adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 11:28:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
18953 commits 7 branches 0 tags 44 MiB
Commit graph

728 commits

Author SHA1 Message Date
mark_story
5e35064a0b Read basic auth credentials from Authorization header 
Merge branch 'issue-9365' into 2.x

Refs #9365
 2017-04-28 21:49:47 -04:00
mark_story
275385d676 Add test covering basic auth reading from headers. 
In some FastCGI setups basic auth values will only be present in the
header. Fallback to reading that value if the PHP_AUTH super globals are
empty.

Refs #9365
 2017-04-28 21:49:27 -04:00
Nicola Beghin
09a981ba38 code style fix as requested 2017-04-23 18:44:42 +02:00
Nicola Beghin
99d02a8698 fix permission 2017-04-23 18:41:45 +02:00
Nicola Beghin
a1eb067c71 bugfix basic to Basic 2017-04-23 18:27:09 +02:00
Nicola Beghin
7cd9d4381a typo 2017-03-18 14:44:44 +01:00
Nicola Beghin
ca6ca9376e refactoring to avoid tampering with $_SERVER 2017-03-18 13:34:26 +01:00
mark_story
ccc9006620 Unset the active user data on logout. 
When using stateless authentication the current user should be cleared
after logout to maintain consistency with session based authentication.

Refs #10422
 2017-03-16 11:31:20 -04:00
Nicola Beghin
ff210b04d7 code style 2017-03-15 17:32:47 +01:00
Nicola Beghin
5fb1b71cb6 code style fix 2017-03-15 17:22:31 +01:00
Nicola Beghin
74f700882c local variable optimization 2017-03-15 16:27:27 +01:00
Nicola Beghin
089a0ae087 using $request->header in place of $_SERVER['HTTP_AUTHORIZATION'] 2017-03-15 15:06:39 +01:00
Nicola Beghin
a15c5c7a70 BasicAuthenticate - added check to avoid parsing if "Authorization: Bearer <token>" is in place 2017-03-15 14:08:17 +01:00
Nicola Beghin
f5795f05a5 BasicAuthenticate - code styling and strong type comparison 2017-03-15 13:59:56 +01:00
Mark Story
9e6e08704e Merge pull request #9838 from cakephp/issue-9779 
Fix CookieComponent erroring on corrupted data.
 2016-12-05 16:44:24 -05:00
chinpei215
26731b93bf Use ternary operator 2016-12-04 21:55:29 +09:00
chinpei215
b7481096c8 Fix redirectUrl issue when loginRedirect is empty 
Fixes #9819
 2016-12-04 20:06:24 +09:00
mark_story
27f951fb41 Don't emit errors when operating on corrupted cookie data. 
When deleting from corrupted cookie data, there shouldn't be any errors.

Refs #9779
 2016-12-03 14:10:47 -05:00
Val Bancer
744b455de1 fixed configuration of 'enabled' setting in components inside a 
component
 2016-10-28 22:14:20 +02:00
Nicola Beghin
41851d60b4 fix HTTP Basic Auth on FastCGI PHP 2016-08-28 19:16:59 +02:00
mark_story
61b3fbd605 Merge branch '2.x' into 2.next 2016-08-09 22:12:26 -04:00
Kim Biesbjerg
f22129b9c7 Store user data in memory on login for stateless auth adapters 2016-07-06 00:25:46 +02:00
mark_story
432eb9c432 Merge branch '2.x' into 2.next 2016-06-27 21:47:47 -04:00
Iñigo In The Cloud
2c112095a9 Issue #9040 - Auth saving json in Auth.redirect 
AuthComponent is storing JSON or any other AJAX request URL into the session variable Auth.redirect used for login redirect if the AJAX request does not send the X-Requested-With:XMLHttpRequest header.

If you send an ajax request without that header and your request is not a (.json) it will store the URL anyway.
 2016-06-27 14:15:05 -04:00
Richard Torenvliet
e31ce0d58f Add the HTTP Patch to the Content-Type check mechanism 
Currently when a request is of type 'patch' it is ignored. This commit makes
sure that the Content-Type is checked when a patch request is provided.
 2016-05-18 14:54:52 +02:00
mscherer
dda9e83ab6 Refactor Object to CakeObject for future PHP7 comp. 2016-04-08 14:33:26 +02:00
Alex
862397325d fixed typo 2016-03-01 12:41:29 -08:00
Alex
e5e4317217 Updated deprecated doc for flash method 2016-03-01 12:17:39 -08:00
mark_story
7df99fff1f Backport Security::randomBytes() to 2.x 
I decided to leave the warning in. People who can't upgrade their
applications should at least be aware of the risks they are taking.

I'm flexible if people are strongly opposed to a warning, but I feel
that these kinds of warnings can be supressed in production if they
really are in a jam and don't care.

Refs #8282
 2016-02-22 00:14:44 -05:00
Marc Würth
780b836d57 Deprecate SecurityComponent::requireAuth & SecurityComponent::requireAuth() 
Backport of https://github.com/cakephp/cakephp/pull/8191
 2016-02-10 13:37:10 +01:00
Edgaras Janušauskas
5b10e3cac2 Use mixed return type for AuthComponent::user() 2016-02-09 23:04:26 +02:00
mark_story
3b5a71df37 Merge branch '2.7' into 2.8 2016-01-28 21:51:59 -05:00
Edgaras Janušauskas
6e54a7391c Use more specific datatypes in PHPDoc 2016-01-28 23:10:51 +02:00
mark_story
3e67685c7c Merge branch '2.7' into 2.8 2016-01-21 21:46:51 -05:00
mark_story
4b8d628a2e Backport SecurityComponent fixes from #8071 to 2.x 
If the request manages to have data set outside of post/put we should
still validate the request body. This expands SecurityComponent to cover
PATCH and DELETE methods, as well as request methods that should be
safe, but somehow end up not safe.
 2016-01-20 21:34:58 -05:00
@zuborawka
3d0bda0df8 Update comment block 
Add an annotation for FlashComponent
 2016-01-07 23:12:01 +09:00
Mark Scherer
12b4c9ba24 Fix bracket syntax. 2015-12-23 21:45:15 +01:00
Mark Scherer
8b5ef12ccb Always return response in redirect() for testing. 2015-12-23 21:29:19 +01:00
Mark S
b76a235175 Remove default overwrites that are useless 2015-12-08 18:21:51 +01:00
Jorge González
5845cad93f fix phpcs 2015-11-04 16:37:21 +00:00
Jorge González
cb6a17c34e add Flash back to Controller, fix Scaffold to use Flash instead 2015-11-04 10:41:35 +00:00
mark_story
925647ae2b Simplify code used to generate plugin flash messages. 2015-10-17 20:59:02 -04:00
gmponos
fd50d1976a Flash Component was not handling plugin option 2015-10-17 20:55:52 -04:00
Marc Würth
ed410dd12c Do not mix void with other return types 
Inspired by #7527
 2015-10-10 15:49:00 +02:00
Mark Story
12f5aee5a2 Merge pull request #7447 from ravage84/2.7-lib-improvements 
Various improvements to the CakePHP lib files
 2015-09-25 12:14:00 -04:00
Marc Würth
e690662f0e Various improvments to the CakePH Plib files 
Mostly CS, doc blocks and explicit returning nulls.
 2015-09-25 17:11:20 +02:00
mark_story
07c2047984 Merge branch '2.7' of github.com:cakephp/cakephp into 2.7 2015-08-06 21:43:40 -04:00
mark_story
056f24a774 Forbid direct prefix access with mixed casing. 
Changing the casing up should not allow prefix method access.
 2015-08-05 23:05:30 -04:00
mark_story
9f20330d17 Fix fatal error on null subject. 
Refs #7176
 2015-08-05 22:20:39 -04:00
Mark Scherer
52e79987a2 Replacing self with static due to PHP5.3+. Following #7040. 2015-07-21 10:22:53 +02:00