adds a check that dir() has returned an instance of Directory to FileEngine::_clearDirectory() 2016-10-02 10:59:27 +01:00
mark_story
e41ccdb701 Fix enum column length detection.
Use simpler code to calculate the length of fields. Include more tests
for DboSource as there weren't any before.

Refs #9526
2016-09-30 22:25:25 -04:00
Mark Story
5e0dc218f1 Merge pull request #9488 from tersmitten/lastaction-should-also-work-with-named-parameters-in-the-url-2x
_lastAction() should also work with named parameters in the url
2016-09-24 21:04:14 -04:00
mark_story
57bc0f9c45 Ensure Object is autoloaded.
When Object was renamed to CakeObject we broke behavior where plugins
and app code were relying on Object being configured in the autoloader
automatically.

Refs cakephp/debug_kit#450
2016-09-23 14:22:10 -04:00
Mischa ter Smitten
1ccdc21d5b Possible fix for _lastAction method 2016-09-22 21:33:43 +02:00
Mischa ter Smitten
197c2f4e60 Make use of assertAttributeEquals 2016-09-22 21:30:18 +02:00
Mischa ter Smitten
4c9f1cc154 _lastAction() should also work with named parameters in the url 2016-09-20 15:07:36 +02:00
Rozehnal, Pavel
34fa24f225
Avoiding extract in CakeSchema class
due bad readability and avoiding parsing error in IDEs - no functional changes
2016-09-19 14:10:02 +02:00
mark_story
35d04ecb3d Update version number to 2.9.0 2016-09-18 22:24:27 -04:00
mark_story
68abc090ac Rollback version file change.
Build tools will fail otherwise.
2016-09-18 22:24:05 -04:00
mark_story
bea2ac7965 Start 2.10.0 development. 2016-09-18 22:23:34 -04:00
mark_story
ad5130cd31 Merge branch '2.next' into 2.x 2016-09-18 22:22:56 -04:00
mark_story
73dcbf2aa3 Update version number to 2.8.9 2016-09-18 22:18:18 -04:00
Mark Story
63533d8f2d Merge pull request #9454 from cakephp/revert-9368-2.x-test-fixtures
Revert "CakeFixtureManager: Truncate tables only if not dropped."
2016-09-17 12:25:24 -04:00
mark_story
835c709dfd Add code fencing on example. 2016-09-16 19:17:08 -04:00
Marc Würth
1b101f73a6 Minor DocBlock improvement 2016-09-16 13:02:55 +02:00
mark_story
bcb2eaee31 Update version number to 2.8.8 2016-09-14 21:40:56 -04:00
mark_story
4f70bdb3b8 The _lastAction property should not double include the base path.
FormHelper should not run URLs through Router twice when determining the
the form's lastAction attribute. However, because we're using the helper
method (see #9414) we do need to HTML decode the URL before using it in
form token generation.

Refs #9455
2016-09-13 22:21:01 -04:00
mark_story
109cfbcf95 Fix whitespace. 2016-09-13 21:46:28 -04:00
Mark Story
35c6f2c771 Revert "CakeFixtureManager: Truncate tables only if not dropped." 2016-09-13 11:00:32 -04:00
mark_story
dc2fa498ef PHPCS. 2016-09-12 23:19:08 -04:00
mark_story
9d1fbb95b3 Allow datasource access in constructors of mocked models.
When mock objects are created from models that access their datasource
in the constructor, an exception would be raised for the missing default
datasource. By changing how configuration data is handled in the mock
creation we can avoid this issue and not reopen #4867

Refs #8225
2016-09-12 22:15:55 -04:00
mark_story
d0041f155d Update version number to 2.8.7 2016-09-09 23:07:15 -04:00
Mark Story
9a66137e65 Merge pull request #9414 from bancer/secure-form-url
Secure form url
2016-09-06 12:42:34 -04:00
mark_story
0c189b555f Update version number to 2.9.0-RC1 2016-09-05 22:18:21 -04:00
Val Bancer
5253f0b3bd fixes postLink form last action
https://github.com/cakephp/cakephp/issues/9392
2016-09-05 23:14:43 +02:00
Val Bancer
427d928d10 minor code style improvements 2016-09-05 21:53:10 +02:00
Val Bancer
98cd278c02 improved performance of insertMulti() in Mysql 2016-09-05 21:28:07 +02:00
mark_story
e8d63725d8 Merge branch '2.x' into 2.next 2016-09-04 23:54:22 -04:00
Mark Story
c303a92fcf Merge pull request #9368 from cakephp/2.x-test-fixtures
CakeFixtureManager: Truncate tables only if not dropped.
2016-08-29 21:56:37 -04:00
mark_story
2ffde69d5b Skip test that always fails on PHP5.3 2016-08-29 21:56:30 -04:00
mark_story
d1cfe203c4 Fix PHPCS error. 2016-08-29 21:53:47 -04:00
mscherer
d52b9fc826 CakeFixtureManager: Truncate tables only if not dropped. 2016-08-29 12:08:57 +02:00
Nicola Beghin
41851d60b4 fix HTTP Basic Auth on FastCGI PHP 2016-08-28 19:16:59 +02:00
Mark Story
51963ab8fc Merge pull request #9349 from cakephp/2.x-sort-locale
2.x sort locale backport
2016-08-26 11:13:21 -04:00
Mark Sch
ee319baec1 Backport skip 2016-08-26 16:15:39 +02:00
mscherer
03df288e78 Re-add spacing. 2016-08-26 14:45:59 +02:00
mscherer
dab4b85596 Backport Hash::sort() support for type locale. 2016-08-26 14:32:21 +02:00
ndm2
87d86aaed9 Fix/tighten Folder::inPath() checks.
The current checks are way too relaxed, and are more like testing
for a substring, which makes it easy for invalid paths to slip
trough, for example `/foo/var/www` is falsely tested to reside in
`/var/www`.

Passing an empty path never worked properly, it was triggering a
warning, didn't worked on Windows, and the behavior that the current
top level directory would be assumed for empty paths wasn't
documented.

Similar is true for relative paths. While they did match at one point,
this was incorrect behavior, and matching actual path fragments seems
out of scope for this method.

This change makes the `$path` argument required, requires it to be an
absolute path, and throws an exception in case a non-absolute path is
being passed.
2016-08-26 13:45:45 +02:00
Mark Story
0565081db6 Merge pull request #9314 from mvdriel/add-support-for-confirm-option-to-submit-in-formhelper
Added support for confirm (message) option to submit in FormHelper
2016-08-22 09:18:30 -04:00
Mark Sch
b096005561 Fix CS 2016-08-21 20:31:45 +02:00
Mark van Driel
e3b0aca95e Removed bug fix for Helper::_confirm to keep the code compatible 2016-08-21 17:09:43 +02:00
Mark van Driel
34afc377ec Added support for confirm (message) option to submit in FormHelper 2016-08-20 12:51:13 +02:00
Kenya Yamaguchi
777e39531e fix php document of File::write() 2016-08-19 02:52:44 +09:00
José Lorenzo Rodríguez
3937a4f02e Merge pull request #9255 from cakephp/issue-9229-restore
Restore header() behavior inadvertantely removed.
2016-08-15 09:51:10 +02:00
mark_story
3e16f8911d Add tests covering basic use of <> in deleteAll()
Refs #9253
2016-08-13 22:48:02 -04:00
mark_story
a10bdb226a Document the ext/memcached version requirements.
Refs #9252
2016-08-13 19:38:31 -04:00
mark_story
bc73e928b6 Restore header() behavior inadvertantely removed.
In eaa2bbbcae I changed the behavior to
now use the TitleCased name as I didn't understand the intended behavior
or how apache was working in the reporter's specific case.

Refs #9229
2016-08-11 21:54:24 -04:00
Marc Würth
f2638b3e38 Remove superfluous "Class" from doc blocks 2016-08-10 12:22:09 +02:00
mark_story
61b3fbd605 Merge branch '2.x' into 2.next 2016-08-09 22:12:26 -04:00
mark_story
eaa2bbbcae Merge branch 'auth-header' into 2.x
Refs #9229
2016-08-09 22:07:46 -04:00
mark_story
20a2af8c16 Fix casing issues with Authorization header.
We need to check the upper case versions of headers in $_SERVER.
Also fix lint issues.
2016-08-09 22:06:49 -04:00
nojimage
9a5d5705cd TestShell support --coverage-text option 2016-08-08 20:13:40 +09:00
nojimage
e71d83c612 TestShell passes the 'directive' option to PHPUnit correctly 2016-08-08 20:09:37 +09:00
Sebastien Barre
345375b6b6 add test 2016-08-07 23:08:55 -04:00
Sebastien Barre
acc32f5c58 Work around Apache handling the Authorization: header differently 2016-08-07 19:50:23 -04:00
mark_story
0a22058e35 Update version number to 2.8.6 2016-08-02 22:15:04 -04:00
ADmad
ba829f758f Merge pull request #9204 from cakephp/fix-api
fix api generation
2016-08-03 01:40:16 +05:30
antograssiot
6dbd5c659d fix api generation 2016-08-02 22:01:35 +02:00
Juan I. Benavides
60bd98a593 Consistency with other methods: Type declaration of CakeEmail parameter. 2016-08-02 02:30:43 -05:00
Juan I. Benavides
d37f88b20e Documentation and declaration of object type in method's parameter
This should make pass the phpcs check. #9199
2016-08-01 16:46:25 -05:00
Juan I. Benavides
93db51cf10 Avoiding circular object reference in SmptTransport
This fixes a memory leak while sending multiple emails.

Fixes: #9198
2016-08-01 13:09:45 -05:00
Mark van Driel
4dc8e54131 Fixed typo 2016-07-27 20:27:15 +02:00
Mark van Driel
5caac5f340 Prevent unnecessary joins / complex conditions in delete 2016-07-27 16:31:57 +02:00
Andrej Griniuk
e7f3365d8b fix on php < 5.5 2016-07-26 23:57:14 +03:00
Andrej Griniuk
147693618c refs #9174 fix CakeSchema compare when changing field length to the default one 2016-07-26 23:39:09 +03:00
Mark van Driel
c01525f2cc Make check more strict to respect existing queries 2016-07-26 11:25:27 +02:00
Mark van Driel
d6e45131ad Prevent unnecessary joins / complex conditions in delete 2016-07-25 17:15:18 +02:00
Mark Story
b50c06423d Merge pull request #9115 from biesbjerg/ticket-7488
Fire Controller.shutdown and Dispatcher.afterDispatch events when exceptions are thrown
2016-07-19 22:49:02 -04:00
Mark Story
876b508797 Merge pull request #9108 from cakephp/issue-9106
Don't split strings headers that lack a ':'.
2016-07-15 22:20:13 -04:00
Kim Biesbjerg
cbdc89ddee Fix CS error 2016-07-14 05:50:37 +02:00
Kim Biesbjerg
38cad279d1 Updated test method name and description 2016-07-14 04:57:25 +02:00
Kim Biesbjerg
c77b628841 Dispatch Controller.shutdown instead of calling afterFilter directly. Updated test 2016-07-14 04:51:49 +02:00
Kim Biesbjerg
a05639a30e Don't save buffered output to var since it is not used 2016-07-14 00:20:33 +02:00
Kim Biesbjerg
5a63ee4e3e Added tests to prove that Dispatcher.afterDispatch event is dispatched by exception renderer on error response 2016-07-14 00:17:02 +02:00
Kim Biesbjerg
bddff7d2b0 Dispatch afterDispatch event when exception is thrown 2016-07-13 23:40:27 +02:00
mark_story
4e1b601ed8 Don't split strings headers that lack a ':'.
Refs #9106
2016-07-12 22:46:47 -04:00
Philippe Saint-Just
be7cecbb00 Removed whitespace 2016-07-10 14:02:55 +01:00
Philippe Saint-Just
b0e5e39e45 Added test case 2016-07-10 09:57:24 +01:00
Philippe Saint-Just
7edcdb0799 Handle plugin association consistently 2016-07-09 16:08:16 +01:00
Kim Biesbjerg
1d7a4da903 Fixed wrong assertion 2016-07-07 09:24:33 +02:00
Kim Biesbjerg
0ea315b2e0 Add assertion to prove session is not started on stateless login 2016-07-07 08:58:51 +02:00
Kim Biesbjerg
c63de8d9f5 Added test to prove stateless login sets user 2016-07-06 12:34:23 +02:00
Kim Biesbjerg
f22129b9c7 Store user data in memory on login for stateless auth adapters 2016-07-06 00:25:46 +02:00
mark_story
234f732d6d Attempt to get tests passing on travis.
Also attempt to get stickler to ignore the 2.x branch.
2016-07-01 17:52:02 -04:00
mark_story
d816ea6e16 Add test showing that niceShort translates month names.
Refs #8968
2016-07-01 17:51:23 -04:00
Alex Para
58a31ecfe5 fixes #9064 2016-07-01 14:46:27 +03:00
Alex Para
3a42ecc61c fixes #9064 - added new locale for Icelandic language 2016-07-01 11:11:16 +03:00
mark_story
7626896286 Merge branch '2.x' of github.com:cakephp/cakephp into 2.x 2016-06-28 22:07:44 -04:00
mark_story
7c2d6ae197 Combine code paths.
At the end of both if/else arms we should have an array that can be
pushed through Hash::filter().

Refs #8654
2016-06-28 22:06:53 -04:00
nojimage
57e0a97483 refs #8654 FormHelper cleanup unlockFields key 2016-06-28 22:01:06 -04:00
Mark Story
0e97116093 Merge pull request #9042 from gestudio/patch-1
Issue #9040 - Auth saving json in Auth.redirect
2016-06-27 21:48:56 -04:00
mark_story
7e27fccca8 Restore version file to 2.9.0-dev 2016-06-27 21:48:08 -04:00
mark_story
432eb9c432 Merge branch '2.x' into 2.next 2016-06-27 21:47:47 -04:00
mark_story
f28c21c7a7 Stop testing against SSL ciphers that emit warnings.
Testing that SSLv3 still works is causing test failures.
2016-06-27 21:47:37 -04:00
Iñigo In The Cloud
2c112095a9 Issue #9040 - Auth saving json in Auth.redirect
AuthComponent is storing JSON or any other AJAX request URL into the session variable Auth.redirect used for login redirect if the AJAX request does not send the X-Requested-With:XMLHttpRequest header.

If you send an ajax request without that header and your request is not a (.json) it will store the URL anyway.
2016-06-27 14:15:05 -04:00
mark_story
92a50d05dc Reset query timing metrics for begin/commit/insert multi calls.
Apply patch from @Mensler to reset the query metrics for transaction
operations, and for each iteration of an insertMulti call. This helps
provide more accurate query times.

Refs #9014
2016-06-22 22:20:00 -04:00
kolorafa
449e5fc9cf Can't override CakeEmail class and use deliver
When using TemplateEmail::deliver it always create new instance of CakeEmail, I assume it should create my extended "TemplateEmail" class insted.

PHP >5.3 compatible
2016-06-13 18:02:26 +02:00
mark_story
64e7c8d991 Update version number to 2.8.5 2016-06-12 22:15:08 -04:00
mark_story
7055e82eab Add missing uses() call.
Refs #8929
2016-06-02 22:04:50 -04:00
Mark Story
55e9638044 Merge pull request #8844 from icyrizard/add_http_patch_content_type_check
Add HTTP patch Content-Type check
2016-05-27 15:41:18 +02:00
Aloïs Thévenot
b737e9f732 #8844 Add test 2016-05-27 12:50:23 +00:00
Eric Jiang
11dfe0b40c Add test case for trailing hyphen in column name 2016-05-26 19:27:18 -07:00
mark_story
8c73086717 Fix PHPCS error. 2016-05-25 23:05:12 +02:00
mark_story
e78af35af7 Only clear the unlocked fields on end().
Doing this work on end() allows fields to be unlocked before the form is
created which can be helpful.

Refs #8880
2016-05-25 23:04:53 +02:00
Mark Story
b15560ea0c Merge pull request #8880 from nojimage/form-unlockfields-2x
Reset FormHelper::$_unlockFields for 2.x
2016-05-25 22:59:25 +02:00
mark_story
d5d46e21bd Fix indentation. 2016-05-22 16:39:49 -04:00
Mark Story
1a7e8c51e7 Merge pull request #8848 from xhs345/2.x
Add attribute 'fieldset' to Form->radio
2016-05-22 16:38:39 -04:00
nojimage
850305a384 fixes reset FormHelper::$_unlockFields 2016-05-21 13:33:20 +09:00
xhs345
eeefa03546 Updated Radio and Inputs form helper
Also added UnitTest for radio fieldset class-name
2016-05-19 17:28:47 -07:00
Eric Jiang
9f9ae8a9fd Ignore final hyphen in column name when requoting
An expression like "Foo"."bar"->'prop' should not be re-quoted as
"Foo"."bar-">'prop'. Bare columns cannot include hyphens in most DBs
anyways.
2016-05-19 01:56:20 -07:00
Mark Story
0fd3ad9b76 Merge pull request #8851 from MarkusBauer/v2.x/SqliteTestEnhancements
Sqlite testcase enhancements
2016-05-18 22:01:33 -04:00
Markus Bauer
2227e01990 Fixing Sqlite's handling of datetime/timestamp columns with current_timestamp default set 2016-05-19 00:21:43 +02:00
Markus Bauer
058809275c Enable nested transactions before trying to test them 2016-05-18 23:46:51 +02:00
Markus Bauer
f75ebf8cb9 Make Sqlite Testcases compatible with Windows / NTFS file systems 2016-05-18 23:46:10 +02:00
xhs345
615be3ad14 Fix for Issue #8847
Add attribute 'fieldset' to Form->radio
2016-05-18 10:53:06 -07:00
Richard Torenvliet
e31ce0d58f Add the HTTP Patch to the Content-Type check mechanism
Currently when a request is of type 'patch' it is ignored. This commit makes
sure that the Content-Type is checked when a patch request is provided.
2016-05-18 14:54:52 +02:00
Steampilot
723ed96fd6 Added sorting by modified time in Folder util 2016-05-12 16:28:04 +02:00
mark_story
39b4cbebb3 Port PHP7 fixes to 2.x
Port the fixes @ADmad did in 8f150dc5 to 2.x so those builds start to
pass once again.
2016-05-08 15:36:28 -04:00
Juan Basso
fa6e74ca22
Improved apc calls
Instead of calling the call_user_func_array it does the call directly. It is a little bit more verbose, but performs better.
2016-05-07 14:26:09 -04:00
Juan Basso
4a61f7f23c
Supporting APCu on PHP 7 2016-05-07 03:46:21 -04:00
Mark Story
5b83f702c9 Merge pull request #8759 from xhs345/patch-2
2.x cake bake Controller: Only add Flash component when required
2016-05-03 22:20:13 -04:00
xhs345
4d65091d0c Updated tests 2016-05-03 15:39:37 -07:00
Mark Story
a88b6e8232 Merge pull request #8763 from ravage84/2.x-forum-link
Add new forum link to home page
2016-05-03 17:49:42 -04:00
mark_story
efc2526600 Appease PHPCS. 2016-05-03 17:46:29 -04:00
mark_story
b6d631b987 Use strlen(). Comparing a string against a length will not do the right thing. 2016-05-03 17:27:16 -04:00
Marc Würth
d640e6874a Add new forum link to home page 2016-05-03 14:19:25 +02:00
mark_story
8cd5a64c27 Update version number to 2.8.4 2016-05-02 22:18:41 -04:00
mark_story
12c6fd4e22 Merge branch '2.x' into 2.next 2016-05-02 21:58:41 -04:00
mark_story
0912867b49 Minor formatting clean up.
Refs #8754
2016-05-02 21:58:20 -04:00
Alex
31cddbe48a Only add Flash component when required
If a user selected no to the question "Would you like to use Session flash messages?" it would still use the Flash component, but not use it
2016-05-02 14:37:47 -07:00
schrolli
e0682fc8a1 added testcases for time and datetime-fields
both have set their length field and should be displayed as text-inputs
2016-05-02 17:13:22 +02:00
schrolli
0de87cd74e Added also datetime, since it can have microseconds, too 2016-05-02 17:11:28 +02:00
Mark Sch
32cb25465f Make CS tests pass. 2016-05-02 10:42:42 +02:00
mark_story
ade9d8a811 Restore backwards compatibility with old 2.x in FormHelper.
Restore the behavior of the string 'action' option to its former glory.
While we've deprecated this it needs to continue working as it did
before.

Refs #8628
2016-05-01 22:21:23 -04:00
schrolli
40b812e391 added field type "time" sothat no "maxlength" attribute is set for
the text-input element. This is neccessary when a "length" is
specified for a time-database-field. This length dictates the amount
of decimal digits, eg. milliseconds, and not the overall character size.
2016-05-01 05:56:50 +02:00
mark_story
ab79ab9c55 Fix short-array usage. 2016-04-30 14:14:45 -04:00
Philippe Saint-Just
c2f028ab49 Fix spacing 2016-04-30 13:13:14 -04:00
Philippe Saint-Just
cd07850337 Merge branch 'backport-8741-8690' into 2.x 2016-04-30 13:11:34 -04:00
mark_story
af953700b8 Fix short array usage.
Refs FIVESMX-8723
2016-04-29 09:28:05 -04:00
mark_story
cf55767fa0 Backport range parsing resiliancy fixes from 3.x
Refs #8723
2016-04-28 22:27:37 -04:00
Val Bancer
3368ae9b02 fixed locales alphabetical order 2016-04-27 14:59:47 +02:00
Val Bancer
3edbe1f5eb fixed locales alphabetical order 2016-04-27 14:04:40 +02:00
Val Bancer
f4866efffc restored deleted linebreak 2016-04-27 13:21:08 +02:00
Val Bancer
dee53e8298 added support for several european locales 2016-04-27 13:14:30 +02:00
mark_story
9536a10d6d Make schema import plugin friendly.
The changes in #8694 pointed out that schema importing doesn't play nice
with plugins. This corrects that.
2016-04-23 16:18:15 -04:00
mark_story
3a75e8aa72 Use import options when going through execute()
The `records` and `schema` options should work when using execute().
Previously they were not working. Furthermore, the records option did
a non-sensical thing where it both set import=>records and generated
static records from the live table. The `records` option now enables
the generation of static data from a live table, as I think this is
a more common scenario.

Refs #8693
2016-04-23 16:15:54 -04:00
Mark Story
be35880b2f Merge pull request #8692 from garethellis36/dont-override-shell-loggers
Don't override already-configured loggers
2016-04-22 16:05:03 -04:00
Gareth Ellis
bfb6ebb049 PHPCS fixes 2016-04-22 19:21:47 +01:00
Gareth Ellis
bc3a1fb6c5 Makes ShellTest::testShellLoggersDoNotGetOverridden actually useful 2016-04-22 19:18:29 +01:00
Gareth Ellis
153f04a976 Changes behaviour of _useLogger so that already-configured loggers are not overridden 2016-04-22 13:56:26 +01:00
mark_story
ce5d64b083 Remove whitespace. 2016-04-19 15:27:30 -04:00
felixmaier1989
b081ef5a38 Mock CakeResponse
Ability to set the class name to use for mocking the response object
2016-04-19 14:50:40 +07:00
chinpei215
1826b4cb08 Add DboSource::flushQueryCache() 2016-04-19 00:01:06 +09:00
mark_story
8b5023282e Randomly generate a salt when the salt is '' or null.
To prevent an issue where any value is accepted as a password when '' is
provided as the hashed password.

Refs #8650
2016-04-15 21:49:17 -04:00
Mark Story
c6d5bfb2b9 Merge pull request #8653 from cakephp/fix-2x-tests
Attempt to fix tests in 2.x
2016-04-15 15:37:47 -04:00
mark_story
f451efa511 Attempt to fix tests in 2.x
Relying on tv.eurosport.com having a bad peer name is pretty fragile.
However, we can more easily rely on their cert coming from a CA we no
longer trust.
2016-04-14 15:28:34 -04:00
Mark Story
78cda8c25d Merge pull request #8638 from ravage84/patch-5
Re-add the Equifax Secure Certificate Authority
2016-04-14 15:21:18 -04:00
Marc Würth
25a0796865 Correct DocBlock for HttpException
http://api.cakephp.org/2.8/class-HttpException.html

> Class HttpException
> Base class that all Exceptions extend.

Which is actually the short description of  CakeBaseException.

http://api.cakephp.org/2.8/class-CakeBaseException.html

Probably because the DocBlock was placed before the if clause.
2016-04-14 14:42:01 +02:00
Marc Würth
d9e5d0ca05 Re-add the Equifax Secure Certificate Authority
Port change 343e206360 from 3.x to 2.x
2016-04-13 12:27:59 +02:00
Mark Story
1d4e39a45a Merge pull request #8625 from cakephp/jrbasso/2.x-fix-doc
Fixed doc formatting on CakeResponse::cookie
2016-04-11 15:05:23 -04:00
Marc Würth
4fd25e648c Update bundled CA file
Same as https://github.com/cakephp/cakephp/pull/8608 for 3.x
2016-04-11 13:55:28 +02:00
Juan Basso
718a7479e2 Fixed doc formatting on CakeResponse::cookie
Fixed doc to show properly in the documentation. This change was already applied on master.
2016-04-10 23:34:01 -04:00
chinpei215
5006cc396a Add a test case to make sure of backward compatibility 2016-04-11 00:43:35 +09:00
Mark Sch
7207d8f16a Remove class extension. 2016-04-10 16:38:03 +02:00
Mark Sch
e26cdc989d Add class_alias() 2016-04-10 16:16:03 +02:00
mscherer
e84ff5e0d5 Fix doc block param types. 2016-04-08 15:12:48 +02:00
mscherer
657b1a1029 Fix doc block param types. 2016-04-08 15:02:03 +02:00
mscherer
bae4a11e5e Rename test file. 2016-04-08 14:40:30 +02:00
mscherer
3e2b84052a Add deprecated BC wrapper class. 2016-04-08 14:36:23 +02:00
mscherer
dda9e83ab6 Refactor Object to CakeObject for future PHP7 comp. 2016-04-08 14:33:26 +02:00
mark_story
79db545b69 Fix PHP 5.4 syntax. 2016-04-02 21:45:02 -04:00
mark_story
1333cc4b3e Merge branch 'postlink-token' into 2.x
Fix inline postLink() calls corrupting the containing form's tampering
token.

Refs #8387
2016-04-01 23:08:41 -04:00
mark_story
c551faad46 Add tests for changes in #8387
Add tests covering the new behavior.
2016-04-01 23:08:31 -04:00
mark_story
84fc9498b5 Allow N11 exchange numbers as valid.
The previous code and commit (fa3d4a0bb5)
were incorrect about invalid exchange numbers as 1-800-211-4511 is
a real phone number.

I've also removed a duplicate alternation pattern.

Refs #8567
2016-03-31 22:38:16 -04:00
mark_story
13b914917d Update version number to 2.8.3 2016-03-28 22:17:27 -04:00
mark_story
1926d40d40 Fix possibility for spoofed files to pass validation.
Use `is_uploaded_file` to prevent crafty requests that contain bogus
files from getting through. A testing stub class was necessary to avoid
making significant changes to the test suite.
2016-03-28 22:10:36 -04:00
Mark Story
96c9521802 Merge pull request #8518 from garethellis36/customize-logged-error-message
[2.x] Extracts error trace in ErrorHandler to a helper function to allow customization
2016-03-23 21:20:30 -04:00
mark_story
a0ea7a0f2a Fix PHP5.4+ syntax.
2.x must be compatible with PHP 5.3
2016-03-23 21:19:19 -04:00
Gareth Ellis
a6702b70d4 Extracts error trace in ErrorHandler to a helper function to allow customization 2016-03-23 19:05:23 +00:00
mark_story
c6db76d044 Instead of wiping the Router, just clear requests.
Clearing the router also removes routes which can cause assertions to
fail. By just removing the stored requests we avoid the error reported
in #8480 and not break as many tests.
2016-03-20 11:10:34 -04:00
mark_story
7ceb0993bf Clear the router state after testAction().
When using array urls, internal state in the Router would cause requests
to be incorrectly handled causing multiple testAction calls in a single
test to fail. By reloading the router we start off with a clean slate
each time.

Refs #8480
2016-03-19 12:16:21 -04:00
Mark Story
01d3c2f599 Merge pull request #8475 from cakephp/issue-8468
Fix boolean values in select widgets.
2016-03-18 22:20:31 -04:00
mark_story
f57f038c09 Fix for PHP 5.3 2016-03-16 21:17:42 -04:00
Thomas Smith
3e86de5bcd Replaced nested loop in merging hasMany children with one pass each through children and parents 2016-03-16 09:37:15 -07:00
mark_story
745f3a33e6 Fix boolean values in select widgets.
Boolean `false` should be treated like `0` when comparing option values.

Refs #8468
2016-03-15 22:59:03 -04:00
Mark Story
61b09024b0 Merge pull request #8470 from ravage84/patch-4
Add note about log levels on Wndows
2016-03-15 21:17:55 -04:00
Marc Würth
ca5e9c305f Add note about log levels on Wndows
This is a problem if a developer on Windows tries to separate those three levels into separate streams without customizing the CakePHP default levels.
2016-03-15 19:37:14 +01:00
Marc Würth
adc450d18b Remove outdated statement about log auto config 2016-03-15 19:33:14 +01:00
mark_story
c0a5d2b341 Merge branch '2.x' into 2.next 2016-03-13 23:02:24 -04:00
mark_story
22a2e93c4b Update version number to 2.8.2 2016-03-13 23:01:17 -04:00
mark_story
af046fc7d6 Merge branch 'request-ip' into 2.x 2016-03-13 23:00:47 -04:00
mark_story
fef3090717 Fix incorrectly inheriting permissions.
When child inherits from a deny parent the '*' permission should reflect
permissions on all nodes not just the leaf node. Previously once a node
with all permissions set to inherit was found, the check would pass.
Instead it should cascade to the parent nodes and look for explicit
allow/deny.

Refs #8450
2016-03-11 23:18:50 -05:00
mark_story
48af49ddde Don't trust CLIENT_IP
The client_ip header can easily be forged. In 'safe' modes we should
only trust the remote_addr which comes from the sapi. Remove support for
http_clientaddress as I can't seem to find where this ever came from in
PHP on the http specs.
2016-03-10 22:04:13 -05:00
Mark Story
18b0334890 Merge pull request #8384 from garas/mailtransport-log-subject
Email log missing Subject and To headers when using MailTransport
2016-03-02 21:29:13 -05:00
mark_story
3ad68db5eb Tweak fix from #8359
This fixes a regression introduced in that change that we didn't
previously have tests for. The issue fixed in #8359 was related to
PHP7.0, whereas PHP5 didn't have an issue. Now both versions will work
the same.
2016-03-02 12:30:48 -05:00
Mark Story
63de5ca4ea Merge pull request #8359 from phlyper/patch-1
verify exists index 0 in $ref
2016-03-02 12:27:49 -05:00
Markus Bauer
95558d0bba Data passed through FormHelper::postLink is excluded from CSRF creation of an outer form. Subsequent fix for #8387. 2016-03-02 03:02:43 +01:00
Markus Bauer
7df96b3912 Creating correct CSRF tokens when using FormHelper::postLink within another form. Fixes #8387 2016-03-02 02:51:06 +01:00
Alex
862397325d fixed typo 2016-03-01 12:41:29 -08:00
Edgaras Janušauskas
2386a86adc Include Subject and To in email log when using MailTransport 2016-03-01 22:21:14 +02:00
Alex
e5e4317217 Updated deprecated doc for flash method 2016-03-01 12:17:39 -08:00
mark_story
78f199f8a0 Update version number to 2.8.1 2016-02-27 22:31:18 -05:00
mark_story
3ed321dff4 Handle negative numbers in Redis correctly.
Update number sniff to handle negative numbers. We need to do number
sniffing so we can maintain compatbility between write() and
increment()/decrement().

Refs #8364
2016-02-27 00:07:58 -05:00
Mark Story
eae7a8926b Merge pull request #8345 from cakephp/issue-8330
Fix parsing empty header values.
2016-02-26 23:01:59 -05:00
phlyper
7b9ff1c11b verify exists index 0 in $ref
exemple

i have to get the referrer url from any page if exists

```
class AppController extends Controller {
......
    public function beforeRender() {
        parent::beforeRender();
        $this->params['referer'] = $this->referer(null, true);
    }
..........
}
```
2016-02-26 22:39:48 +01:00
mark_story
1709f54e38 Update documentation for Model::_readDataSource()
Update sample code to generate unique keys based on association
conditions as well. Because association conditions are not part of the
'query' they need to be handled separately.

Refs #8346
2016-02-26 12:39:29 -05:00
Mark Story
31b3f39b67 Merge pull request #8310 from cakephp/secure-random
2.x - Secure random
2016-02-25 22:05:08 -05:00
mark_story
1a170e1eec Fix parsing empty header values.
Replace the complex and somewhat unfixable regexp based parser for
a parser that handles each line individually. Normalize multi-line
headers to replace multiple spaces with a single one. Section 4.2 of the
HTTP1.1 standard states

> Any LWS that occurs between field-content MAY be replaced with
> a single SP before interpreting the field value or forwarding the
> message downstream.

This makes me somewhat confident that we can safely normalize
multi-line HTTP header values.

Refs #8330
2016-02-24 22:25:58 -05:00
mark_story
9c0da41858 Skip test on PHP7 as the warning is not consistent. 2016-02-23 20:54:16 -05:00
Marc Würth
1258739411 Replace Set by Hash
References to the deprecated Set class don't make much sense.
2016-02-23 13:09:03 +01:00
Mark Story
ff6cdd4b73 Merge pull request #8279 from cakephp/issue-8114
Fix inherited permissions when checking the '*' permission.
2016-02-22 14:48:58 -05:00
mark_story
7e5f56362f Deprecate bad methods.
These methods are bad and should feel bad.
2016-02-22 00:16:15 -05:00
mark_story
7df99fff1f Backport Security::randomBytes() to 2.x
I decided to leave the warning in. People who can't upgrade their
applications should at least be aware of the risks they are taking.

I'm flexible if people are strongly opposed to a warning, but I feel
that these kinds of warnings can be supressed in production if they
really are in a jam and don't care.

Refs #8282
2016-02-22 00:14:44 -05:00
mark_story
ee2d222b85 Correct API docs for find().
Fixes #8308
2016-02-21 22:42:24 -05:00
Marc Würth
cd62c89994 Back port mime types from 3.next 2016-02-19 14:26:53 +01:00
mark_story
4389c79442 Update tests.
The old tests were relying on the fixed inherit bug. Instead check
a specific permission which will result in a deny.

Refs #8114
2016-02-18 21:24:52 -05:00
mark_story
8f3df8b13e Make tests not fail when extensions are installed
If the extensions are installed but memcached/redis are not running
errors should not be emitted.
2016-02-18 21:14:55 -05:00
mark_story
7a5907057a Ensure keys are strings before accessing them.
Some userland datasources (namely an oracle driver) manage to get arrays
into $stack.

Refs #8281
2016-02-18 21:03:57 -05:00
mark_story
b2509ea13d Fix inherited permissions when checking the '*' permission.
When checking inherited permissions for '*' also copy inherited
permissions onto the inherited list. By copying the inherited values, we
get the union of explit allow and inherited permissions, which if all
things go well will match the permission key list.

Refs #8114
2016-02-16 22:30:19 -05:00
Mark Story
68082fad02 Merge pull request #8207 from CakeDC/feature/uuid
Add support for Postgres native uuid datatype
2016-02-16 21:53:08 -05:00
Chris Hallgren
bf22e84d65 CS fixes 2016-02-15 20:44:27 -06:00
Chris Hallgren
849abab6a4 Fixing test case 2016-02-15 19:34:05 -06:00
Chris Hallgren
0c183b9b8e Read content type in a more compatible way.
Not all webservers set CONTENT_TYPE. The built-in PHP webserver for
example sets HTTP_CONTENT_TYPE instead. Add a public method to the
request object to smooth over this difference.

Refs #6051, #8267
2016-02-15 19:31:24 -06:00
Seth Tanner
c05835d85d refs #8027 combine if statements 2016-02-11 01:49:34 +00:00