Commit graph

120 commits

Author SHA1 Message Date
DarkAngelBGE
2deb6f3828 fixing possible notices in SecurityComponent::__validatePost, closes #5232
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@7545 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-09-02 04:04:49 +00:00
mark_story
c58e58a491 Adding tests for secured forms. Fixes the issues related to checkboxes in multi row forms.
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@7533 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-08-29 03:11:35 +00:00
TommyO
b6e9888753 Replaced all instances of ife() in /cake
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@7387 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-07-30 20:34:01 +00:00
phpnut
30a49a39e4 Fixes #5016, Security->disabledFields not working properly. Empty value arrays needed to be unset
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@7314 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-07-05 10:10:19 +00:00
nate
42da5aba81 Moving Cake folder to correct location
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@7063 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-05-30 11:40:08 +00:00
DarkAngelBGE
e6e0d852a2 deleting cake folder from svn
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@7061 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-05-30 10:59:16 +00:00
DarkAngelBGE
45bccc5215 optimization refs #3415
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6970 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-05-19 20:36:39 +00:00
DarkAngelBGE
4b91712791 bringing security component up to 84% coverage,
internationalizing trigger_error for security lib

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6835 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-05-13 06:27:43 +00:00
nate
296e8989ba Adding GET/PUT/DELETE method checks to Security component, refactoring adding tests, closes #4231. Thanks joelmoss.
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6703 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-19 19:25:49 +00:00
mariano.iglesias
ab3b90503f Fixing issue in Security component with modeless field names, fixes #4454. Thanks vuego for the test and patch!
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6685 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-17 22:51:40 +00:00
phpnut
d14b50fc92 "References #4394, additional fixes to multi record forms.
Added additional test cases"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6629 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-03 06:48:56 +00:00
phpnut
5d59938121 "Correcting code block"
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6628 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-03 02:33:41 +00:00
phpnut
f2941a660e "References #4239 Added test from ticket to showing ticket is invalid.
Fixes #4394, fails when the hasMany multi-record form contains hidden fields.
"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6627 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-03 02:29:17 +00:00
phpnut
c5f06674fa "Fixes #4394, SecurityComponent::!__validatePost fails on hasMany multi-record form.
"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6618 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-04-02 06:08:55 +00:00
phpnut
ecfd70052d "Fixes #4353, SecurityComponent's requireLogin not working if URL spelled different than defined action name
Was not able to reproduce this on local system running php 5, more then likely this is a php 4 issue and not php 5 like ticket suggests.
"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6588 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-03-17 02:28:04 +00:00
phpnut
5374807164 "Fixes #3846, Security blackhole when no radio selected
Fixes #3920, Multiple select w/ checkboxes issues warning when all are unselected
Fixes #3962, validation POST never pass when select multiple is submit
"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6546 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-03-10 00:25:59 +00:00
phpnut
aa32649c02 "Closes #2608, CSRF usability problems
Closes #3436, Security Component and multiple instances of the webapp"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6301 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-01-02 00:38:35 +00:00
phpnut
cb53dc61b0 "Closes #2897, Built-in file validation.
Implemented Validation::extension(); and Vaidation::range();
Updated copyright notices in all files"

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6296 3807eeeb-6ff5-0310-8944-8be069107fe0
2008-01-01 22:18:17 +00:00
phpnut
0644112ca9 "Closes #3560, edit form use PUT so SecurityComponent::validatePost() don't call on submit"
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6259 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-12-25 10:49:29 +00:00
phpnut
8a2b51c3ec "Removing all shortcut function usage from the core"
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6128 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-12-08 06:08:03 +00:00
nate
43ed8db5ea Cleaning up test cases
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5946 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-11-04 18:57:23 +00:00
mariano.iglesias
cd4ae338cc Adding documentation for RequestHandlerComponent, SecurityComponent, and SessionComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5870 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-22 21:22:35 +00:00
mariano.iglesias
897825d596 Adding documentation to classes belonging to Cake console.
Standarizing on datatypes used in phpdocblocs and removing unneeded @return types

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5851 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-22 05:52:20 +00:00
phpnut
1aa1164b1d Closes #3394, applied test patch
Deprecated define('MAX_MD5SIZE', (5 * 1024) * 1024); in core.php
Removing additional defines in core.php, replaced with Configure::write();
Added CakeSession::__startSession() to check for sent headers before attempting to start the session.
Added notices to Configure::__loadBootstrap() that will be removed before stable release.
Refactored Folder::tree().
Added additional FolderTest cases

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5768 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-16 09:05:25 +00:00
nate
61c06ae94a Refactoring AuthComponent and implementing digest authentication in SecurityComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5745 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-09 21:00:32 +00:00
phpnut
348e31530a Fixing blackHole when form has more than one model with check boxes
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5742 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-09 18:47:32 +00:00
phpnut
8a90658771 Fixed undefined notice caused in [5739]
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5740 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-09 18:06:10 +00:00
phpnut
2806a2fb61 Fixing multiple checkboxes causing blackHole of forms
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5739 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-09 18:02:17 +00:00
phpnut
47e8b36c92 Adding fix for hidden fields causing blackHole on forms when using SecurityComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5720 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-04 18:27:35 +00:00
phpnut
34a88741bf Fixing sorting of fields used in a form when using the SecurityComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5696 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-09-27 00:38:03 +00:00
phpnut
15e943fff8 Fixes #3164, removed use of uniqid() replaced with String::uuid()
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5683 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-09-21 01:57:27 +00:00
phpnut
3a4b960520 Fixes #2966, soring of fields corrected
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5661 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-09-16 20:09:09 +00:00
phpnut
549d86ac23 Refactoring dispatcher.
Added test for changes to Dispatcher.
Updating Model::_ _saveMulti(), moved the insert statement to DboSource::insertMulti() this will allow database that do not support multiple inserts in one statement to save data.


git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5460 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-07-25 04:38:28 +00:00
nate
8f69b6f551 Moving SecurityComponent constructor code to initialize()
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5451 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-07-22 21:21:08 +00:00
phpnut
82ba2fa716 Fixing bug when using Security component and a form has a hidden field, similar to those use by FormHelper::checkbox()
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5333 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-22 06:19:19 +00:00
phpnut
dac1bd0913 Correcting code structure to standards
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5315 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-20 07:51:52 +00:00
phpnut
23dfd90b29 Correcting code structure to standards
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5313 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-20 06:15:35 +00:00
phpnut
902c6fa173 Adding fix for Ticket #2773, fixes Security Component requireAuth
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5306 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-20 03:10:15 +00:00
phpnut
32c092ecff Adding fix for Ticket #2798, fixes Hidden field causes undefined Index warning in Security Component
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5305 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-20 02:42:17 +00:00
phpnut
3ed6780ac4 Adding fix for #2648, fixes issue with token not being regenerated
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5251 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-06 17:28:32 +00:00
phpnut
52680ffcd3 Adding fix for FormHelper::checkbox() not creating the hidden fields.
Corrected errors when multiple hidden fields used in a form.
Fixed SecurityComponent::_ _validatePost() that would invalidate a form when checkboxes used.


git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5238 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-06-04 06:11:48 +00:00
phpnut
552d723bad Adding fix to SecurityComponent::_ _validatePost()
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5150 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-21 20:20:55 +00:00
phpnut
7fb6896ab6 Adding fix for #2611, fixes App crashes when using requestAction with Security Component enabled
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5143 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-21 04:34:37 +00:00
phpnut
8be685504e Adding ability to disable specific form data fields from being added to the validation key.
Example of using this would be javascript that changes hidden fields, adding additional fields added using javascript, etc.
This is set in a Controller::beforeFilter().
Example usage:
{{{
$this->Security->disabledFields = array('fieldname', 'additional fields');
$this->Security->disabledFields = array('Model.fieldname', 'OtherModel.fieldname');
}}}

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4978 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-02 02:31:06 +00:00
phpnut
874f06a165 Adding fix for forms that pass an empty value for a hidden field
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4976 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 17:42:09 +00:00
phpnut
7982208113 Reverting changes in last commit
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4975 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 15:17:27 +00:00
nate
154e3ccbb1 Refactoring FormHelper token generation
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4974 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 15:03:35 +00:00
phpnut
29511659a2 Refactoring SecurityComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4972 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 13:09:35 +00:00
phpnut
3f86d27fd7 Fixing typo
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4971 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 10:36:27 +00:00
phpnut
d1701327f8 Adding hidden field values to hash. This will prevent altering of hidden fields in a form when using the FormHelper and adding the var $components = array('Security'); to a controller or the AppController to use by all child controllers
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4969 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 10:13:01 +00:00
phpnut
57023720e6 Adding form security enhancements.
Forcing checking of Session form token if security component is used.
Enhancement will not allow a form to be submitted if the fields in the form created with the FormHelper do not match the fields in the submitted form.

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4968 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-05-01 08:56:02 +00:00
nate
bb8c52dac0 Fixing display of core error messages
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4877 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-04-18 16:39:11 +00:00
nate
994cfd3c89 Fixing token key regeneration on requestAction calls (Ticket #2282)
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4682 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-03-26 18:13:52 +00:00
phpnut
a8a91e35be Correcting all headers in the files
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4407 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-02-02 10:39:45 +00:00
phpnut
4f1c5ef386 Wrapping all core messages in translation function
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4129 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-12-22 22:49:47 +00:00
nate
403ff35bdb Refactoring code and updating docblocks in Security and RequestHandler components
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4075 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-12-06 20:37:12 +00:00
nate
33d07d0af9 Refactoring RequestHandler, and updating docblocks for RequestHandler and Security components
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4048 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-12-01 23:51:43 +00:00
phpnut
881dc728cf Adding missing doc comments.
Updated use of Controller::persistModel; Lazy Loading of models now work when this is set to true.
Fixed Scaffold to work with Controller::persistModel = true;

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4003 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-11-28 06:25:11 +00:00
phpnut
d7e8a20b19 Adding missing doc comments to SecurityComponent.
Reformatted code to standards

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4000 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-11-28 00:00:23 +00:00
nate
e8751b7103 Refactoring Security component
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3947 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-11-23 23:06:19 +00:00
nate
97753554c6 Adding Security::requireSecure() to require controller actions to be accessed via SSL-secured connections
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3839 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-11-08 02:18:41 +00:00
phpnut
0e527f46bf Reomved doc block comment from FormHelper class.
Corrected change made to the $expires variable


git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3358 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-08-04 08:07:50 +00:00
phpnut
d0d1ce73cd Added FormHelper::create() to use in place of deprecated
HtmlHelper::formTag().
Fixed SecurityComponent so the _Token can be wrote to sessions



git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3357 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-08-04 08:03:39 +00:00
nate
2b69e99ae3 Refactoring View and SecurityComponent
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3327 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-07-31 23:55:29 +00:00
nate
f367ec5509 Fixing typo in Security component constructor
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3203 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-07-05 14:23:21 +00:00
gwoo
e941e48a07 fixing bug in requireLogin check of SecurityComponent::stratup()
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3169 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-06-24 05:18:07 +00:00
nate
f809a0652d Refactoring SecurityComponent callbacks
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3121 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-06-16 20:06:11 +00:00
nate
06c626c113 Adding SecurityComponent::requireLogin() - Supports basic and digest HTTP authentication, for Ticket #571
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3120 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-06-16 19:45:33 +00:00
phpnut
e5c074a0dc Merging fixes into 1.x.x.x branched code:
Revision: [2955]

Revision: [2951]

Revision: [2918]

Revision: [2911]

git-svn-id: https://svn.cakephp.org/repo/branches/1.x.x.x@2958 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-05-26 05:29:17 +00:00
phpnut
0f8f8243d5 Added SecurityComponent class missed in merge from revision [2186]
git-svn-id: https://svn.cakephp.org/repo/trunk/cake@2249 3807eeeb-6ff5-0310-8944-8be069107fe0
2006-03-12 00:03:24 +00:00