ADmad
d161b21ae1
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Controller/Component/AuthComponent.php
2013-07-14 10:58:55 +05:30
mark_story
d40c7376ce
Rebalance where URL normalization happens in AuthComponent.
...
Make URL's not include the base path when storing them in the session.
This makes future redirection simpler. When URL's are an array use
Router::url() on them.
Fixes #3916
2013-07-12 21:54:22 -04:00
mark_story
8133f72b53
Update AuthComponent to not strip when normalizing URLs.
...
Revert most of the changes done to fix #3897 originally and try
a different strategy of solving the base path issues and not breaking
apps running in a subdirectory.
Fixes #3916
2013-07-12 21:17:25 -04:00
ADmad
4ded269549
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Controller/Component/Auth/BlowfishAuthenticate.php
lib/Cake/VERSION.txt
2013-07-07 12:22:12 +05:30
Marc Würth
a397f034e6
Some love for a deprecated class
...
Whitespace and wording.
Optionally we could include a version number until when this class will work. I assumed this will be 3.0...
http://www.phpdoc.org/docs/latest/for-users/phpdoc/tags/deprecated.html
I treid that but after I let apigen generate the doc and I saw it did nothing special about it ;-/
2013-07-06 19:50:26 +02:00
euromark
af455b4121
correct return types in doc blocks
2013-07-05 17:19:22 +02:00
euromark
e7f380d2b7
doublespace to single space
2013-07-05 14:36:40 +02:00
euromark
c989624f80
whitespace coding standards
2013-07-05 14:15:18 +02:00
mark_story
22a198a8ba
Merge branch 'master' into 2.4
2013-07-04 21:40:51 -04:00
euromark
f680c763b2
ticket-3902 - paginator and display of order via model default order
2013-07-04 13:07:14 +02:00
José Lorenzo Rodríguez
9c4775a220
Merge pull request #1393 from markstory/constant-time-login
...
Hash passwords even when users don't exist.
2013-07-03 13:49:03 -07:00
mark_story
c597855fe4
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Test/Case/Network/CakeRequestTest.php
2013-07-03 14:21:09 -04:00
euromark
f389435bae
coding standards and else block simplification
2013-07-03 19:27:17 +02:00
euromark
7cb19b97db
coding standards and simplification of else cases as well as some minor fixes
2013-07-03 00:52:48 +02:00
mark_story
17e4eee73d
Hash passwords even when users don't exist.
...
Not hashing passwords when users don't exist means there is an
opportunity for timing attacks when people use blowfish or other
expensive hashing algorithms.
2013-07-01 21:52:15 -04:00
Mark Story
94db8fbed6
Merge pull request #1380 from ceeram/2.4-ext
...
Set extension with multiple accept based on order in parseExtensions.
2013-06-30 19:42:50 -07:00
Marc Würth
e84bf65016
Typo in FormAuthenticate.php
2013-07-01 00:03:03 +02:00
mark_story
f09693f6e8
Merge branch 'master' into 2.4
2013-06-29 23:26:26 -04:00
mark_story
1d18a4f702
Fix issue where redirectURLs were not generated correctly.
...
When the first path segment matches the base path an incorrect URL was
generated. Trimming slashes off makes Router normalize the URL correctly
as the leading / implies that the base is already prepended.
Fixes #3897
2013-06-29 23:26:13 -04:00
Ceeram
6a0185d7e6
Set extension with multiple accept based on order in parseExtensions, currently with multiple accepted types, no extension is set at all
2013-06-27 14:34:00 +02:00
mark_story
dcf7df39d2
Merge branch 'master' into 2.4
2013-06-21 17:47:37 -04:00
Marc Würth
2418ea0a57
Fixed typo in AuthComponent::redirectUrl
2013-06-21 16:49:31 +02:00
Rachman Chavik
0d486bdab4
AuthComponent: Allow suppressing authError message
...
When unauthenticated users accesses protected areas, they are greeted
with the default 'You are not allowed to access that location' which is
not desired in some cases.
This patch allows applications to suppress this message by setting
AuthComponent::authError to false bypassing the call to
SessionComponent::setFlash() altogether.
Refs: https://github.com/croogo/croogo/pull/175#discussion_r4714240
2013-06-17 09:33:59 +07:00
mark_story
cd3c54bb9d
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/VERSION.txt
2013-06-10 22:12:10 -04:00
euromark
4518624187
more whitespace coding standard corrections
2013-06-09 17:39:48 +02:00
ADmad
636cc8c103
Merge branch 'master' into 2.4
2013-06-09 18:08:32 +05:30
mark_story
3aa189eb3a
Fix cookie expiry time calculation on 32bit systems.
...
strtotime() misbehaves on 32bit systems when the resulting timestamp
would overflow an integer. Use a DateTime to workaround this issue.
Fixes #3868
2013-06-03 20:16:18 -04:00
ADmad
f3c69c9f40
docblock updates
2013-06-03 01:04:00 +05:30
ADmad
3303a2cda1
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Console/Templates/skel/Config/Schema/db_acl.php
lib/Cake/Console/Templates/skel/Config/Schema/i18n.php
lib/Cake/Console/Templates/skel/Config/Schema/sessions.php
lib/Cake/Console/Templates/skel/Config/acl.ini.php
lib/Cake/Console/Templates/skel/Config/acl.php
lib/Cake/Console/Templates/skel/Config/bootstrap.php
lib/Cake/Console/Templates/skel/Config/core.php
lib/Cake/Console/Templates/skel/Config/database.php.default
lib/Cake/Console/Templates/skel/Config/email.php.default
lib/Cake/Console/Templates/skel/Config/routes.php
lib/Cake/Console/Templates/skel/Console/Command/AppShell.php
lib/Cake/Console/Templates/skel/Console/cake.bat
lib/Cake/Console/Templates/skel/Console/cake.php
lib/Cake/Console/Templates/skel/Controller/AppController.php
lib/Cake/Console/Templates/skel/Controller/PagesController.php
lib/Cake/Console/Templates/skel/Model/AppModel.php
lib/Cake/Console/Templates/skel/View/Errors/error400.ctp
lib/Cake/Console/Templates/skel/View/Errors/error500.ctp
lib/Cake/Console/Templates/skel/View/Helper/AppHelper.php
lib/Cake/Console/Templates/skel/View/Layouts/Emails/html/default.ctp
lib/Cake/Console/Templates/skel/View/Layouts/ajax.ctp
lib/Cake/Console/Templates/skel/View/Layouts/default.ctp
lib/Cake/Console/Templates/skel/View/Layouts/error.ctp
lib/Cake/Console/Templates/skel/View/Layouts/flash.ctp
lib/Cake/Console/Templates/skel/View/Pages/home.ctp
lib/Cake/Console/Templates/skel/index.php
lib/Cake/Console/Templates/skel/webroot/index.php
lib/Cake/Console/Templates/skel/webroot/test.php
2013-06-02 18:03:59 +05:30
Marc Würth
4c9f0414cb
Improved the DocBlocks and other code cleanup
...
Fixed @license tag, url comes first
Whitespace and other minor code cleanup
Added some docblocks
2013-05-31 00:11:19 +02:00
ADmad
00f972f033
Deprecated AuthComponent::password()
2013-05-27 00:25:42 +05:30
ADmad
56fa0dccda
Remove unnecessary overriding of '_findUser()' in 'DigestAuthenticate'.
2013-05-26 12:31:40 +05:30
ADmad
dd2892ad8d
Added password hasher
2013-05-26 11:29:06 +05:30
ADmad
36c592e72e
Merge branch 'master' into 2.4
2013-05-26 11:23:53 +05:30
Rachman Chavik
a63b54c34b
Fix: Incorrect model being used as Controller::$modelClass
...
We cannot be sure that Controller::$uses have not been iterated, so
reset the array to use the first value.
2013-05-24 17:50:43 +07:00
ADmad
fb86859585
Merge branch 'master' into 2.4
2013-05-19 14:37:41 +05:30
mark_story
e23c4ffad9
Fix empty response bodies when redirect URL's are empty.
...
When redirecting XHR requests to an empty URL the response body should
not be overwritten.
Fixes #3835
2013-05-17 16:33:08 -04:00
mark_story
72b75660e5
Merge branch 'master' into 2.4
2013-05-16 21:31:27 -04:00
euromark
0822578813
$this->modelClass needs to be correct prior to the components init() call if the component itself accesses the model, lazyloading would try to load the wrong model otherwise
2013-05-14 10:17:57 +02:00
ADmad
a10275fb8b
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Test/Case/Model/Datasource/Database/PostgresTest.php
2013-05-05 14:36:46 +05:30
mark_story
4f179b01bd
Make note of method removal.
2013-05-04 15:03:04 -04:00
mark_story
2096d3f632
Clamp limit values to be unsigned integers.
...
This solves large page numbers potentially turning into scientific
notation when being formatted into queries. It also further safeguards
against SQL manipulation.
Refs #GH-1263
2013-05-02 22:36:50 -04:00
mark_story
37ce6dfc81
Only allow sort fields that match the current object alias.
...
Instead of modifying aliases that do not match, only allow aliases that
do match.
Refs #3803
2013-04-30 12:41:42 -04:00
euromark
09d9efe235
spelling corrections (a url to an URL, unify URL)
2013-04-29 11:05:17 +02:00
mark_story
62186ac8da
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/VERSION.txt
2013-04-28 17:00:30 -04:00
mark_story
c327bdc4bd
Enforce model aliases when generating order by clauses.
...
Invalid SQL could be created by sorting on an invalid alias, with
a field that exists on the model.
Fixes #3797
2013-04-27 13:29:29 -04:00
ADmad
19f8274a95
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/VERSION.txt
2013-04-25 03:06:04 +05:30
Jose Lorenzo Rodriguez
db6dd18f86
Fixing case where it was possible to pass array data to FormAuthenticate
...
fields
2013-04-24 22:33:24 +02:00
ADmad
3db632732c
Avoid unnecessary overhead if user record already available from session.
2013-04-23 01:35:04 +05:30
ADmad
06a5c509c0
Merge branch 'master' into 2.4
2013-04-21 19:15:55 +05:30
mark_story
efd86a498a
Do type checks when looking for models in Controller::$uses.
...
This solves issues with models not being added when $uses = true.
Fixes #3774
2013-04-19 12:20:46 -04:00
mark_story
3fc627c5f8
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Controller/Component/AuthComponent.php
lib/Cake/Error/ErrorHandler.php
lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
lib/Cake/View/Helper/HtmlHelper.php
2013-03-30 22:12:27 -04:00
ADmad
342bf65811
Ensure referrer is saved in session even when AuthComponent::$loginRedirect is set.
...
Clarified redirectUrl() docblock.
2013-03-27 15:11:02 +05:30
Ceeram
89ecd95e55
fix failing tests
2013-03-18 18:47:05 +01:00
Ceeram
b28ea65b24
stop execution when unauthenticated, to prevent the page to show when canceling auth popup
2013-03-18 15:41:34 +01:00
ADmad
8e299fc404
Move 'Auth.redirect' session value clearing from AuthComponent::shutdown() to prevent unnecessary session start.
...
Closes #3702
2013-03-14 12:42:21 +05:30
ADmad
b7834a2b16
Implemented stateless login for Auth
2013-03-10 00:11:35 +05:30
mark_story
8209097bc3
Merge branch 'master' into 2.4
2013-03-09 12:40:59 -05:00
Adam Taylor
433dd09ec4
Fix typos
2013-03-05 00:05:14 -07:00
mark_story
4b13e0a5f2
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/VERSION.txt
2013-03-04 21:55:29 -05:00
mark_story
d9fbe5e00a
Tidy up doc blocks.
...
These kind of changes make tidyier method summaries in apigen.
2013-02-26 21:43:53 -05:00
mark_story
d1c88ebf8a
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Log/Engine/FileLog.php
lib/Cake/Utility/Validation.php
lib/Cake/View/Helper/HtmlHelper.php
2013-02-24 20:24:26 -05:00
euromark
111366d5c8
== to === and != to !== where applicable
2013-02-12 03:38:08 +01:00
ADmad
49157d83ae
Breaking down AuthComponent::startup() into multiple methods for easier management and extension.
2013-02-10 13:49:07 +05:30
ADmad
a7c751922d
Replace loose comparison with casting to boolean.
...
In any case AuthComponent::user() returns null not empty array when user isn't logged in.
2013-02-10 12:16:20 +05:30
mark_story
fee6172958
Update docs for SecurityComponent::requireAuth()
2013-02-09 14:06:24 -05:00
mark_story
e4110b1e01
Deprecate features in SecurityComponent
...
These features are available in CakeRequest now. The CakeRequest
version is improved as it raises more appropriate exceptions.
2013-02-09 13:57:55 -05:00
ADmad
a9bbfd80c7
Added type hinting
2013-02-09 18:09:11 +05:30
Graham Weldon
66d856d883
Added extra line for referencing license file for copyright
2013-02-08 21:22:51 +09:00
Graham Weldon
7b860debe4
This commit is dedicated to Mark Story, who has put in much dedicated time and effort into CakePHP over the years.
...
I just wanted to ruin his evening, because this change needs to be merged into CakePHP 3.0.
2013-02-08 20:59:49 +09:00
mark_story
00078e007c
Import ClassRegistry before using.
...
Fixes #3594
2013-02-01 10:46:25 -05:00
Mark Story
7a184708fc
Merge pull request #1086 from burzum/refactor/controller-render
...
Refactoring the Controller::render method
Create Controller::_getViewObject() which is responsible for creating
the view instance. This gives an easier way to override view construction.
2013-01-27 17:49:29 -08:00
ADmad
04ec9dd614
Renamed AuthComponent::redirect() to AuthComponent::redirectUrl().
...
Closes #3268
2013-01-27 21:22:11 +05:30
mark_story
4af6039107
Merge branch 'master' into 2.3
...
Conflicts:
lib/Cake/Console/Command/Task/ModelTask.php
lib/Cake/Model/Model.php
2013-01-26 21:16:26 -05:00
Florian Krämer
d269b28ece
Changing the doc block of Controller::_getViewObject()
2013-01-25 12:45:08 +01:00
Florian Krämer
d242081067
Fixing typo in Controller::_getViewObject doc block and changing the view class comparison from != to !==
2013-01-25 11:30:04 +01:00
Florian Krämer
8d9acd9a8a
Renaming Controller::_view() to Controller::_getViewObject()
2013-01-25 10:30:06 +01:00
Florian Krämer
bb91bebc4d
Fixing a code formatting mistake in Controller::render()
2013-01-24 22:01:25 +01:00
Florian Krämer
f9d27b6291
Refactoring the Controller::render method, moved the part that constructs the view instance into Controller::_view() for easier overloading this part and better modularization
2013-01-24 18:38:39 +01:00
mark_story
631da2d04a
Update doc block.
2013-01-18 11:05:02 -05:00
ADmad
676872d623
Allow AuthComponent::$unauthorizedRedirect to be an url.
...
Closes #3494
2013-01-12 11:25:13 +05:30
Mark Story
e7330fa585
Merge pull request #1067 from ceeram/paginatecount
...
Avoid calling paginateCount when there are no results.
2013-01-11 18:09:32 -08:00
euromark
11a88042bd
fix doc block endings
2013-01-11 15:06:54 +01:00
Ceeram
88240b2874
avoid paginate count when no results
2013-01-10 16:39:07 +01:00
mark_story
4c98e39c1f
Merge branch 'master' into 2.3
...
Conflicts:
lib/Cake/Controller/Component/SecurityComponent.php
2012-12-29 11:44:59 -05:00
mark_story
1117ad2f1c
Blackhole requests when the action is the blackhole callback.
...
When a user requests the blackhole callback as an action we should
blackhole that request. The blackhole callback should not be URL
accessible.
Fixes #3496
2012-12-29 11:43:06 -05:00
Majna
6d75d90c25
Code cleanup
...
Remove unneeded sprintf.
Fix doc blocks.
Remove duplicated keys in tests assertions.
Use boolean value for CakeRequest $parseEnvironment param.
2012-12-28 23:37:58 +01:00
José Lorenzo Rodríguez
5551727a4b
Merge pull request #1051 from ADmad/2.3-paginatorcomponent
...
Throw exception if requested page number is out of range.
2012-12-28 05:52:55 -08:00
ADmad
594a19c4e1
Fix docblock
2012-12-28 02:02:05 +05:30
ADmad
fd16b8a1e5
Throw exception if requested page number is out of range.
...
Closes #3459
2012-12-28 01:37:25 +05:30
Ceeram
3f4d24bfc0
remove unused local variables and a few improvements
2012-12-23 13:53:13 +01:00
euromark
b811afbc44
double spaces to single ones
2012-12-22 23:48:15 +01:00
euromark
2b1e5b02b5
code cleanup
2012-12-21 00:40:12 +01:00
mark_story
8b0a7ee13d
Merge branch 'master' into 2.3
...
Conflicts:
lib/Cake/VERSION.txt
2012-12-07 20:53:10 -05:00
euromark
881127ef4d
unify new lines at the end of the file
2012-12-05 15:00:24 +01:00
ADmad
06c3f01af6
Fix docblock
2012-12-04 03:18:35 +05:30
ADmad
1de8ed18de
Avoiding specifying 'maxLimit' too when setting 'limit' greater than default 'maxLimit' in code.
2012-11-30 11:26:10 +05:30
mark_story
35d67bf4a8
Merge branch 'master' into 2.3
2012-11-28 21:00:30 -05:00
ADmad
72d6ca636f
Docblock fixes
2012-11-29 04:36:29 +05:30
mark_story
966c69cb98
Fix missing plugin parameters in scaffolding.
...
Add missing plugin parameter to scaffolded associations.
This improves link generation and correctness overall.
Fixes #3396
2012-11-27 21:59:06 -05:00