mark_story
a9618f67f7
Use a permitted list instead of a ban list.
...
This should be safer as we are more confident on what is coming in.
2017-12-13 00:01:05 -05:00
mark_story
f66dec8a96
Make postConditions() less permissive.
...
We were notified by `ooooooo_q` that postConditions() is vulnerable to
SQL injection if used without SecurityComponent tampering prevention.
This change attempts to make postConditions() safer by exploding in
unsafe scenarios.
2017-12-10 21:44:47 -05:00
mark_story
2032fef772
Merge branch '2.x' into 2.next
2017-06-26 21:51:41 -04:00
Marc Würth
da8414e13b
Use HTTPS for the opensource.org MIT license URL
2017-06-11 00:23:22 +02:00
Marc Würth
04efc7ba50
Use HTTPS for the book.cakephp.org URL
2017-06-11 00:15:36 +02:00
Marc Würth
10b89b51a9
Use HTTPS for the cakefoundation.org URL
2017-06-11 00:10:59 +02:00
Marc Würth
17314baa15
Use HTTPS for the cakephp.org URL
2017-06-10 23:40:28 +02:00
Javier Melero
ba121d8c32
Wrong return type hint in Controller::redirect #9987
2017-01-09 07:38:41 -03:00
mscherer
dda9e83ab6
Refactor Object to CakeObject for future PHP7 comp.
2016-04-08 14:33:26 +02:00
Alex
862397325d
fixed typo
2016-03-01 12:41:29 -08:00
Alex
e5e4317217
Updated deprecated doc for flash method
2016-03-01 12:17:39 -08:00
@zuborawka
3d0bda0df8
Update comment block
...
Add an annotation for FlashComponent
2016-01-07 23:12:01 +09:00
Mark Scherer
8b5ef12ccb
Always return response in redirect() for testing.
2015-12-23 21:29:19 +01:00
Jorge González
cb6a17c34e
add Flash back to Controller, fix Scaffold to use Flash instead
2015-11-04 10:41:35 +00:00
mark_story
056f24a774
Forbid direct prefix access with mixed casing.
...
Changing the casing up should not allow prefix method access.
2015-08-05 23:05:30 -04:00
Mark Scherer
4fa5dd62c5
Remove conditional status setting.
2015-01-26 23:47:20 +01:00
Mark Scherer
70276b7a7a
Doc block adjustment.
2015-01-26 10:35:02 +01:00
Mark Scherer
e753fbadca
Fix ControllerTestCase redirect
2015-01-26 10:31:04 +01:00
mark_story
396d501d1e
Fix / being handled incorrect by referer()
...
Backport changes in #4987 to 2.x. This solves issues with duplicate base
directories when redirecting back to '/'
Fixes #4812
2015-01-15 21:26:34 -05:00
antograssiot
c2f298a8b7
Replace our custom code fence with markdown standard fence
2015-01-09 13:47:25 +01:00
Guy Warner
fb61d9393b
Add @trigger doc blocks of methods triggering CakeEvent
2014-11-30 14:45:40 -07:00
euromark
768f2c809c
Correct doc block return types.
2014-11-05 13:03:27 +01:00
Bryan Crowe
e16bef1868
Fix missing 'r' from your
2014-10-08 15:06:30 -04:00
Mischa ter Smitten
a69e9bc63b
Cs fixes
2014-09-18 10:50:35 +02:00
Marc Würth
67ba9cb406
Update all @deprecated annotations
...
to adhere to the @deprecated <version> <description> format, where version and description are mandatory.
2014-09-02 17:03:22 +02:00
euromark
974ca851c2
Correct doc blocks according to cs guidelines.
...
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
ADmad
3d9b2b80cb
More API docblock fixes.
2014-06-01 03:06:05 +05:30
euromark
43d359b1d7
Make referer() behave as expected.
2014-04-28 17:23:26 +02:00
euromark
823909603a
correct deprecation notices
2014-04-04 19:18:02 +02:00
mark_story
de9a5a5845
Add deprecated flag to methods that are removed in 3.0.
...
A few methods in Controller were not marked as deprecated, but already
removed in 3.0. Shore up that difference.
Refs #3105
2014-03-23 20:40:17 -04:00
Bryan Crowe
49bb441cef
Update some grammar in Controller
2013-12-30 00:13:26 -05:00
Bryan Crowe
a943ea5c34
Add space between classname(s)
2013-10-22 22:59:50 -04:00
Bryan Crowe
4242bd4f3d
Additional Cake references to CakePHP and docblock typo
2013-10-09 19:38:16 -04:00
Bryan Crowe
c1dd0e4393
Changed url to URL where appropriate
2013-10-07 23:17:58 -04:00
euromark
df269ba0ef
Cake to CakePHP name
2013-09-27 19:36:43 +02:00
Bryan Crowe
ab4bc16463
Updated Controller:: doc block and ControllerMergeVarsTest::
2013-09-25 22:53:23 -04:00
Bryan Crowe
915b51b239
Updated JavaScript casing and JsHelper references in doc blocks
2013-09-25 22:46:38 -04:00
Bryan Crowe
1393325ad1
Use instanceof instead of is_a() in Controller.php
2013-09-23 21:37:27 -04:00
euromark
382f75dbfc
cs corrections, bool to boolean and int to integer.
2013-09-17 14:44:34 +02:00
euromark
b09dc7213a
deprecate Controller::flash() and adjust some other deprecation messages.
2013-08-12 12:51:12 +02:00
ADmad
a691e70065
Docblock and return type fixes
2013-07-29 19:13:31 +05:30
Marc Würth
4c9f0414cb
Improved the DocBlocks and other code cleanup
...
Fixed @license tag, url comes first
Whitespace and other minor code cleanup
Added some docblocks
2013-05-31 00:11:19 +02:00
Rachman Chavik
a63b54c34b
Fix: Incorrect model being used as Controller::$modelClass
...
We cannot be sure that Controller::$uses have not been iterated, so
reset the array to use the first value.
2013-05-24 17:50:43 +07:00
euromark
0822578813
$this->modelClass needs to be correct prior to the components init() call if the component itself accesses the model, lazyloading would try to load the wrong model otherwise
2013-05-14 10:17:57 +02:00
mark_story
4f179b01bd
Make note of method removal.
2013-05-04 15:03:04 -04:00
euromark
09d9efe235
spelling corrections (a url to an URL, unify URL)
2013-04-29 11:05:17 +02:00
mark_story
efd86a498a
Do type checks when looking for models in Controller::$uses.
...
This solves issues with models not being added when $uses = true.
Fixes #3774
2013-04-19 12:20:46 -04:00
mark_story
d9fbe5e00a
Tidy up doc blocks.
...
These kind of changes make tidyier method summaries in apigen.
2013-02-26 21:43:53 -05:00
euromark
111366d5c8
== to === and != to !== where applicable
2013-02-12 03:38:08 +01:00
Graham Weldon
66d856d883
Added extra line for referencing license file for copyright
2013-02-08 21:22:51 +09:00