Mark Story
c303a92fcf
Merge pull request #9368 from cakephp/2.x-test-fixtures
...
CakeFixtureManager: Truncate tables only if not dropped.
2016-08-29 21:56:37 -04:00
mark_story
2ffde69d5b
Skip test that always fails on PHP5.3
2016-08-29 21:56:30 -04:00
mark_story
d1cfe203c4
Fix PHPCS error.
2016-08-29 21:53:47 -04:00
mscherer
d52b9fc826
CakeFixtureManager: Truncate tables only if not dropped.
2016-08-29 12:08:57 +02:00
Mark Story
51963ab8fc
Merge pull request #9349 from cakephp/2.x-sort-locale
...
2.x sort locale backport
2016-08-26 11:13:21 -04:00
Mark Sch
ee319baec1
Backport skip
2016-08-26 16:15:39 +02:00
mscherer
03df288e78
Re-add spacing.
2016-08-26 14:45:59 +02:00
mscherer
dab4b85596
Backport Hash::sort() support for type locale.
2016-08-26 14:32:21 +02:00
ndm2
87d86aaed9
Fix/tighten Folder::inPath()
checks.
...
The current checks are way too relaxed, and are more like testing
for a substring, which makes it easy for invalid paths to slip
trough, for example `/foo/var/www` is falsely tested to reside in
`/var/www`.
Passing an empty path never worked properly, it was triggering a
warning, didn't worked on Windows, and the behavior that the current
top level directory would be assumed for empty paths wasn't
documented.
Similar is true for relative paths. While they did match at one point,
this was incorrect behavior, and matching actual path fragments seems
out of scope for this method.
This change makes the `$path` argument required, requires it to be an
absolute path, and throws an exception in case a non-absolute path is
being passed.
2016-08-26 13:45:45 +02:00
Mark Story
0565081db6
Merge pull request #9314 from mvdriel/add-support-for-confirm-option-to-submit-in-formhelper
...
Added support for confirm (message) option to submit in FormHelper
2016-08-22 09:18:30 -04:00
Mark Sch
b096005561
Fix CS
2016-08-21 20:31:45 +02:00
Mark van Driel
e3b0aca95e
Removed bug fix for Helper::_confirm to keep the code compatible
2016-08-21 17:09:43 +02:00
Mark van Driel
34afc377ec
Added support for confirm (message) option to submit in FormHelper
2016-08-20 12:51:13 +02:00
Kenya Yamaguchi
777e39531e
fix php document of File::write()
2016-08-19 02:52:44 +09:00
José Lorenzo Rodríguez
3937a4f02e
Merge pull request #9255 from cakephp/issue-9229-restore
...
Restore header() behavior inadvertantely removed.
2016-08-15 09:51:10 +02:00
mark_story
3e16f8911d
Add tests covering basic use of <> in deleteAll()
...
Refs #9253
2016-08-13 22:48:02 -04:00
mark_story
a10bdb226a
Document the ext/memcached version requirements.
...
Refs #9252
2016-08-13 19:38:31 -04:00
mark_story
bc73e928b6
Restore header() behavior inadvertantely removed.
...
In eaa2bbbcae
I changed the behavior to
now use the TitleCased name as I didn't understand the intended behavior
or how apache was working in the reporter's specific case.
Refs #9229
2016-08-11 21:54:24 -04:00
Marc Würth
f2638b3e38
Remove superfluous "Class" from doc blocks
2016-08-10 12:22:09 +02:00
mark_story
61b3fbd605
Merge branch '2.x' into 2.next
2016-08-09 22:12:26 -04:00
mark_story
eaa2bbbcae
Merge branch 'auth-header' into 2.x
...
Refs #9229
2016-08-09 22:07:46 -04:00
mark_story
20a2af8c16
Fix casing issues with Authorization header.
...
We need to check the upper case versions of headers in $_SERVER.
Also fix lint issues.
2016-08-09 22:06:49 -04:00
nojimage
9a5d5705cd
TestShell support --coverage-text option
2016-08-08 20:13:40 +09:00
nojimage
e71d83c612
TestShell passes the 'directive' option to PHPUnit correctly
2016-08-08 20:09:37 +09:00
Sebastien Barre
345375b6b6
add test
2016-08-07 23:08:55 -04:00
Sebastien Barre
acc32f5c58
Work around Apache handling the Authorization: header differently
2016-08-07 19:50:23 -04:00
mark_story
0a22058e35
Update version number to 2.8.6
2016-08-02 22:15:04 -04:00
ADmad
ba829f758f
Merge pull request #9204 from cakephp/fix-api
...
fix api generation
2016-08-03 01:40:16 +05:30
antograssiot
6dbd5c659d
fix api generation
2016-08-02 22:01:35 +02:00
Juan I. Benavides
60bd98a593
Consistency with other methods: Type declaration of CakeEmail parameter.
2016-08-02 02:30:43 -05:00
Juan I. Benavides
d37f88b20e
Documentation and declaration of object type in method's parameter
...
This should make pass the phpcs check. #9199
2016-08-01 16:46:25 -05:00
Juan I. Benavides
93db51cf10
Avoiding circular object reference in SmptTransport
...
This fixes a memory leak while sending multiple emails.
Fixes : #9198
2016-08-01 13:09:45 -05:00
Mark van Driel
4dc8e54131
Fixed typo
2016-07-27 20:27:15 +02:00
Mark van Driel
5caac5f340
Prevent unnecessary joins / complex conditions in delete
2016-07-27 16:31:57 +02:00
Andrej Griniuk
e7f3365d8b
fix on php < 5.5
2016-07-26 23:57:14 +03:00
Andrej Griniuk
147693618c
refs #9174 fix CakeSchema compare when changing field length to the default one
2016-07-26 23:39:09 +03:00
Mark van Driel
c01525f2cc
Make check more strict to respect existing queries
2016-07-26 11:25:27 +02:00
Mark van Driel
d6e45131ad
Prevent unnecessary joins / complex conditions in delete
2016-07-25 17:15:18 +02:00
Mark Story
b50c06423d
Merge pull request #9115 from biesbjerg/ticket-7488
...
Fire Controller.shutdown and Dispatcher.afterDispatch events when exceptions are thrown
2016-07-19 22:49:02 -04:00
Mark Story
876b508797
Merge pull request #9108 from cakephp/issue-9106
...
Don't split strings headers that lack a ':'.
2016-07-15 22:20:13 -04:00
Kim Biesbjerg
cbdc89ddee
Fix CS error
2016-07-14 05:50:37 +02:00
Kim Biesbjerg
38cad279d1
Updated test method name and description
2016-07-14 04:57:25 +02:00
Kim Biesbjerg
c77b628841
Dispatch Controller.shutdown instead of calling afterFilter directly. Updated test
2016-07-14 04:51:49 +02:00
Kim Biesbjerg
a05639a30e
Don't save buffered output to var since it is not used
2016-07-14 00:20:33 +02:00
Kim Biesbjerg
5a63ee4e3e
Added tests to prove that Dispatcher.afterDispatch event is dispatched by exception renderer on error response
2016-07-14 00:17:02 +02:00
Kim Biesbjerg
bddff7d2b0
Dispatch afterDispatch event when exception is thrown
2016-07-13 23:40:27 +02:00
mark_story
4e1b601ed8
Don't split strings headers that lack a ':'.
...
Refs #9106
2016-07-12 22:46:47 -04:00
Philippe Saint-Just
be7cecbb00
Removed whitespace
2016-07-10 14:02:55 +01:00
Philippe Saint-Just
b0e5e39e45
Added test case
2016-07-10 09:57:24 +01:00
Philippe Saint-Just
7edcdb0799
Handle plugin association consistently
2016-07-09 16:08:16 +01:00
Kim Biesbjerg
1d7a4da903
Fixed wrong assertion
2016-07-07 09:24:33 +02:00
Kim Biesbjerg
0ea315b2e0
Add assertion to prove session is not started on stateless login
2016-07-07 08:58:51 +02:00
Kim Biesbjerg
c63de8d9f5
Added test to prove stateless login sets user
2016-07-06 12:34:23 +02:00
Kim Biesbjerg
f22129b9c7
Store user data in memory on login for stateless auth adapters
2016-07-06 00:25:46 +02:00
mark_story
234f732d6d
Attempt to get tests passing on travis.
...
Also attempt to get stickler to ignore the 2.x branch.
2016-07-01 17:52:02 -04:00
mark_story
d816ea6e16
Add test showing that niceShort translates month names.
...
Refs #8968
2016-07-01 17:51:23 -04:00
Alex Para
58a31ecfe5
fixes #9064
2016-07-01 14:46:27 +03:00
Alex Para
3a42ecc61c
fixes #9064 - added new locale for Icelandic language
2016-07-01 11:11:16 +03:00
mark_story
7626896286
Merge branch '2.x' of github.com:cakephp/cakephp into 2.x
2016-06-28 22:07:44 -04:00
mark_story
7c2d6ae197
Combine code paths.
...
At the end of both if/else arms we should have an array that can be
pushed through Hash::filter().
Refs #8654
2016-06-28 22:06:53 -04:00
nojimage
57e0a97483
refs #8654 FormHelper cleanup unlockFields key
2016-06-28 22:01:06 -04:00
Mark Story
0e97116093
Merge pull request #9042 from gestudio/patch-1
...
Issue #9040 - Auth saving json in Auth.redirect
2016-06-27 21:48:56 -04:00
mark_story
7e27fccca8
Restore version file to 2.9.0-dev
2016-06-27 21:48:08 -04:00
mark_story
432eb9c432
Merge branch '2.x' into 2.next
2016-06-27 21:47:47 -04:00
mark_story
f28c21c7a7
Stop testing against SSL ciphers that emit warnings.
...
Testing that SSLv3 still works is causing test failures.
2016-06-27 21:47:37 -04:00
Iñigo In The Cloud
2c112095a9
Issue #9040 - Auth saving json in Auth.redirect
...
AuthComponent is storing JSON or any other AJAX request URL into the session variable Auth.redirect used for login redirect if the AJAX request does not send the X-Requested-With:XMLHttpRequest header.
If you send an ajax request without that header and your request is not a (.json) it will store the URL anyway.
2016-06-27 14:15:05 -04:00
mark_story
92a50d05dc
Reset query timing metrics for begin/commit/insert multi calls.
...
Apply patch from @Mensler to reset the query metrics for transaction
operations, and for each iteration of an insertMulti call. This helps
provide more accurate query times.
Refs #9014
2016-06-22 22:20:00 -04:00
kolorafa
449e5fc9cf
Can't override CakeEmail class and use deliver
...
When using TemplateEmail::deliver it always create new instance of CakeEmail, I assume it should create my extended "TemplateEmail" class insted.
PHP >5.3 compatible
2016-06-13 18:02:26 +02:00
mark_story
64e7c8d991
Update version number to 2.8.5
2016-06-12 22:15:08 -04:00
mark_story
7055e82eab
Add missing uses() call.
...
Refs #8929
2016-06-02 22:04:50 -04:00
Mark Story
55e9638044
Merge pull request #8844 from icyrizard/add_http_patch_content_type_check
...
Add HTTP patch Content-Type check
2016-05-27 15:41:18 +02:00
Aloïs Thévenot
b737e9f732
#8844 Add test
2016-05-27 12:50:23 +00:00
mark_story
8c73086717
Fix PHPCS error.
2016-05-25 23:05:12 +02:00
mark_story
e78af35af7
Only clear the unlocked fields on end().
...
Doing this work on end() allows fields to be unlocked before the form is
created which can be helpful.
Refs #8880
2016-05-25 23:04:53 +02:00
Mark Story
b15560ea0c
Merge pull request #8880 from nojimage/form-unlockfields-2x
...
Reset FormHelper::$_unlockFields for 2.x
2016-05-25 22:59:25 +02:00
mark_story
d5d46e21bd
Fix indentation.
2016-05-22 16:39:49 -04:00
Mark Story
1a7e8c51e7
Merge pull request #8848 from xhs345/2.x
...
Add attribute 'fieldset' to Form->radio
2016-05-22 16:38:39 -04:00
nojimage
850305a384
fixes reset FormHelper::$_unlockFields
2016-05-21 13:33:20 +09:00
xhs345
eeefa03546
Updated Radio and Inputs form helper
...
Also added UnitTest for radio fieldset class-name
2016-05-19 17:28:47 -07:00
Mark Story
0fd3ad9b76
Merge pull request #8851 from MarkusBauer/v2.x/SqliteTestEnhancements
...
Sqlite testcase enhancements
2016-05-18 22:01:33 -04:00
Markus Bauer
2227e01990
Fixing Sqlite's handling of datetime/timestamp columns with current_timestamp default set
2016-05-19 00:21:43 +02:00
Markus Bauer
058809275c
Enable nested transactions before trying to test them
2016-05-18 23:46:51 +02:00
Markus Bauer
f75ebf8cb9
Make Sqlite Testcases compatible with Windows / NTFS file systems
2016-05-18 23:46:10 +02:00
xhs345
615be3ad14
Fix for Issue #8847
...
Add attribute 'fieldset' to Form->radio
2016-05-18 10:53:06 -07:00
Richard Torenvliet
e31ce0d58f
Add the HTTP Patch to the Content-Type check mechanism
...
Currently when a request is of type 'patch' it is ignored. This commit makes
sure that the Content-Type is checked when a patch request is provided.
2016-05-18 14:54:52 +02:00
Steampilot
723ed96fd6
Added sorting by modified time in Folder util
2016-05-12 16:28:04 +02:00
mark_story
39b4cbebb3
Port PHP7 fixes to 2.x
...
Port the fixes @ADmad did in 8f150dc5 to 2.x so those builds start to
pass once again.
2016-05-08 15:36:28 -04:00
Juan Basso
fa6e74ca22
Improved apc calls
...
Instead of calling the call_user_func_array it does the call directly. It is a little bit more verbose, but performs better.
2016-05-07 14:26:09 -04:00
Juan Basso
4a61f7f23c
Supporting APCu on PHP 7
2016-05-07 03:46:21 -04:00
Mark Story
5b83f702c9
Merge pull request #8759 from xhs345/patch-2
...
2.x cake bake Controller: Only add Flash component when required
2016-05-03 22:20:13 -04:00
xhs345
4d65091d0c
Updated tests
2016-05-03 15:39:37 -07:00
Mark Story
a88b6e8232
Merge pull request #8763 from ravage84/2.x-forum-link
...
Add new forum link to home page
2016-05-03 17:49:42 -04:00
mark_story
efc2526600
Appease PHPCS.
2016-05-03 17:46:29 -04:00
mark_story
b6d631b987
Use strlen(). Comparing a string against a length will not do the right thing.
2016-05-03 17:27:16 -04:00
Marc Würth
d640e6874a
Add new forum link to home page
2016-05-03 14:19:25 +02:00
mark_story
8cd5a64c27
Update version number to 2.8.4
2016-05-02 22:18:41 -04:00
mark_story
12c6fd4e22
Merge branch '2.x' into 2.next
2016-05-02 21:58:41 -04:00
mark_story
0912867b49
Minor formatting clean up.
...
Refs #8754
2016-05-02 21:58:20 -04:00
Alex
31cddbe48a
Only add Flash component when required
...
If a user selected no to the question "Would you like to use Session flash messages?" it would still use the Flash component, but not use it
2016-05-02 14:37:47 -07:00
schrolli
e0682fc8a1
added testcases for time and datetime-fields
...
both have set their length field and should be displayed as text-inputs
2016-05-02 17:13:22 +02:00
schrolli
0de87cd74e
Added also datetime, since it can have microseconds, too
2016-05-02 17:11:28 +02:00
Mark Sch
32cb25465f
Make CS tests pass.
2016-05-02 10:42:42 +02:00
mark_story
ade9d8a811
Restore backwards compatibility with old 2.x in FormHelper.
...
Restore the behavior of the string 'action' option to its former glory.
While we've deprecated this it needs to continue working as it did
before.
Refs #8628
2016-05-01 22:21:23 -04:00
schrolli
40b812e391
added field type "time" sothat no "maxlength" attribute is set for
...
the text-input element. This is neccessary when a "length" is
specified for a time-database-field. This length dictates the amount
of decimal digits, eg. milliseconds, and not the overall character size.
2016-05-01 05:56:50 +02:00
mark_story
ab79ab9c55
Fix short-array usage.
2016-04-30 14:14:45 -04:00
Philippe Saint-Just
c2f028ab49
Fix spacing
2016-04-30 13:13:14 -04:00
Philippe Saint-Just
cd07850337
Merge branch 'backport-8741-8690' into 2.x
2016-04-30 13:11:34 -04:00
mark_story
af953700b8
Fix short array usage.
...
Refs FIVESMX-8723
2016-04-29 09:28:05 -04:00
mark_story
cf55767fa0
Backport range parsing resiliancy fixes from 3.x
...
Refs #8723
2016-04-28 22:27:37 -04:00
Val Bancer
3368ae9b02
fixed locales alphabetical order
2016-04-27 14:59:47 +02:00
Val Bancer
3edbe1f5eb
fixed locales alphabetical order
2016-04-27 14:04:40 +02:00
Val Bancer
f4866efffc
restored deleted linebreak
2016-04-27 13:21:08 +02:00
Val Bancer
dee53e8298
added support for several european locales
2016-04-27 13:14:30 +02:00
mark_story
9536a10d6d
Make schema import plugin friendly.
...
The changes in #8694 pointed out that schema importing doesn't play nice
with plugins. This corrects that.
2016-04-23 16:18:15 -04:00
mark_story
3a75e8aa72
Use import options when going through execute()
...
The `records` and `schema` options should work when using execute().
Previously they were not working. Furthermore, the records option did
a non-sensical thing where it both set import=>records and generated
static records from the live table. The `records` option now enables
the generation of static data from a live table, as I think this is
a more common scenario.
Refs #8693
2016-04-23 16:15:54 -04:00
Mark Story
be35880b2f
Merge pull request #8692 from garethellis36/dont-override-shell-loggers
...
Don't override already-configured loggers
2016-04-22 16:05:03 -04:00
Gareth Ellis
bfb6ebb049
PHPCS fixes
2016-04-22 19:21:47 +01:00
Gareth Ellis
bc3a1fb6c5
Makes ShellTest::testShellLoggersDoNotGetOverridden actually useful
2016-04-22 19:18:29 +01:00
Gareth Ellis
153f04a976
Changes behaviour of _useLogger so that already-configured loggers are not overridden
2016-04-22 13:56:26 +01:00
mark_story
ce5d64b083
Remove whitespace.
2016-04-19 15:27:30 -04:00
felixmaier1989
b081ef5a38
Mock CakeResponse
...
Ability to set the class name to use for mocking the response object
2016-04-19 14:50:40 +07:00
chinpei215
1826b4cb08
Add DboSource::flushQueryCache()
2016-04-19 00:01:06 +09:00
mark_story
8b5023282e
Randomly generate a salt when the salt is '' or null.
...
To prevent an issue where any value is accepted as a password when '' is
provided as the hashed password.
Refs #8650
2016-04-15 21:49:17 -04:00
Mark Story
c6d5bfb2b9
Merge pull request #8653 from cakephp/fix-2x-tests
...
Attempt to fix tests in 2.x
2016-04-15 15:37:47 -04:00
mark_story
f451efa511
Attempt to fix tests in 2.x
...
Relying on tv.eurosport.com having a bad peer name is pretty fragile.
However, we can more easily rely on their cert coming from a CA we no
longer trust.
2016-04-14 15:28:34 -04:00
Mark Story
78cda8c25d
Merge pull request #8638 from ravage84/patch-5
...
Re-add the Equifax Secure Certificate Authority
2016-04-14 15:21:18 -04:00
Marc Würth
25a0796865
Correct DocBlock for HttpException
...
http://api.cakephp.org/2.8/class-HttpException.html
> Class HttpException
> Base class that all Exceptions extend.
Which is actually the short description of CakeBaseException.
http://api.cakephp.org/2.8/class-CakeBaseException.html
Probably because the DocBlock was placed before the if clause.
2016-04-14 14:42:01 +02:00
Marc Würth
d9e5d0ca05
Re-add the Equifax Secure Certificate Authority
...
Port change 343e206360
from 3.x to 2.x
2016-04-13 12:27:59 +02:00
Mark Story
1d4e39a45a
Merge pull request #8625 from cakephp/jrbasso/2.x-fix-doc
...
Fixed doc formatting on CakeResponse::cookie
2016-04-11 15:05:23 -04:00
Marc Würth
4fd25e648c
Update bundled CA file
...
Same as https://github.com/cakephp/cakephp/pull/8608 for 3.x
2016-04-11 13:55:28 +02:00
Juan Basso
718a7479e2
Fixed doc formatting on CakeResponse::cookie
...
Fixed doc to show properly in the documentation. This change was already applied on master.
2016-04-10 23:34:01 -04:00
chinpei215
5006cc396a
Add a test case to make sure of backward compatibility
2016-04-11 00:43:35 +09:00
Mark Sch
7207d8f16a
Remove class extension.
2016-04-10 16:38:03 +02:00
Mark Sch
e26cdc989d
Add class_alias()
2016-04-10 16:16:03 +02:00
mscherer
e84ff5e0d5
Fix doc block param types.
2016-04-08 15:12:48 +02:00
mscherer
657b1a1029
Fix doc block param types.
2016-04-08 15:02:03 +02:00
mscherer
bae4a11e5e
Rename test file.
2016-04-08 14:40:30 +02:00
mscherer
3e2b84052a
Add deprecated BC wrapper class.
2016-04-08 14:36:23 +02:00
mscherer
dda9e83ab6
Refactor Object to CakeObject for future PHP7 comp.
2016-04-08 14:33:26 +02:00
mark_story
79db545b69
Fix PHP 5.4 syntax.
2016-04-02 21:45:02 -04:00
mark_story
1333cc4b3e
Merge branch 'postlink-token' into 2.x
...
Fix inline postLink() calls corrupting the containing form's tampering
token.
Refs #8387
2016-04-01 23:08:41 -04:00
mark_story
c551faad46
Add tests for changes in #8387
...
Add tests covering the new behavior.
2016-04-01 23:08:31 -04:00
mark_story
84fc9498b5
Allow N11 exchange numbers as valid.
...
The previous code and commit (fa3d4a0bb5
)
were incorrect about invalid exchange numbers as 1-800-211-4511 is
a real phone number.
I've also removed a duplicate alternation pattern.
Refs #8567
2016-03-31 22:38:16 -04:00
mark_story
13b914917d
Update version number to 2.8.3
2016-03-28 22:17:27 -04:00
mark_story
1926d40d40
Fix possibility for spoofed files to pass validation.
...
Use `is_uploaded_file` to prevent crafty requests that contain bogus
files from getting through. A testing stub class was necessary to avoid
making significant changes to the test suite.
2016-03-28 22:10:36 -04:00
Mark Story
96c9521802
Merge pull request #8518 from garethellis36/customize-logged-error-message
...
[2.x] Extracts error trace in ErrorHandler to a helper function to allow customization
2016-03-23 21:20:30 -04:00
mark_story
a0ea7a0f2a
Fix PHP5.4+ syntax.
...
2.x must be compatible with PHP 5.3
2016-03-23 21:19:19 -04:00
Gareth Ellis
a6702b70d4
Extracts error trace in ErrorHandler to a helper function to allow customization
2016-03-23 19:05:23 +00:00
mark_story
c6db76d044
Instead of wiping the Router, just clear requests.
...
Clearing the router also removes routes which can cause assertions to
fail. By just removing the stored requests we avoid the error reported
in #8480 and not break as many tests.
2016-03-20 11:10:34 -04:00
mark_story
7ceb0993bf
Clear the router state after testAction().
...
When using array urls, internal state in the Router would cause requests
to be incorrectly handled causing multiple testAction calls in a single
test to fail. By reloading the router we start off with a clean slate
each time.
Refs #8480
2016-03-19 12:16:21 -04:00
Mark Story
01d3c2f599
Merge pull request #8475 from cakephp/issue-8468
...
Fix boolean values in select widgets.
2016-03-18 22:20:31 -04:00
mark_story
f57f038c09
Fix for PHP 5.3
2016-03-16 21:17:42 -04:00
Thomas Smith
3e86de5bcd
Replaced nested loop in merging hasMany children with one pass each through children and parents
2016-03-16 09:37:15 -07:00
mark_story
745f3a33e6
Fix boolean values in select widgets.
...
Boolean `false` should be treated like `0` when comparing option values.
Refs #8468
2016-03-15 22:59:03 -04:00
Mark Story
61b09024b0
Merge pull request #8470 from ravage84/patch-4
...
Add note about log levels on Wndows
2016-03-15 21:17:55 -04:00
Marc Würth
ca5e9c305f
Add note about log levels on Wndows
...
This is a problem if a developer on Windows tries to separate those three levels into separate streams without customizing the CakePHP default levels.
2016-03-15 19:37:14 +01:00
Marc Würth
adc450d18b
Remove outdated statement about log auto config
2016-03-15 19:33:14 +01:00
mark_story
c0a5d2b341
Merge branch '2.x' into 2.next
2016-03-13 23:02:24 -04:00
mark_story
22a2e93c4b
Update version number to 2.8.2
2016-03-13 23:01:17 -04:00
mark_story
af046fc7d6
Merge branch 'request-ip' into 2.x
2016-03-13 23:00:47 -04:00
mark_story
fef3090717
Fix incorrectly inheriting permissions.
...
When child inherits from a deny parent the '*' permission should reflect
permissions on all nodes not just the leaf node. Previously once a node
with all permissions set to inherit was found, the check would pass.
Instead it should cascade to the parent nodes and look for explicit
allow/deny.
Refs #8450
2016-03-11 23:18:50 -05:00
mark_story
48af49ddde
Don't trust CLIENT_IP
...
The client_ip header can easily be forged. In 'safe' modes we should
only trust the remote_addr which comes from the sapi. Remove support for
http_clientaddress as I can't seem to find where this ever came from in
PHP on the http specs.
2016-03-10 22:04:13 -05:00
Mark Story
18b0334890
Merge pull request #8384 from garas/mailtransport-log-subject
...
Email log missing Subject and To headers when using MailTransport
2016-03-02 21:29:13 -05:00
mark_story
3ad68db5eb
Tweak fix from #8359
...
This fixes a regression introduced in that change that we didn't
previously have tests for. The issue fixed in #8359 was related to
PHP7.0, whereas PHP5 didn't have an issue. Now both versions will work
the same.
2016-03-02 12:30:48 -05:00
Mark Story
63de5ca4ea
Merge pull request #8359 from phlyper/patch-1
...
verify exists index 0 in $ref
2016-03-02 12:27:49 -05:00
Markus Bauer
95558d0bba
Data passed through FormHelper::postLink is excluded from CSRF creation of an outer form. Subsequent fix for #8387 .
2016-03-02 03:02:43 +01:00
Markus Bauer
7df96b3912
Creating correct CSRF tokens when using FormHelper::postLink within another form. Fixes #8387
2016-03-02 02:51:06 +01:00
Alex
862397325d
fixed typo
2016-03-01 12:41:29 -08:00
Edgaras Janušauskas
2386a86adc
Include Subject and To in email log when using MailTransport
2016-03-01 22:21:14 +02:00
Alex
e5e4317217
Updated deprecated doc for flash method
2016-03-01 12:17:39 -08:00
mark_story
78f199f8a0
Update version number to 2.8.1
2016-02-27 22:31:18 -05:00
mark_story
3ed321dff4
Handle negative numbers in Redis correctly.
...
Update number sniff to handle negative numbers. We need to do number
sniffing so we can maintain compatbility between write() and
increment()/decrement().
Refs #8364
2016-02-27 00:07:58 -05:00
Mark Story
eae7a8926b
Merge pull request #8345 from cakephp/issue-8330
...
Fix parsing empty header values.
2016-02-26 23:01:59 -05:00
phlyper
7b9ff1c11b
verify exists index 0 in $ref
...
exemple
i have to get the referrer url from any page if exists
```
class AppController extends Controller {
......
public function beforeRender() {
parent::beforeRender();
$this->params['referer'] = $this->referer(null, true);
}
..........
}
```
2016-02-26 22:39:48 +01:00
mark_story
1709f54e38
Update documentation for Model::_readDataSource()
...
Update sample code to generate unique keys based on association
conditions as well. Because association conditions are not part of the
'query' they need to be handled separately.
Refs #8346
2016-02-26 12:39:29 -05:00
Mark Story
31b3f39b67
Merge pull request #8310 from cakephp/secure-random
...
2.x - Secure random
2016-02-25 22:05:08 -05:00
mark_story
1a170e1eec
Fix parsing empty header values.
...
Replace the complex and somewhat unfixable regexp based parser for
a parser that handles each line individually. Normalize multi-line
headers to replace multiple spaces with a single one. Section 4.2 of the
HTTP1.1 standard states
> Any LWS that occurs between field-content MAY be replaced with
> a single SP before interpreting the field value or forwarding the
> message downstream.
This makes me somewhat confident that we can safely normalize
multi-line HTTP header values.
Refs #8330
2016-02-24 22:25:58 -05:00
mark_story
9c0da41858
Skip test on PHP7 as the warning is not consistent.
2016-02-23 20:54:16 -05:00
Marc Würth
1258739411
Replace Set by Hash
...
References to the deprecated Set class don't make much sense.
2016-02-23 13:09:03 +01:00
Mark Story
ff6cdd4b73
Merge pull request #8279 from cakephp/issue-8114
...
Fix inherited permissions when checking the '*' permission.
2016-02-22 14:48:58 -05:00
mark_story
7e5f56362f
Deprecate bad methods.
...
These methods are bad and should feel bad.
2016-02-22 00:16:15 -05:00
mark_story
7df99fff1f
Backport Security::randomBytes() to 2.x
...
I decided to leave the warning in. People who can't upgrade their
applications should at least be aware of the risks they are taking.
I'm flexible if people are strongly opposed to a warning, but I feel
that these kinds of warnings can be supressed in production if they
really are in a jam and don't care.
Refs #8282
2016-02-22 00:14:44 -05:00
mark_story
ee2d222b85
Correct API docs for find().
...
Fixes #8308
2016-02-21 22:42:24 -05:00
Marc Würth
cd62c89994
Back port mime types from 3.next
2016-02-19 14:26:53 +01:00
mark_story
4389c79442
Update tests.
...
The old tests were relying on the fixed inherit bug. Instead check
a specific permission which will result in a deny.
Refs #8114
2016-02-18 21:24:52 -05:00
mark_story
8f3df8b13e
Make tests not fail when extensions are installed
...
If the extensions are installed but memcached/redis are not running
errors should not be emitted.
2016-02-18 21:14:55 -05:00
mark_story
7a5907057a
Ensure keys are strings before accessing them.
...
Some userland datasources (namely an oracle driver) manage to get arrays
into $stack.
Refs #8281
2016-02-18 21:03:57 -05:00
mark_story
b2509ea13d
Fix inherited permissions when checking the '*' permission.
...
When checking inherited permissions for '*' also copy inherited
permissions onto the inherited list. By copying the inherited values, we
get the union of explit allow and inherited permissions, which if all
things go well will match the permission key list.
Refs #8114
2016-02-16 22:30:19 -05:00
Mark Story
68082fad02
Merge pull request #8207 from CakeDC/feature/uuid
...
Add support for Postgres native uuid datatype
2016-02-16 21:53:08 -05:00
Chris Hallgren
bf22e84d65
CS fixes
2016-02-15 20:44:27 -06:00
Chris Hallgren
849abab6a4
Fixing test case
2016-02-15 19:34:05 -06:00
Chris Hallgren
0c183b9b8e
Read content type in a more compatible way.
...
Not all webservers set CONTENT_TYPE. The built-in PHP webserver for
example sets HTTP_CONTENT_TYPE instead. Add a public method to the
request object to smooth over this difference.
Refs #6051 , #8267
2016-02-15 19:31:24 -06:00
Seth Tanner
c05835d85d
refs #8027 combine if statements
2016-02-11 01:49:34 +00:00
Marc Würth
780b836d57
Deprecate SecurityComponent::requireAuth & SecurityComponent::requireAuth()
...
Backport of https://github.com/cakephp/cakephp/pull/8191
2016-02-10 13:37:10 +01:00
Marc Würth
b5655d63ff
Remove lighthouse references
2016-02-10 12:27:34 +01:00
Edgaras Janušauskas
5b10e3cac2
Use mixed return type for AuthComponent::user()
2016-02-09 23:04:26 +02:00
ADmad
8b15cf1455
Merge pull request #8209 from cakephp/issue-8201
...
Backport fix for Validation::uploadedFile to 2.x
2016-02-09 12:05:41 +05:30
mark_story
e4b939bba0
Backport fix for Validation::uploadedFile to 2.x
...
Don't fail validation when the keys are not the expected order.
Refs #8201
2016-02-08 22:37:25 -05:00
Mark Scherer
f1bea77d74
Fix bool check and also some doc blocks.
2016-02-09 01:18:43 +01:00
mark_story
82206691ac
Bump version for 2.9.0
2016-02-06 21:00:40 -05:00