mark_story
d2c4bf2bb2
Buffer contents of HtmlReporter.
...
Collect HTML output into a buffer so we can provide compatibility across
PHPUnit 3.x and 4.x
Refs #11588
2017-12-30 23:47:11 -05:00
mark_story
51206d7358
Update version number to 2.10.6
2017-12-18 21:15:48 -05:00
Mark Story
3bf93b7f76
Merge pull request #11526 from cakephp/post-conditions
...
Make postConditions() less permissive.
2017-12-15 14:36:38 -05:00
mark_story
340059be15
Check model names for bad characters as well.
2017-12-13 00:01:09 -05:00
mark_story
a9618f67f7
Use a permitted list instead of a ban list.
...
This should be safer as we are more confident on what is coming in.
2017-12-13 00:01:05 -05:00
Koji Tanaka
fba7f1c617
Fix Phpdoc for CakeObject::log()
2017-12-12 20:00:21 +09:00
mark_story
f66dec8a96
Make postConditions() less permissive.
...
We were notified by `ooooooo_q` that postConditions() is vulnerable to
SQL injection if used without SecurityComponent tampering prevention.
This change attempts to make postConditions() safer by exploding in
unsafe scenarios.
2017-12-10 21:44:47 -05:00
chinpei215
6ad30946d8
Fix CS
2017-12-04 23:31:32 +09:00
chinpei215
9f65402d2c
Fix CakeRequest::referer(true) returning scheme-relative URLs
...
Backport of #11503 (and #8795 )
2017-12-04 21:18:27 +09:00
dereuromark
eaf7454628
Clarify migration path to 3.x
2017-11-29 19:57:01 +01:00
Mark Story
abec95d3ea
Merge pull request #11469 from db-bogdan/issue11468
...
fixes #11468 sending user data on basic auth in API environment
2017-11-28 21:52:59 -05:00
chinpei215
4ae9f13dfd
Fix 'order' not working with a single expressions
2017-11-29 00:17:57 +09:00
db-bogdan
e824346cca
extra fix
2017-11-28 11:43:55 +02:00
db-bogdan
94e06dfeb3
add unit test
2017-11-28 11:31:46 +02:00
db-bogdan
5695fef46f
fixes #11468
2017-11-27 11:59:34 +02:00
Mischa ter Smitten
d7b9e55e98
Fix indent
2017-11-23 14:12:13 +01:00
Mischa ter Smitten
05954ff405
Consistency changes
2017-11-23 10:09:25 +01:00
Mischa ter Smitten
4faac8e09a
Improved readability
2017-11-23 10:06:14 +01:00
Mischa ter Smitten
bc1678cf2a
Add option to make _validAgentAndTime
3.x compatible
2017-11-23 10:02:38 +01:00
Val Bancer
a2cc9843e4
added missing ob_end_flush() call
2017-11-21 15:20:14 +01:00
mark_story
10fcd7633d
Update version number to 2.10.5
2017-11-20 21:09:55 -05:00
mark_story
f788c90b3c
Fix typo
2017-11-05 22:34:47 -05:00
Mark Story
b175270f62
Merge pull request #11404 from ynaderi/2.x
...
- DigestAuthenticate modification for cakephp 2.X
2017-11-05 22:34:17 -05:00
Yaser Naderi
26a683f36f
- DigestAuthenticate modification for cakephp 2.X
2017-11-03 14:53:54 -04:00
Milan van As
7de5ae4438
Force email domain lookups to work in fallback case.
2017-10-25 08:45:57 +02:00
saeideng
b59b64db29
replace tab with space
2017-10-21 22:44:15 +03:30
mark_story
549c181926
Update version number to 2.10.4
2017-10-18 21:54:49 -04:00
chinpei215
19bbb7da17
Simplify CookieComponent::read()
...
Also, this commit fixes an issue of when the second level key is empty.
Previously, read('foo.0') returned incorrect result.
2017-10-16 21:01:19 +09:00
chinpei215
bbea91090d
Fix CookieComponent::delete() not working for deep children
2017-10-16 20:55:00 +09:00
mark_story
e85f489c1f
Add test for #11284
2017-10-13 21:55:56 -04:00
Mark Story
d3a4ce1216
Merge pull request #11284 from kolorafa/patch-1
...
msSQL - also handle offset as string
2017-10-13 21:55:21 -04:00
Mark Story
fb44035177
Merge pull request #11299 from tenkoma/2.x-fix-cc-number-jcb-pattern
...
[2.x]Fix Credit card number pattern(JCB) is wrong
2017-10-08 10:09:19 -04:00
Koji Tanaka
7d2d902b57
[2.x]Fix Credit card number pattern(JCB) is wrong
2017-10-08 16:15:10 +09:00
Mark Story
e889535e41
Merge pull request #11288 from mensler/session-without-cookies-2.x
...
Check for session.use_trans_sid and session ID in URL when cookies are disabled (2.x)
2017-10-07 12:17:30 -04:00
Clemens Weiß
61eddc6bde
Fixed formatting
2017-10-07 11:11:45 +02:00
Mark Story
a71cad0420
Merge pull request #11283 from chinpei215/2.x-cookie-component-1
...
[2.x] Fix fatal error thrown when replacing scalar with array
2017-10-06 16:45:38 -04:00
Clemens Weiß
7f64ea37f9
Restored formatting
2017-10-06 17:11:09 +02:00
Clemens Weiß
5d5e791a31
Check for session.use_trans_sid and session ID in URL in case cookies are disabled (backport of cakephp/cakephp#10828 for 2.x)
2017-10-06 17:04:53 +02:00
chinpei215
deac8f9109
Backport #7080 , #8233 and #11060
2017-10-06 22:02:37 +09:00
chinpei215
ccf634e5f3
Docblock update
2017-10-06 21:59:48 +09:00
chinpei215
959f45a6c6
Fix fatal error thrown when replacing scalar with array
...
Refs #11280
2017-10-06 13:43:32 +09:00
kolorafa
22d2564de9
msSQL - also handle offset as string
...
When doing pagination you could get offset not as a int(eg. 10) but string(eg. "10") and it will not paginate at all.
For example DataTables plugin pass offset from params and all params from http request are strings wrapped in numbers.
Adding ctype_digit($offset) will also check the case.
2017-10-05 11:45:33 +02:00
LustyRain
e1e5a292f2
Fix: revert return
2017-10-05 00:09:51 +09:00
LustyRain
0f00d73c70
Fix delete space, restored return
2017-10-04 21:02:48 +09:00
LustyRain
1f09318724
Fix delete space, restored return
2017-10-04 20:40:57 +09:00
LustyRain
8bb07c0fd7
Fix called twice
2017-10-04 11:39:31 +09:00
LustyRain
31b13edf8a
Fix: phpdoc miss
...
## did
- void unReturn
- miss return void
- add return type
- type miss typing
- add param type and return type
- string → string|array
- change ClassName
2017-10-04 00:22:42 +09:00
LustyRain
bececc421d
Fix: void unreturn
2017-10-02 15:40:48 +09:00
Ionut-Mihai Burlacu
31ed2d5dfb
Test Case
2017-09-22 11:45:38 +03:00
Ionut-Mihai Burlacu
5540569fcc
Test Case
2017-09-22 11:39:39 +03:00