Commit graph

8620 commits

Author SHA1 Message Date
mark_story
c6c3295c5c Making default bake templates escape HTML. Fixes #1186 2010-10-24 19:34:57 -04:00
mark_story
eb3cc3db3a Making default scaffold views html escape contents. Refs #1186 2010-10-24 19:30:22 -04:00
mark_story
bf7b8b0e93 Fixing issues with RssHelper and updating tests to reflect changes in how Xml::build() differs from previous versions' Xml. 2010-10-23 13:11:50 -04:00
mark_story
3e2d09a802 Making h() preserve keys when escaping an array. 2010-10-23 12:18:39 -04:00
mark_story
7aaf7e6b68 Fixing issue where Xml would not read CDATA blocks. 2010-10-23 11:01:13 -04:00
Juan Basso
d771239104 Fixed support to save XML data in Models. 2010-10-17 22:47:43 -02:00
Juan Basso
b2035a5c96 Fixing tests that failing in Set because merge of Xml class. 2010-10-17 18:40:33 -02:00
mark_story
517c8949f9 Merge branch '2.0' of github.com:cakephp/cakephp into 2.0 2010-10-13 23:17:50 -04:00
mark_story
0c070f7131 Fixing tests that were failing due to SimpleTest being less sensitive to types than PHPUnit.
Fixing tests that were failing due to XmlHelper being removed in 2.0.
2010-10-13 23:09:55 -04:00
mark_story
f19e3d501c Merge branch '1.3' into integration
Conflicts:
	cake/libs/model/cake_schema.php
	cake/libs/model/datasources/dbo_source.php
	cake/libs/model/model.php
	cake/libs/view/helpers/form.php
	cake/libs/view/view.php
	cake/libs/xml.php
	cake/tests/cases/libs/model/model_delete.test.php
	cake/tests/cases/libs/view/view.test.php
	cake/tests/cases/libs/xml.test.php
2010-10-13 22:30:40 -04:00
mark_story
6529e0e2b4 Making optiongroup elements follow the escape parameter.
Tests added.
Fixes #1191
2010-10-13 21:59:53 -04:00
mark_story
3f2109f3c3 Applying patch from 'dragonfly' to fix issue where FormHelper would always append an argument even if one was supplied.
Test Added
Fixes #1155
2010-10-13 21:36:05 -04:00
Jeremy Harris
692aafbf42 Merge remote branch 'upstream/2.0' into 2.0 2010-10-11 20:12:24 -07:00
mark_story
a0a84d1a8d Changing pattern used to read digest auth data. Allows emails to be used as usernames.
This also adds the realm to the return value of SecurityComponent::parseDigestAuth().  Fixes #1181
2010-10-11 22:35:47 -04:00
Jeremy Harris
137c4f7295 Added backwards compatibility to h()'s second param 2010-10-11 19:26:41 -07:00
mark_story
d56416456c Applying patch from 'Justas Butkus' to DboSource
Fixes issues where reconnect could issue warnings related to
array_merge.  Fixes #1182
2010-10-11 21:52:10 -04:00
Jeremy Harris
b58899cf04 Added 'double' option to Santize::html() to pass double_encode parameter to htmlentities() 2010-10-11 18:25:11 -07:00
Jeremy Harris
c686362de8 Added double_encode paramater to h() 2010-10-11 18:23:05 -07:00
Juan Basso
c95c808f88 Merge with 2.0-xml 2010-10-10 23:21:56 -03:00
ADmad
62161203f2 Fixed issue where FormHelper::radio() and FormHelper::select() with option "multiple"=>"checkbox" would generate tag with invalid "id" attribute if a value was non alphanumeric 2010-10-10 23:16:48 +05:30
Phally
0d86302404 Fixed issue with Set::extract() where conditions containing a space and a slash would fail. Fixes #1185
Signed-off-by: mark_story <mark@mark-story.com>
2010-10-08 23:28:23 -04:00
Phally
0e5613f63d Fixed Set::extract() where single numeric keys (everything not 0) were skipped. Fixes #1175
Signed-off-by: mark_story <mark@mark-story.com>
2010-10-07 20:33:31 -04:00
José Lorenzo Rodríguez
5c025d0a18 More testing over the MediaView class 2010-10-03 23:30:47 -04:30
José Lorenzo Rodríguez
9daab17374 Improving test case for MediaView class 2010-10-03 23:30:02 -04:30
José Lorenzo Rodríguez
018def81f4 Cleaning up the MediaView class 2010-10-03 23:27:22 -04:30
José Lorenzo Rodríguez
a611fd0e6c Merge branch '2.0' of github.com:cakephp/cakephp into 2.0 2010-10-03 19:36:24 -04:30
José Lorenzo Rodríguez
bdade0fe08 Adding the ability to compress the response sent from the MeviaView class 2010-10-03 19:35:48 -04:30
José Lorenzo Rodríguez
cf48ee7ed5 Refactoring MediaView to fully use the response object
Improved the way cache headers are sent for delivered files, now it is possible to set cache for files marked for download
2010-10-03 19:34:37 -04:30
José Lorenzo Rodríguez
bf22928b6a Improving the CakeResponse::cache() method 2010-10-03 19:27:08 -04:30
José Lorenzo Rodríguez
d117300518 Improving feedback for developer in case media view does not find the specified file 2010-10-03 19:05:23 -04:30
José Lorenzo Rodríguez
0ba5023f3a Updating testcase and fixing small bug in last commit 2010-10-03 16:48:07 -04:30
José Lorenzo Rodríguez
6f5ce8a81d Refactoring media view to start using the response object, improving CakeResponse::cache() 2010-10-03 16:40:54 -04:30
mark_story
f847080cbf Changing more php version strings. 2010-10-03 12:46:03 -04:00
mark_story
3ab77017ae Fixing OpenTest license mentions to use MIT License
Fixing PHP versions 4 and 5 to only be PHP5.
2010-10-03 12:31:21 -04:00
mark_story
b908365f9d Changing the @license tag on test files, as tests can now be MIT like
the rest of CakePHP.
2010-10-03 12:27:27 -04:00
mark_story
6cabfcec5b Removing dead tests from SessionHelper test case. 2010-10-03 12:15:01 -04:00
mark_story
36737e6419 Adding documentation for new xml options. Adding a default setting to fix all the E_NOTICE errors triggered in [503b7cf5d7]
Fixes #284
2010-10-02 19:20:43 -04:00
teknoid
503b7cf5d7 Adding slug option to avoid auto-slug of tags. Test included. Addresses #284
Signed-off-by: mark_story <mark@mark-story.com>
2010-10-02 19:16:07 -04:00
mark_story
d83c51cde9 Fixing expiration conditions on CSRF tokens. 2010-10-02 18:27:39 -04:00
mark_story
7f7c202f35 Removing old CSRF token validation checks.
Removing failing test because the feature moved.
Adding tests for expired and wrong keys.
2010-10-02 17:16:40 -04:00
mark_story
ac90916b84 Adding some documentation about token consumption. 2010-10-02 00:22:44 -04:00
mark_story
a10f1478ee Adding support for nonce expiry.
Adding simple time based nonce expiration. This does a simple cleanup on
each request, to remove stale tokens.  Tests added.
2010-10-02 00:20:58 -04:00
mark_story
5c27abd35f Applying patch from 'hashmich' to make jQueryEngine not override the success callback. This allows you to provide a success callback and still get the html insertion when used with the update key.
Tests updated.
Fixes #1158
2010-10-01 22:43:46 -04:00
mark_story
711e736cd3 Adding very minimal and incomplete implementation of csrf consumption.
Tests added for consuming csrf tokens on each request.
2010-10-01 00:13:34 -04:00
mark_story
5e26d282a1 Fixing connection specific schema generation
Fixing missing table errors when reading schema for specific connections.
Tests updated to check that tables not on a connection are never touched.  Fixes #1106
2010-09-30 23:22:57 -04:00
mark_story
d83907a77d Changing order of conditions, to put cheaper ones first.
Also fixes issues on safe_mode servers.
Fixes #1164
2010-09-30 23:03:23 -04:00
mark_story
dc6b33f80e Making tokens persist across 'requests'.
Removing more serialize/unserialize calls.
2010-09-30 00:26:44 -04:00
mark_story
f5ed91137a Adding csrfCheck related properties.
nonces are now being populated into the session.
2010-09-30 00:18:25 -04:00
mark_story
b088daf045 Adding tests for csrf feature separation.
Removing serialize() calls as they didn't really add anything.
2010-09-30 00:06:38 -04:00
mark_story
c573fd0432 Fixing issue where a beforeDelete() could trigger a table truncation.
Moving the exists check below beforeDelete() and behavior->beforeDelete() so any records deleted in the callbacks will not exist when db->delete() is called.  Test updated. Fixes #250
2010-09-29 23:31:41 -04:00