Commit graph

774 commits

Author SHA1 Message Date
Mark Story
1fee3c030e Merge pull request #5616 from cakephp/issue-5603
Fix radio buttons not being added to security hash.
2015-01-09 15:32:44 -05:00
antograssiot
c2f298a8b7 Replace our custom code fence with markdown standard fence 2015-01-09 13:47:25 +01:00
mark_story
98909fb465 Fix radio buttons not being added to security hash.
When some but not all inputs were disabled radio buttons were omitted
from the security hash. This caused blackhole failures as the input was
unexpected.

Refs #5603
2015-01-08 23:25:34 -05:00
euromark
52ecccb1a2 App::uses and usage replacements for String => CakeText. 2015-01-05 01:00:57 +01:00
euromark
63093e1d30 More String CakeText replacements and a BC class. 2015-01-05 00:55:23 +01:00
mark_story
4cd2c8fdcb Merge branch 'master' into 2.7 2015-01-03 14:34:55 -05:00
Rob McVey
54e172b129 Regex modified to to not capture brackets
Modified the existing regex from th TLD onwards

Credit to @gruber for the regex info
https://gist.github.com/gruber/249502
2015-01-02 15:15:23 +00:00
euromark
545ff20e1d Add component and helper wrapper methods. 2014-12-23 03:50:35 +01:00
mark_story
4d6611b328 Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/VERSION.txt
2014-12-17 21:38:32 -05:00
euromark
f63d955f73 Add additional test. 2014-12-09 03:43:35 +01:00
euromark
dc70da9d14 Only merge the _defaults keys. 2014-12-09 03:43:35 +01:00
euromark
dc41a1ff56 Fix paginator options when disabled. 2014-12-09 03:43:34 +01:00
euromark
e1c128bb99 Consolidate with conditions sniff. 2014-12-09 03:17:35 +01:00
Rachman Chavik
a37e007d9f BC fix for css() and script() with identical resource names 2014-11-19 11:20:37 +07:00
euromark
41c646c5a1 Simplification of return types. No need to return more mixed than necessary. 2014-11-08 20:07:47 +01:00
euromark
345a18f15f Merge branch 'master' into 2.6 2014-11-05 23:29:06 +01:00
euromark
768f2c809c Correct doc block return types. 2014-11-05 13:03:27 +01:00
euromark
a6bd133413 Correct typos. 2014-11-02 22:41:17 +01:00
euromark
e7f76a983a Add a method for generating pagination meta links. 2014-11-02 22:29:02 +01:00
mark_story
177b797aab Merge branch 'master' into 2.6 2014-10-26 21:25:05 -04:00
Jan Ptacek
797635d26b fixing testcases + do not disable the hidden input on partial disables 2014-10-25 21:05:37 +02:00
ptica
abb0c7cb9d Update FormHelper.php
disabled multiple checkbox input should not generate an enabled hidden input,
as it leads to saving empty data upon submission -> carrying the disabled attribute to the hidden input prevents this
2014-10-24 18:25:31 +02:00
euromark
03d92494f1 Fix maxlength for manual type set and add textarea maxlength support. 2014-09-13 04:03:33 +02:00
ADmad
3fb252ad2f Merge branch 'master' into 2.6 2014-09-13 00:37:16 +05:30
euromark
04ef39217f Take care of more int casts. 2014-09-10 16:29:23 +02:00
mark_story
734bb9223b Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/Core/App.php
	lib/Cake/VERSION.txt
2014-09-06 23:04:20 -04:00
Marc Würth
67ba9cb406 Update all @deprecated annotations
to adhere to the @deprecated <version> <description> format, where version and description are mandatory.
2014-09-02 17:03:22 +02:00
mark_story
7c316bbc56 Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/basics.php
2014-08-30 21:28:11 -04:00
Karma Dice
f03393a2a3 Preventing multiple iterations 2014-08-23 15:47:12 +05:30
mark_story
9c3089796f Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/Model/Model.php
2014-08-08 23:28:06 -04:00
euromark
9ef7b5713a CS fixes. 2014-08-04 13:53:52 +02:00
mark_story
4e168ca004 Fix incorrect docs. 2014-08-03 20:36:31 -04:00
ADmad
c193ce708a Throw exception instead of logging in debug mode. 2014-08-03 03:16:39 +05:30
ADmad
713f430fc4 Merge branch 'master' into 2.6 2014-08-03 01:05:36 +05:30
William Notowidagdo
23954e6ad3 Update HtmlHelper.php
No need to add `null` to `$options` param as mentioned in the docs section: [Using blocks for script and CSS files](http://book.cakephp.org/2.0/en/views.html#using-blocks-for-script-and-css-files)
2014-08-01 11:22:29 +07:00
Anthony GRASSIOT
aa42b80a4d a / an typo fixes fot API 2014-07-30 22:11:03 +02:00
mark_story
3c1d3ee461 Deprecate CacheHelper.
It has been removed from 3.0 as it was a bad idea, and better solutions
have been created outside of PHP.
2014-07-27 22:20:47 -04:00
ADmad
53259cb389 Deprecate $confirmMessage argument. 2014-07-10 23:31:51 +05:30
mark_story
2bcd817367 Merge branch 'master' into 2.6 2014-07-03 11:13:06 -04:00
euromark
974ca851c2 Correct doc blocks according to cs guidelines.
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
a2673d8bf0 Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/Core/App.php
2014-06-25 09:22:10 -04:00
euromark
b3507b199a Update doc blocks regarding return $this 2014-06-25 00:06:51 +02:00
mark_story
497ecd3f80 Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/VERSION.txt
2014-06-19 21:41:02 -04:00
euromark
9c035ff315 doc block corrections 2014-06-19 13:25:36 +02:00
euromark
53a544d9f0 Improve toList to allow localization 2014-06-18 17:56:35 +02:00
mark_story
9136f63874 Fix autoLinkEmail() not working when emails are adjacent to HTML.
When an email address is adjacent to HTML it should be autolinked
correctly.

Refs #3656
2014-06-16 21:48:30 -04:00
mark_story
8e14b2f807 Merge branch 'master' into 2.6 2014-06-11 23:05:59 -04:00
mark_story
849ad9a4f5 Remove dead, untested and unreachable code in FormHelper.
Closes #3650
2014-06-06 08:17:49 -04:00
mark_story
758599e6f4 Add once option to css().
The default value is false for backwards compatibility. In 3.0, the
default will be made consistent with script().

Refs #1973
Refs #3628
2014-06-04 22:15:56 -04:00
ADmad
16df061d66 Fix api docblocks for View layer classes. 2014-05-30 01:23:12 +05:30
mark_story
db86b0c050 Don't disable the entire select when disabled is array(1)
When the disabled attribute is just array(1), then the attribute should
be filtered out of select element attributes. This is kind of a hacky
workaround but changing the underlying attribute handling is going to be
pretty tricky and far more dangerous.

Fixes #3546
2014-05-23 13:26:11 -04:00
akiyan
781430c4af Removed unnecessary conditional branch, fixed test and comment. 2014-05-22 14:08:18 -04:00
akiyan
67f256297d Fixed secure form hash for special url.
No htmlspecialchars encode and without fragment identifer.
2014-05-22 14:08:11 -04:00
euromark
8af76a3705 Hotfix for older baked templates regarding postLink() 2014-05-13 20:51:39 +02:00
mark_story
e9ecfe0936 Remove x bit on files.
PHP files should not have executable permission set.
2014-05-13 12:30:14 -04:00
mark_story
89cd114e6f Merge branch 'master' into 2.5 2014-05-12 14:30:02 -04:00
mark_story
51909ae738 Only parse URLs when they contain ://
Parsing incomplete URLs fails in PHP5.2.
2014-05-09 17:01:24 -04:00
mark_story
5469840c80 Fix incorrectly generated URL path.
Refs #3442
2014-05-07 08:52:42 -04:00
mark_story
1103ca7816 Ensure that only the path and query are used to make the hash.
While including the entire protocol, host, port, path and query would be
even better in theory, it gets complicated when proxies and load
balancers are involved.

Fixes #3442
2014-05-06 23:00:11 -04:00
ADmad
d466e00644 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/Model/Datasource/DboSource.php
	lib/Cake/Test/Case/Model/Datasource/Database/MysqlTest.php
	lib/Cake/Utility/Folder.php
	lib/Cake/VERSION.txt
2014-05-04 14:35:36 +05:30
euromark
57cb7ea260 Correct documentation. 2014-05-02 13:48:39 +02:00
euromark
fecf321cce This is a hotfix for TextHelper which seems to have gone wrong in a merge. tail() is missing completly and the docs for truncate() are the ones for tail(). This fixes it. 2014-05-02 13:33:57 +02:00
mark_story
e1057e3e6b Fix FormHelper::postLink() not working when SecurityComponent is enabled.
The action attribute value was not being included in the generated hash,
so postLink() forms never worked properly.

Fixes #3418
2014-04-29 11:23:52 -04:00
euromark
7a287a6942 More coding standard corrections. 2014-04-29 14:19:33 +02:00
mark_story
cf96e9f54f Merge branch 'master' into 2.5 2014-04-26 22:04:19 -04:00
Mark Story
5b46eb71ec Merge pull request #3397 from steinkel/fix-formhelper-with-model-mock
fixed FormHelper to allow create() on Mock Models without errors
2014-04-26 08:53:43 -04:00
Jorge González
5cf2ce723c fixed FormHelper to allow create() on Mock Models without errors 2014-04-26 10:33:58 +01:00
mark_story
de0062de77 Merge branch 'master' into 2.5 2014-04-25 22:10:02 -04:00
mark_story
f23d811ff5 Use the form action URL in generated form hashes.
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.

Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
ADmad
27699d1f12 Fix auto linking urls with subdomain with underscore.
Closes #3392
2014-04-25 22:28:34 +05:30
mark_story
debdc6bccc Merge branch '2.5' of github.com:cakephp/cakephp into 2.5 2014-04-07 21:46:11 -04:00
mark_story
ac66c2c03a Merge branch 'master' into 2.5 2014-04-07 21:45:57 -04:00
euromark
0ece694a75 microptimize options and default merge and other string key array merges 2014-04-08 01:25:14 +02:00
Mark Oberemk
e3a0795bed Update HtmlHelper.php
Updated documentation to include the chained $this return
2014-04-06 21:23:42 -04:00
Mark Oberemk
d5721f10fd Allow chaining in the addCrumb method
For convenience I think it might be valuable to allow addCrumb (and possibly other similar functions) to return $this to permit chained calls such as this:

    $this->Html->addCrumb('Admin', '/admin')->addCrumb('Blogs', '/admin/users')->addCrumb('Add');

as opposed to the considerably more verbose version that needs to be used now:

    $this->Html->addCrumb('Admin', '/admin');
    $this->Html->addCrumb('Blogs', '/admin/users');
    $this->Html->addCrumb('Add');

I'm not sure if this violates some API conventions for helpers but it does seem rather more convenient to work with to me.
2014-04-06 21:23:42 -04:00
euromark
6f53529520 Correct doc blocks 2014-04-06 22:27:51 +02:00
Jose Lorenzo Rodriguez
0d80c92ffb Revert "Merge pull request #3002 from moberemk/patch-2"
This reverts commit 8e3d6cffb7, reversing
changes made to 92800889a6.
2014-04-06 21:48:59 +02:00
José Lorenzo Rodríguez
8e3d6cffb7 Merge pull request #3002 from moberemk/patch-2
Allow chaining in the addCrumb method
2014-04-06 21:09:10 +02:00
mark_story
57b8008dbe Merge branch 'master' into 2.5 2014-03-23 11:01:13 -04:00
Mark Story
90ca41d436 Merge pull request #2941 from lucasff/master
Allow the passing parameter escape of the getCrumbList method
2014-03-23 09:23:06 -04:00
mark_story
afc8587949 Merge branch 'master' into 2.5 2014-03-18 22:12:14 -04:00
mark_story
ee895a8bb1 Add form attribute to hidden inputs when present.
If inputs are placed outside of the form elements the form attribute
needs to be set on the hidden inputs. Without this attribute the empty
state does not submit correctly.

Fixes #3053
2014-03-18 22:11:57 -04:00
Lucas Freitas
4cd6ac2f15 Fix break of the CS on Travis 2014-03-13 00:24:16 -03:00
Mark Oberemk
3f7eff1843 Update HtmlHelper.php
Updated documentation to include the chained $this return
2014-03-12 08:59:12 -04:00
mark_story
c5b6dda82f Merge branch 'master' into 2.5 2014-03-11 21:02:27 -04:00
Mark Oberemk
8a8d2697d1 Allow chaining in the addCrumb method
For convenience I think it might be valuable to allow addCrumb (and possibly other similar functions) to return $this to permit chained calls such as this:

    $this->Html->addCrumb('Admin', '/admin')->addCrumb('Blogs', '/admin/users')->addCrumb('Add');

as opposed to the considerably more verbose version that needs to be used now:

    $this->Html->addCrumb('Admin', '/admin');
    $this->Html->addCrumb('Blogs', '/admin/users');
    $this->Html->addCrumb('Add');

I'm not sure if this violates some API conventions for helpers but it does seem rather more convenient to work with to me.
2014-03-11 10:37:47 -04:00
Kunal Panchal
a77a0f76a1 Documentation correction
TimeHelper::$niceFormat to CakeTime::$niceFormat
2014-03-10 14:05:03 +05:30
Lucas Freitas
b522b1e724 Entire UL element was being outputted directly (escaped), added to the unset list and fixed 2014-03-03 05:28:59 -03:00
Lucas Freitas
d4b91166bc Fixing stupidity and adding the PHPDoc param 2014-03-03 05:10:21 -03:00
Lucas Freitas
7096495943 Allow the passing parameter escape of the getCrumbList method and reflecting that into the outputted link too 2014-03-03 05:01:49 -03:00
ADmad
a0c399e374 Remove whitespace. 2014-02-26 10:40:53 +05:30
mark_story
0f584c0e8b Merge branch 'master' into 2.5 2014-02-24 21:19:17 -05:00
mark_story
0776b87214 Fix postLink() & postButton() with nested data.
Flatten deeply nested array data before generating hidden inputs.
This solves 'Array to string conversion' errors.

Closes #2894
2014-02-24 21:17:31 -05:00
mark_story
a80cbc205a Simplify conditionals.
Set default values to remove else cases.
2014-02-19 21:46:53 -05:00
jalbertocr
8b2e1ab9e5 Don't do assignments inside conditionals. 2014-02-19 22:41:33 -03:00
jalbertocr
cdeb51167b Fix types in docblocks. 2014-02-19 20:54:00 -03:00
jalbertocr
35f152b333 Make sure a datetime instance is valid to avoid fatal errors. 2014-02-19 20:50:30 -03:00
mark_story
3433f4a1f0 Clean up changes code standards and tests.
Refs #2582
2014-02-17 11:03:49 -05:00
Jonas
b32deed4aa changed FormHelper::secure() and FormHelper::end() to support attributes in the hidden CSRF-protection tags that are being generated for SecurityComponent to allow specification of additional html attributes like HTML5s "form" attribute. This allows separation of Form instantiation/controls and form data - for instance within html tables
improved tests for testing against additional attributes for Form::secure()

improved tests for testing against additional attributes for Form::end()

removed array cast, fixed test

fixed docblock format

format

Fixed a bug, this won't work as some forms are just empty
2014-02-17 10:54:02 -05:00
ADmad
9de3418079 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/Model/Permission.php
2014-02-11 18:17:59 +05:30
Eric Martins
2793dca671 Fix ApiGen errors 2014-02-07 18:29:54 -02:00
mark_story
be8ebfc005 Merge branch 'master' into 2.5 2014-02-05 09:22:46 -05:00
AD7six
adc0bf3ded BC fix for checkbox ids
Revert to previous behavior for id generation of checkboxes, This commit
can be reverted for 2.5+ is desired

Fixes #2733
2014-02-03 17:57:26 +00:00
mark_story
ecf5aec1ae Add '@' to the list of characters removed from radio/checkbox ID.
This character can easily show up in email addresses and can cause
invalid HTML.

Refs #2733
2014-02-02 21:20:31 -05:00
mark_story
605351d0c9 Allow empty values in checkboxes.
Allow the checkbox value attribute to be empty. This is required to make
checkboxes with a value of 0.

Fixes #2717
2014-01-30 21:12:06 -05:00
Walter Nasich
a7f50e0ce7 Using sprintf to convert number into non-scientific notation 2014-01-30 19:07:23 -03:00
Walter Nasich
43604f64d5 Rendering a proper value for html5 attribute 'step' 2014-01-30 17:17:50 -03:00
ADmad
c093804b35 Merge branch 'master' into 2.5 2014-01-26 17:39:50 +05:30
Giampaolo Falqui
ef08534460 Improves next() and prev() documentation
Adds the explanation for the URL available option, which is really useful when dealing with non-default CakePHP routes, now lacking from the official documentation.
2014-01-26 11:38:11 +01:00
mark_story
75dd2ff1fb Merge branch 'master' into 2.5 2014-01-16 15:20:40 -05:00
mark_story
f25e84f4fb Don't select year 0 when there are all 0's.
Year 0 is almost never a 'good' selection value and causes odd behavior
when paired with MySQL.

Fixes #2658
2014-01-15 10:23:45 -05:00
mark_story
3cee3b0e99 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/VERSION.txt
2013-12-30 21:28:22 -05:00
Mark Story
1cb7e4f0ff Merge pull request #1635 from dereuromark/master-dom-ids
Fix duplicate ID generation of for multiple checkboxes.
2013-12-24 07:02:38 -08:00
mark_story
7e5c0f7185 Merge branch 'master' into 2.5 2013-12-20 14:15:35 -05:00
mark_story
5bddc477a3 Fix incorrectly handled time values around 12:00:00
When using 12 hour formats & intervals, values around 12:00 were
incorrecly converted to midnight.

Fixes #2507
2013-12-19 17:36:27 -05:00
mark_story
30e139412d Fix input type inference when type=>checkbox
FormHelper should not infer types when the explicit type is checkbox.
Instead the provided type should be used.

Fixes #2491
2013-12-16 23:26:20 -05:00
euromark
8ebf004450 Also make DOM ids for radio element values unique. 2013-12-04 02:14:08 +01:00
euromark
587a04ab84 prevent possible XSS attack via form helper selects and unescaped output. 2013-12-04 01:51:39 +01:00
euromark
aae0f762dd Collision free approach to resolve the DOM ID issue in a clean way. Fix to generation of ids for multiple checkboxes. Resolves ticket 4064. 2013-12-04 01:30:57 +01:00
mark_story
8578708e76 Merge branch 'master' into 2.5 2013-12-01 21:37:37 -05:00
mark_story
a9ca1bdc58 Add tests and fix other cases where autoLinkEmail would fail.
Refs #2403
2013-11-29 22:57:43 -05:00
mark_story
7c66d0db50 Fix autoLink() when URLs contain email addresses.
Add whitespace lookbehind to ensure the email address is preceded by
whitespace, this obviously means that emails starting with word/symbols
are not detected, however those symbols are generally valid in an email
address anyways, and will form the local part.

Fixes #2403
2013-11-29 22:24:03 -05:00
mark_story
3b8208be2e Merge branch 'master' into 2.5 2013-11-18 21:49:13 -05:00
Matheus Pedroso
4677ddf490 Fix duplicated webroot path on HtmlHelper::meta('icon'). 2013-11-18 23:38:01 -02:00
ADmad
dda6080579 Merge branch 'master' into 2.5 2013-11-19 00:27:12 +05:30
Marc Würth
7cfa0116f4 Removed "PHP 5" from file header DocBlocks
This statement does not serve a purpose anymore.
In a long forgotten world it indicated the main version number of PHP which the code in the file was compatible to.
http://pear.php.net/manual/en/standards.sample.php
But since PHP 5.1 and later this is only marginally true.
Thus I propose to remove it from CakePHP.
2013-11-13 22:58:39 +01:00
mark_story
a07608cbb9 Fix incorrect CSRF token fields when using postLink()
Creating a postLink after creating a GET form would result in the
incorrect fields being generated.

Fixes #2308
2013-11-11 21:56:55 -05:00
mark_story
3561929be7 Merge branch 'master' into 2.5 2013-11-10 21:53:09 -05:00
mark_story
8d38861a2e Fix missing HTML encoding on URL's generated by Html->meta().
The input URL was not correctly handled as an asset URL and thus was
not correctly HTML or URL escaped. This created invalid HTML when
favicon URLs included query string arguments.

Refs #2233
2013-11-09 14:31:09 -05:00
ADmad
d647fe8a91 Added buffering of form tags generated by FormHelper::postLink() 2013-11-03 23:11:11 +05:30
mark_story
afd182898f Merge branch 'master' into 2.5 2013-11-01 16:54:57 -04:00
Bryan Crowe
94d7ac1dd6 Correct spelling of retrieve 2013-10-30 23:13:07 -04:00
mark_story
aaac360833 Merge branch 'master' into 2.5 2013-10-30 14:58:20 -04:00
mark_story
525efcb808 Remove use of deprecated constants.
Fixes #2232
2013-10-29 17:49:16 -04:00
ADmad
d9ca148499 Merge branch 'master' into 2.5
Conflicts:
	CONTRIBUTING.md
	lib/Cake/Model/Model.php
	lib/Cake/VERSION.txt
2013-10-30 02:34:09 +05:30
José Lorenzo Rodríguez
45bd01fdc0 Merge pull request #2132 from dereuromark/2.5-paginator-sort
Ability to use PaginatorHelper::sort() with only one direction.
2013-10-24 05:40:42 -07:00
Bryan Crowe
a943ea5c34 Add space between classname(s) 2013-10-22 22:59:50 -04:00
Bryan Crowe
d39ced8381 Correct 'an URL' to 'a URL' in docblocks 2013-10-22 00:09:34 -04:00
euromark
def015108d Ability to use PaginatorHelper::sort() with only one direction. 2013-10-19 12:44:50 +02:00
Cameri
bb33d52cc6 Added 'xhr' as callback in JqueryEngineHelper::request() so it formats as Javascript. 2013-10-17 18:26:39 -04:00
Marc Würth
bf8a13a77c Added binary type to field type map, defaulting to file input field
Refs  https://github.com/cakephp/cakephp/issues/2071
2013-10-15 22:25:51 +02:00
Bryan Crowe
f9435aff27 Add missing return tags 2013-10-14 22:43:17 -04:00
Mark Story
ce74153389 Merge pull request #1691 from uzyn/2.5-decimal
Add support for decimal type in Schema.

Fixes #3171
2013-10-14 08:36:15 -07:00
Jose Lorenzo Rodriguez
df549898ad Merge remote-tracking branch 'origin/2.5' into k-halaburda-master 2013-10-12 01:05:02 +02:00
Bryan Crowe
c1dd0e4393 Changed url to URL where appropriate 2013-10-07 23:17:58 -04:00
mark_story
60b0893c79 Merge branch 'master' into 2.5 2013-10-06 23:49:32 -03:00
ADmad
aa60b8791a Fixed setting "required" attribute for file input. Closes #4124
In general fixed the issue where enabling SECURE_SKIP for a field
skipped "required" attribute check altogether. Instead now "required"
is set to false for hidden fields by default.
2013-10-04 20:35:38 +05:30
euromark
eb98770304 Remove leftover of pageTitle. 2013-10-04 00:35:56 +02:00
U-Zyn Chua
4806d09d7e Setting of step for decimal field based on precision. 2013-09-29 22:44:50 +08:00
U-Zyn Chua
091658a752 Decimal support for FormHelper. 2013-09-29 22:40:35 +08:00