antograssiot
c2f298a8b7
Replace our custom code fence with markdown standard fence
2015-01-09 13:47:25 +01:00
mark_story
98909fb465
Fix radio buttons not being added to security hash.
...
When some but not all inputs were disabled radio buttons were omitted
from the security hash. This caused blackhole failures as the input was
unexpected.
Refs #5603
2015-01-08 23:25:34 -05:00
mark_story
4d6611b328
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/VERSION.txt
2014-12-17 21:38:32 -05:00
euromark
e1c128bb99
Consolidate with conditions sniff.
2014-12-09 03:17:35 +01:00
euromark
41c646c5a1
Simplification of return types. No need to return more mixed than necessary.
2014-11-08 20:07:47 +01:00
euromark
345a18f15f
Merge branch 'master' into 2.6
2014-11-05 23:29:06 +01:00
euromark
768f2c809c
Correct doc block return types.
2014-11-05 13:03:27 +01:00
mark_story
177b797aab
Merge branch 'master' into 2.6
2014-10-26 21:25:05 -04:00
Jan Ptacek
797635d26b
fixing testcases + do not disable the hidden input on partial disables
2014-10-25 21:05:37 +02:00
ptica
abb0c7cb9d
Update FormHelper.php
...
disabled multiple checkbox input should not generate an enabled hidden input,
as it leads to saving empty data upon submission -> carrying the disabled attribute to the hidden input prevents this
2014-10-24 18:25:31 +02:00
euromark
03d92494f1
Fix maxlength for manual type set and add textarea maxlength support.
2014-09-13 04:03:33 +02:00
ADmad
3fb252ad2f
Merge branch 'master' into 2.6
2014-09-13 00:37:16 +05:30
euromark
04ef39217f
Take care of more int casts.
2014-09-10 16:29:23 +02:00
ADmad
713f430fc4
Merge branch 'master' into 2.6
2014-08-03 01:05:36 +05:30
Anthony GRASSIOT
aa42b80a4d
a
/ an
typo fixes fot API
2014-07-30 22:11:03 +02:00
ADmad
53259cb389
Deprecate $confirmMessage argument.
2014-07-10 23:31:51 +05:30
euromark
974ca851c2
Correct doc blocks according to cs guidelines.
...
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
849ad9a4f5
Remove dead, untested and unreachable code in FormHelper.
...
Closes #3650
2014-06-06 08:17:49 -04:00
ADmad
16df061d66
Fix api docblocks for View layer classes.
2014-05-30 01:23:12 +05:30
mark_story
db86b0c050
Don't disable the entire select when disabled is array(1)
...
When the disabled attribute is just array(1), then the attribute should
be filtered out of select element attributes. This is kind of a hacky
workaround but changing the underlying attribute handling is going to be
pretty tricky and far more dangerous.
Fixes #3546
2014-05-23 13:26:11 -04:00
akiyan
781430c4af
Removed unnecessary conditional branch, fixed test and comment.
2014-05-22 14:08:18 -04:00
akiyan
67f256297d
Fixed secure form hash for special url.
...
No htmlspecialchars encode and without fragment identifer.
2014-05-22 14:08:11 -04:00
euromark
8af76a3705
Hotfix for older baked templates regarding postLink()
2014-05-13 20:51:39 +02:00
mark_story
e9ecfe0936
Remove x bit on files.
...
PHP files should not have executable permission set.
2014-05-13 12:30:14 -04:00
mark_story
89cd114e6f
Merge branch 'master' into 2.5
2014-05-12 14:30:02 -04:00
mark_story
51909ae738
Only parse URLs when they contain ://
...
Parsing incomplete URLs fails in PHP5.2.
2014-05-09 17:01:24 -04:00
mark_story
5469840c80
Fix incorrectly generated URL path.
...
Refs #3442
2014-05-07 08:52:42 -04:00
mark_story
1103ca7816
Ensure that only the path and query are used to make the hash.
...
While including the entire protocol, host, port, path and query would be
even better in theory, it gets complicated when proxies and load
balancers are involved.
Fixes #3442
2014-05-06 23:00:11 -04:00
ADmad
d466e00644
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/Model/Datasource/DboSource.php
lib/Cake/Test/Case/Model/Datasource/Database/MysqlTest.php
lib/Cake/Utility/Folder.php
lib/Cake/VERSION.txt
2014-05-04 14:35:36 +05:30
mark_story
e1057e3e6b
Fix FormHelper::postLink() not working when SecurityComponent is enabled.
...
The action attribute value was not being included in the generated hash,
so postLink() forms never worked properly.
Fixes #3418
2014-04-29 11:23:52 -04:00
euromark
7a287a6942
More coding standard corrections.
2014-04-29 14:19:33 +02:00
mark_story
cf96e9f54f
Merge branch 'master' into 2.5
2014-04-26 22:04:19 -04:00
Mark Story
5b46eb71ec
Merge pull request #3397 from steinkel/fix-formhelper-with-model-mock
...
fixed FormHelper to allow create() on Mock Models without errors
2014-04-26 08:53:43 -04:00
Jorge González
5cf2ce723c
fixed FormHelper to allow create() on Mock Models without errors
2014-04-26 10:33:58 +01:00
mark_story
de0062de77
Merge branch 'master' into 2.5
2014-04-25 22:10:02 -04:00
mark_story
f23d811ff5
Use the form action URL in generated form hashes.
...
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.
Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
euromark
0ece694a75
microptimize options and default merge and other string key array merges
2014-04-08 01:25:14 +02:00
mark_story
afc8587949
Merge branch 'master' into 2.5
2014-03-18 22:12:14 -04:00
mark_story
ee895a8bb1
Add form attribute to hidden inputs when present.
...
If inputs are placed outside of the form elements the form attribute
needs to be set on the hidden inputs. Without this attribute the empty
state does not submit correctly.
Fixes #3053
2014-03-18 22:11:57 -04:00
ADmad
a0c399e374
Remove whitespace.
2014-02-26 10:40:53 +05:30
mark_story
0f584c0e8b
Merge branch 'master' into 2.5
2014-02-24 21:19:17 -05:00
mark_story
0776b87214
Fix postLink() & postButton() with nested data.
...
Flatten deeply nested array data before generating hidden inputs.
This solves 'Array to string conversion' errors.
Closes #2894
2014-02-24 21:17:31 -05:00
mark_story
a80cbc205a
Simplify conditionals.
...
Set default values to remove else cases.
2014-02-19 21:46:53 -05:00
jalbertocr
8b2e1ab9e5
Don't do assignments inside conditionals.
2014-02-19 22:41:33 -03:00
jalbertocr
cdeb51167b
Fix types in docblocks.
2014-02-19 20:54:00 -03:00
jalbertocr
35f152b333
Make sure a datetime instance is valid to avoid fatal errors.
2014-02-19 20:50:30 -03:00
mark_story
3433f4a1f0
Clean up changes code standards and tests.
...
Refs #2582
2014-02-17 11:03:49 -05:00
Jonas
b32deed4aa
changed FormHelper::secure() and FormHelper::end() to support attributes in the hidden CSRF-protection tags that are being generated for SecurityComponent to allow specification of additional html attributes like HTML5s "form" attribute. This allows separation of Form instantiation/controls and form data - for instance within html tables
...
improved tests for testing against additional attributes for Form::secure()
improved tests for testing against additional attributes for Form::end()
removed array cast, fixed test
fixed docblock format
format
Fixed a bug, this won't work as some forms are just empty
2014-02-17 10:54:02 -05:00
mark_story
be8ebfc005
Merge branch 'master' into 2.5
2014-02-05 09:22:46 -05:00
AD7six
adc0bf3ded
BC fix for checkbox ids
...
Revert to previous behavior for id generation of checkboxes, This commit
can be reverted for 2.5+ is desired
Fixes #2733
2014-02-03 17:57:26 +00:00
mark_story
ecf5aec1ae
Add '@' to the list of characters removed from radio/checkbox ID.
...
This character can easily show up in email addresses and can cause
invalid HTML.
Refs #2733
2014-02-02 21:20:31 -05:00
mark_story
605351d0c9
Allow empty values in checkboxes.
...
Allow the checkbox value attribute to be empty. This is required to make
checkboxes with a value of 0.
Fixes #2717
2014-01-30 21:12:06 -05:00
Walter Nasich
a7f50e0ce7
Using sprintf to convert number into non-scientific notation
2014-01-30 19:07:23 -03:00
Walter Nasich
43604f64d5
Rendering a proper value for html5 attribute 'step'
2014-01-30 17:17:50 -03:00
mark_story
75dd2ff1fb
Merge branch 'master' into 2.5
2014-01-16 15:20:40 -05:00
mark_story
f25e84f4fb
Don't select year 0 when there are all 0's.
...
Year 0 is almost never a 'good' selection value and causes odd behavior
when paired with MySQL.
Fixes #2658
2014-01-15 10:23:45 -05:00
mark_story
3cee3b0e99
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/VERSION.txt
2013-12-30 21:28:22 -05:00
Mark Story
1cb7e4f0ff
Merge pull request #1635 from dereuromark/master-dom-ids
...
Fix duplicate ID generation of for multiple checkboxes.
2013-12-24 07:02:38 -08:00
mark_story
7e5c0f7185
Merge branch 'master' into 2.5
2013-12-20 14:15:35 -05:00
mark_story
5bddc477a3
Fix incorrectly handled time values around 12:00:00
...
When using 12 hour formats & intervals, values around 12:00 were
incorrecly converted to midnight.
Fixes #2507
2013-12-19 17:36:27 -05:00
mark_story
30e139412d
Fix input type inference when type=>checkbox
...
FormHelper should not infer types when the explicit type is checkbox.
Instead the provided type should be used.
Fixes #2491
2013-12-16 23:26:20 -05:00
euromark
8ebf004450
Also make DOM ids for radio element values unique.
2013-12-04 02:14:08 +01:00
euromark
587a04ab84
prevent possible XSS attack via form helper selects and unescaped output.
2013-12-04 01:51:39 +01:00
euromark
aae0f762dd
Collision free approach to resolve the DOM ID issue in a clean way. Fix to generation of ids for multiple checkboxes. Resolves ticket 4064.
2013-12-04 01:30:57 +01:00
ADmad
dda6080579
Merge branch 'master' into 2.5
2013-11-19 00:27:12 +05:30
mark_story
a07608cbb9
Fix incorrect CSRF token fields when using postLink()
...
Creating a postLink after creating a GET form would result in the
incorrect fields being generated.
Fixes #2308
2013-11-11 21:56:55 -05:00
ADmad
d647fe8a91
Added buffering of form tags generated by FormHelper::postLink()
2013-11-03 23:11:11 +05:30
ADmad
d9ca148499
Merge branch 'master' into 2.5
...
Conflicts:
CONTRIBUTING.md
lib/Cake/Model/Model.php
lib/Cake/VERSION.txt
2013-10-30 02:34:09 +05:30
Bryan Crowe
a943ea5c34
Add space between classname(s)
2013-10-22 22:59:50 -04:00
Bryan Crowe
d39ced8381
Correct 'an URL' to 'a URL' in docblocks
2013-10-22 00:09:34 -04:00
Marc Würth
bf8a13a77c
Added binary type to field type map, defaulting to file input field
...
Refs https://github.com/cakephp/cakephp/issues/2071
2013-10-15 22:25:51 +02:00
Mark Story
ce74153389
Merge pull request #1691 from uzyn/2.5-decimal
...
Add support for decimal type in Schema.
Fixes #3171
2013-10-14 08:36:15 -07:00
Bryan Crowe
c1dd0e4393
Changed url to URL where appropriate
2013-10-07 23:17:58 -04:00
ADmad
aa60b8791a
Fixed setting "required" attribute for file input. Closes #4124
...
In general fixed the issue where enabling SECURE_SKIP for a field
skipped "required" attribute check altogether. Instead now "required"
is set to false for hidden fields by default.
2013-10-04 20:35:38 +05:30
U-Zyn Chua
4806d09d7e
Setting of step for decimal field based on precision.
2013-09-29 22:44:50 +08:00
U-Zyn Chua
091658a752
Decimal support for FormHelper.
2013-09-29 22:40:35 +08:00
euromark
2455af09c5
Resolves ticket #4100
2013-09-25 14:01:35 +02:00
euromark
12f2f729c8
more cs
2013-09-17 14:53:07 +02:00
euromark
382f75dbfc
cs corrections, bool to boolean and int to integer.
2013-09-17 14:44:34 +02:00
mark_story
5ec9b145bf
Fix label element for attributes not matching their inputs.
...
Radio elements would contain ModelModelFieldValue instead of
ModelFieldValue like they should. This was caused by the fix for #3936
and lack of tests for create() + radio().
Fixes #4071
2013-09-16 22:38:28 -04:00
mark_story
3c9500a3cb
Fix whitespace error.
2013-09-05 10:21:24 -04:00
aread22
cb056a5cbe
Use FormHelper->label instead of HtmlHelper->useTag
...
Implementing suggested fix by mark_story
2013-09-04 13:32:36 -04:00
aread22
4ab1c8c225
Format to CakePHP code sniffs
2013-09-01 21:08:17 -04:00
aread22
64bb74a7e8
Potential Fix for LightHouse Ticket #3936
...
I believe I found a fix for this issue. I am here at #CakeFest2013 and during the #HourOfContribution I ran across this issue.
Currently in CakePHP 2.4 on Line 1522 - 1524 you can see the following code:
@@@ php
if ($label) {
$optTitle = $this->Html->useTag('label', $tagName, '', $optTitle);
}
@@@
The $label variable here the is the $label array passed into the input method in Sethathi example above. The problem is that the $label array is completely ignored and instead a label is created using the HtmlHelper->useTag method.
I have what I believe is a fix for this issue but it hasn't been extensively tested. I tested against Sethathi example in the ticket and it produced the correct result.
The fix is simple. We detect if an array is passed in and then send it to the FormHelper label method instead of the HtmlHelper useTag method. The FormHelper label methods accepts an options array, so we pass in the $label array.
This will probably need to be fixed for checkbox also
"ask":https://cakephp.lighthouseapp.com/users/235987 helped me with this fix
2013-09-01 20:56:44 -04:00
mark_story
0f2d59d987
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Network/CakeResponse.php
lib/Cake/TestSuite/CakeTestCase.php
2013-08-18 23:10:08 -04:00
euromark
6cf147e8c8
unify null checks - avoid method call in favor of strict check
2013-08-16 20:12:49 +02:00
Alexander Hofbauer
80e589f19d
Correctly encode confirm handlers
...
With encode set to false the onclick handler will be sent through
h() regardless, making links and postLinks work again.
2013-08-13 10:11:22 +02:00
José Lorenzo Rodríguez
890d4a9e2c
Merge pull request #1478 from aleho/2.4
...
Use a protected method to generate confirm() links
2013-08-11 13:51:29 -07:00
Mark
6c30851783
Merge pull request #1424 from dereuromark/2.4-form-helper-datetime-rounding
...
provide ability for rounding - closes #1986
2013-08-07 10:15:35 -07:00
Alexander Hofbauer
8601e0078a
Implement a Helper method to generate confirm() links
...
This allows for overriding the default behavior of showing
confirm()-dialogs in Html and Form helpers.
2013-08-06 10:04:44 +02:00
ADmad
38b050a711
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Console/Command/ConsoleShell.php
2013-08-04 19:26:55 +05:30
ADmad
61bf8df454
Renaming base url config keys and methods for better uniformity.
2013-08-01 00:44:36 +05:30
ADmad
b22b39f158
Deprecate constants IMAGES_URL, CSS_URL, JS_URL and add corresponding config values instead.
2013-07-31 18:31:26 +05:30
David Gallagher
bce0eb37b4
Don't need to check for empty because Model::validator() returns an interator
2013-07-30 11:09:43 +10:00
David Gallagher
5937685817
Use ModelValidator::count() to count dynamiclly added validation rules
2013-07-26 22:44:59 +10:00
euromark
b412e2cbb1
provide ability for rounding - closes #1986
2013-07-16 15:42:08 +02:00
ADmad
4ded269549
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Controller/Component/Auth/BlowfishAuthenticate.php
lib/Cake/VERSION.txt
2013-07-07 12:22:12 +05:30
Marc Würth
11eeb33644
Some minor CS improvements to FormHelper
...
Replaced use of deprecated method getVar by get.
Improved DocBocks, mostly data types
Removed deprecated DocBock tag because it's an invalid use of such. This makes the method look like it was deprecated but in reality it's only one of the possible values of one of its parameters.
2013-07-06 19:04:06 +02:00
euromark
c989624f80
whitespace coding standards
2013-07-05 14:15:18 +02:00
mark_story
c597855fe4
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Test/Case/Network/CakeRequestTest.php
2013-07-03 14:21:09 -04:00