Commit graph

15897 commits

Author SHA1 Message Date
mark_story
36d8473215 Make check for .. more specific.
A `..` anywhere in the classname is invalid.
2013-07-03 14:19:39 -04:00
Mark Story
726738308e Merge pull request #1396 from dereuromark/master-cs-else-block
coding standards and else block simplification
2013-07-03 11:19:28 -07:00
euromark
f389435bae coding standards and else block simplification 2013-07-03 19:27:17 +02:00
Mark Story
f27d4a8e42 Merge pull request #1395 from dereuromark/master-cs
coding standards and simplification of else cases as well as some fixes
2013-07-02 20:08:04 -07:00
euromark
a90cb29c0f simplify else cases 2013-07-03 01:14:41 +02:00
euromark
7cb19b97db coding standards and simplification of else cases as well as some minor fixes 2013-07-03 00:52:48 +02:00
Jose Lorenzo Rodriguez
58149f2315 Backporting from 2.4 fix for booleans in mysql when running PHP 5.5 2013-07-02 16:51:29 -04:30
Mark Story
868dc2e519 Merge pull request #1394 from ravage84/patch-2
Removed superfluous break
2013-07-02 13:01:55 -07:00
Marc Würth
ff1f80349a Removed superfluous break
In every case of the if clause it will return, so break is not needed.
2013-07-02 21:00:24 +02:00
euromark
c671d8da62 use strict comparison for strings 2013-07-02 11:01:02 +02:00
mark_story
2f57a7fb18 Use simpler and faster code.
substr_compare() is up to 2x slower than just substr(). Use a faster,
more common, and simpler to read variant of the same thing.
2013-07-01 23:06:56 -04:00
mark_story
521c293eb1 Fix coding standards. 2013-07-01 22:56:00 -04:00
Mark Story
9a08aeafcf Merge pull request #1377 from ravage84/fix-for-3318
Trim off webroot/index.php when determining base and url.

Trimming off index.php from url and webroot/index.php from base url allows the correct values to be created when a path contains index.php in it.

Fixes #3318
2013-07-01 19:51:34 -07:00
mark_story
17e4eee73d Hash passwords even when users don't exist.
Not hashing passwords when users don't exist means there is an
opportunity for timing attacks when people use blowfish or other
expensive hashing algorithms.
2013-07-01 21:52:15 -04:00
mark_story
9754789b69 Don't load classnames with .. in their names.
Classnames with . in them are invalid and can be leveraged to load code
outside of an application by traversing directories.
2013-07-01 21:21:20 -04:00
Mark Story
2219991d3b Merge pull request #1386 from nojimage/cakeemail-custom-email-validation
CakeEmail class be able to setting custom email validation rule.
2013-07-01 07:36:34 -07:00
Mark Story
da033cbed7 Merge pull request #1375 from dereuromark/master-cake-email
Move boundary calculation inside _render()
2013-07-01 06:12:24 -07:00
Mark Story
7f194b87d0 Merge pull request #1389 from tersmitten/consistent-usage-of-stop
Made _stop() usage in Consoles / Tasks more consistent
2013-07-01 06:07:40 -07:00
Mischa ter Smitten
dad1f16eaf Made _stop() usage in Consoles / Tasks more consistent 2013-07-01 14:15:54 +02:00
Mark Story
94db8fbed6 Merge pull request #1380 from ceeram/2.4-ext
Set extension with multiple accept based on order in parseExtensions.
2013-06-30 19:42:50 -07:00
Mark
54ca435517 Merge pull request #1388 from ravage84/patch-1
Typo in FormAuthenticate.php
2013-06-30 17:32:14 -07:00
Marc Würth
e84bf65016 Typo in FormAuthenticate.php 2013-07-01 00:03:03 +02:00
nojimage
f6a011215c change emailRegex to emailPattern 2013-07-01 00:03:18 +09:00
Marc Würth
f930a50805 Fix for #3318
Fixes https://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/3318

It seems fixing this in the htaccess file(s) isn't going to work even though a url rewriting based solution was more clean. On the plus side this works for any web server.
If a url is called with "index.php" in it then the CakeRequest swallows this part and fixes the path. Any linked url from the requested page will have a clean url. Thus after following one of these urls this problem is gone anyway.

Some code docblock improvements to CakeRequestTest.php
Added test case for fix
Also now you can call just index.php even if you have url rewriting enabled
2013-06-30 05:38:58 +02:00
mark_story
f09693f6e8 Merge branch 'master' into 2.4 2013-06-29 23:26:26 -04:00
mark_story
1d18a4f702 Fix issue where redirectURLs were not generated correctly.
When the first path segment matches the base path an incorrect URL was
generated. Trimming slashes off makes Router normalize the URL correctly
as the leading / implies that the base is already prepended.

Fixes #3897
2013-06-29 23:26:13 -04:00
mark_story
0d76bfe325 Add an additional test for CakeRequest::referer().
Trying to track down the issue for #3897. This test coverage was
missing, so fix that.
2013-06-29 23:26:13 -04:00
mark_story
cd7d18de68 Update build scripts to fetch new changes.
Prevent future mistakes when creating tags by always fetching the branch
head before bumping version numbers or creating tags.
2013-06-29 23:26:13 -04:00
nojimage
eabea1163f CakeEmail::emailRegex() change to null default value 2013-06-30 00:51:02 +09:00
ADmad
75e7797a26 Allow escaping only attributes of a link and not it's title 2013-06-29 20:51:52 +05:30
euromark
c94fe1b729 also move protected variable resetting into the correct scope 2013-06-29 16:23:55 +02:00
euromark
b346c4af8e Test to proof that render itself should handle the boundary. 2013-06-29 15:16:58 +02:00
nojimage
175280ad79 CakeEmail be able to setting custom email validation rule 2013-06-29 02:55:16 +09:00
nojimage
202b753c63 Add emailRegex property to CakeEmail 2013-06-29 02:44:55 +09:00
Maurits van der Schee
cd71a8439c Add option to send email attachment from string (not only from file).
I would be very pleased if this option would be available in some
future version. Thank you.
2013-06-28 02:12:28 +02:00
Mark Story
b73f927787 Merge pull request #1381 from ravage84/patch-1
Annotated testReconnect
2013-06-27 14:59:29 -07:00
Mark Story
616ca3813b Merge pull request #1382 from ravage84/dbosource
Fixed @return statement in DboSource::disconnect
2013-06-27 14:59:11 -07:00
Marc Würth
aabeaada0f Fixed @return statement in DboSource::disconnect 2013-06-27 17:38:46 +02:00
Marc Würth
9591f55394 Annotated testReconnect 2013-06-27 17:15:56 +02:00
Mark Story
6fdbdf508f Merge pull request #1368 from planardothum/url-conformance
Url conformance
2013-06-27 06:31:42 -07:00
Ceeram
6a0185d7e6 Set extension with multiple accept based on order in parseExtensions, currently with multiple accepted types, no extension is set at all 2013-06-27 14:34:00 +02:00
Mark Story
4442a2a256 Merge pull request #1379 from ravage84/datasource-api-link
Added a related cookbook link to DataSource.php
2013-06-26 13:24:16 -07:00
Marc Würth
070a6f0ad5 Added a related cookbook link to DataSource.php 2013-06-26 22:07:52 +02:00
euromark
0ca1ba3211 allow callbacks to modify attachements by moving the decision to calculate boundary value into the correct position inside _render() 2013-06-26 02:20:31 +02:00
Mark Story
e1c7b4806b Merge pull request #1376 from ravage84/https-links
Changed http links to lighthouse, groups.google and github to https
2013-06-25 14:55:00 -07:00
Marc Würth
2609016dfe Changed http links to lighthouse, groups.google and github to https
Because they get redirected anyway and we should follow good practices.
Also in many cases similar URLs were already using https
2013-06-25 22:58:30 +02:00
euromark
ee5e8c95dd fix issue with FormHelper and undefined variable and extract 2013-06-25 12:11:10 +02:00
euromark
290c343a74 tests to disprove that input date and partial dateFormat does not work 2013-06-25 11:54:29 +02:00
Juan Basso
19c94d0211 Fixed default datestyle for postgres tests 2013-06-25 00:15:03 -04:00
Juan Basso
accc98f55d Resetting the datestyle to not affect other tests 2013-06-24 23:36:40 -04:00