euromark
5f5218f3b2
Fix cookie reading.
2014-08-06 22:53:54 +02:00
Steve Tauber
0af698c591
Updating RequestHandlerComponent to accept body of HTTP Delete requests
2014-07-29 16:08:33 +02:00
David Steinsland
b61972871a
Fixed sending of headers when ajaxLogin is set
2014-07-22 13:21:42 +02:00
mark_story
b3dfad614a
Correct pattern matching.
...
Instead of 10 digits, it should limit at 10 groups.
Refs 1988e89e73
2014-07-06 09:42:20 -04:00
Schlaefer
9fa7afa354
fixes #3887 CSRF reusable token expires
2014-07-06 10:39:00 +02:00
mark_story
1988e89e73
Add an upper bound to the POST data SecurityComponent will consider.
...
'Kurita Takashi' has let us know that the previous patterns could be
abused by an evil doer. One could potentially send a very large deeply
nested POST data structure. Matching that structure could overflow the
PCRE limits causing a segmentation fault. Adding an upper bound will
solve the problem and I doubt anyone is doing POST data structures with
more than 10 levels of nesting.
2014-07-03 22:02:00 -04:00
euromark
974ca851c2
Correct doc blocks according to cs guidelines.
...
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
b4bcd74e60
Whitelist more URL-y characters in digest parsing.
...
Android clients include a full URL instead of just the URI. Also handle
situations where URLencoded bytes and document fragments are used.
Refs #3779
2014-06-23 14:39:35 -04:00
euromark
a927f5d954
remove wrong App::uses() call
2014-06-17 05:10:19 +02:00
Bryan Crowe
1db10b4dd1
Basic grammar update to BasicAuthenticate docblock
2014-06-16 21:48:35 -04:00
ADmad
4ee7cf6564
Remove lies from API docblock for BasicAuthenticate class.
...
Add info on how to configure for cookieless/stateless operation without redirection.
2014-06-08 14:05:08 +05:30
mark_story
07b43403fb
Fix doc errors in Component/Acl.
2014-06-06 13:57:15 -04:00
mark_story
7058921275
Fix doc comment errors in Acl classes.
2014-06-05 00:15:45 -04:00
mark_story
975e4c3af0
Allow username of 0 in basic authentication.
...
Refs #3624
2014-06-02 22:02:28 -04:00
mark_story
d1e4dfac47
Add tests for #3624
...
The username of '0' should be accepted by FormAuthenticate.
Refs #3624
2014-06-02 21:58:50 -04:00
KeinBaum
88b3629f4f
#3623 : Allow username "0" with FormAuthenticate
2014-06-02 19:11:02 +02:00
ADmad
3d9b2b80cb
More API docblock fixes.
2014-06-01 03:06:05 +05:30
mark_story
b2207c1ca8
Reverse conditions to make the cheapest condition first.
...
We don't need to do a count() if the page is not 1.
Refs #3333
2014-05-12 22:09:27 -04:00
Toby Cox
823f01601d
enhancement to paginator
...
As pointed out, we need to make sure that we are also on the first page
to make this conditional clause valid
2014-05-12 21:49:08 -04:00
Toby Cox
296ea215b1
Enhancement to paginator
...
No point in finding the count (via model) if the returned result count
is less than our limit. We then know that the count is the count of our
results
2014-05-12 21:49:07 -04:00
mark_story
89cd114e6f
Merge branch 'master' into 2.5
2014-05-12 14:30:02 -04:00
José Lorenzo Rodríguez
751d2d8f2d
Merge pull request #3448 from dereuromark/master-controller
...
Controller::referer() and local URL
2014-05-07 22:42:28 +02:00
Renan Gonçalves
87683b10f1
Allowing same Authenticate object to be setup with different settings.
2014-05-06 22:10:41 +02:00
ADmad
d466e00644
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/Model/Datasource/DboSource.php
lib/Cake/Test/Case/Model/Datasource/Database/MysqlTest.php
lib/Cake/Utility/Folder.php
lib/Cake/VERSION.txt
2014-05-04 14:35:36 +05:30
euromark
7a287a6942
More coding standard corrections.
2014-04-29 14:19:33 +02:00
euromark
43d359b1d7
Make referer() behave as expected.
2014-04-28 17:23:26 +02:00
mark_story
de0062de77
Merge branch 'master' into 2.5
2014-04-25 22:10:02 -04:00
mark_story
f23d811ff5
Use the form action URL in generated form hashes.
...
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.
Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
mark_story
d54fbe6f60
Merge branch 'master' into 2.5
2014-04-18 22:13:56 -04:00
Stephen Young
b55fa98a2d
Updated documentation
...
* Removed references to nonexistent `AclBase` class
* Added references to `AclInterface` requirements
2014-04-11 15:10:56 -04:00
euromark
a7744e6ff4
a few more corrections
2014-04-08 01:49:33 +02:00
euromark
0ece694a75
microptimize options and default merge and other string key array merges
2014-04-08 01:25:14 +02:00
Jose Lorenzo Rodriguez
343d3279b9
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/Test/Case/Utility/FileTest.php
lib/Cake/VERSION.txt
2014-04-06 21:50:41 +02:00
euromark
823909603a
correct deprecation notices
2014-04-04 19:18:02 +02:00
mark_story
f9b45f1b60
Merge branch 'master' into 2.5
2014-03-30 21:24:55 -04:00
sam-at-github
5ceb4abe1a
Removed arbitrary restriction on crud operations. Added some comments to explain parameters to mapActions() better.
2014-03-28 13:35:08 +11:00
mark_story
381b3fc9c3
Merge branch 'master' into 2.5
2014-03-25 21:30:56 -04:00
mark_story
de9a5a5845
Add deprecated flag to methods that are removed in 3.0.
...
A few methods in Controller were not marked as deprecated, but already
removed in 3.0. Shore up that difference.
Refs #3105
2014-03-23 20:40:17 -04:00
ADmad
abacf0d14b
Remove setting of Controller::$ext by RequestHandler.
...
Closes #3022
2014-03-16 20:09:08 +05:30
Mark
3ca338fe26
Merge pull request #2781 from davidsteinsland/2.5
...
Fixed HTTP Status code when ajaxLogin is set
2014-03-06 12:37:51 +01:00
mark_story
0f584c0e8b
Merge branch 'master' into 2.5
2014-02-24 21:19:17 -05:00
Sam
62cb733988
One liner. Dont call function parseAccept() twice in RequestHandlerComponent.
2014-02-21 00:54:10 +11:00
ADmad
9de3418079
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/Model/Permission.php
2014-02-11 18:17:59 +05:30
Eric Martins
2793dca671
Fix ApiGen errors
2014-02-07 18:29:54 -02:00
David Steinsland
f2b9aa5ca4
Fixed HTTP Status code when ajaxLogin is set
2014-02-05 16:05:02 +01:00
euromark
e3befe30df
deprecated loggedIn
2014-01-07 16:12:38 +01:00
mark_story
3cee3b0e99
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/VERSION.txt
2013-12-30 21:28:22 -05:00
Bryan Crowe
49bb441cef
Update some grammar in Controller
2013-12-30 00:13:26 -05:00
mark_story
a7ecf44007
Deprecated scaffold and scaffoldview.
...
They have already been removed in 3.0, so mark them accordingly.
2013-12-20 14:16:44 -05:00
ADmad
27979286b2
Revert change done in 11f543f1f2
.
...
The change is unneeded now as Security::encrypt() no longer throws exception
for falsey values.
2013-12-15 20:29:41 +05:30
Mark Story
bf96ea36d9
Merge pull request #2482 from zoghal/2.5-cookie-fix2
...
fix CookieComponent - when write null or empty string
2013-12-14 16:21:58 -08:00
mark_story
c2b8778ce8
Merge branch 'master' into 2.5
2013-12-14 17:45:49 -05:00
Saleh Souzanchi
11f543f1f2
fix CookieComponent - when write null or empty string
2013-12-15 02:15:36 +03:30
Mark Story
384c3a815d
Merge pull request #2350 from tuffz/formatting_app_uses_blocks
...
formatting app::uses blocks
2013-12-14 12:37:02 -08:00
mark_story
48d2618c62
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/Routing/Router.php
2013-12-08 21:25:59 -05:00
ADmad
738d0e2277
Fixed edge case which allowed login with empty password.
...
Ensure skipping call to FormAuthenticate::_checkFields() does not allow
logging in with empty password. Closes #2441 .
2013-12-07 18:40:08 +05:30
mark_story
8578708e76
Merge branch 'master' into 2.5
2013-12-01 21:37:37 -05:00
ADmad
c72def4840
Moved exception throwing to after paging info it set for request.
...
This fixes the regression caused in 2096d3f632
. When catching exception
thrown by PaginatorComponent::paginate() in controller, developer again
has access to paging info in request object.
Closes #2402
2013-11-30 19:00:08 +05:30
ADmad
dda6080579
Merge branch 'master' into 2.5
2013-11-19 00:27:12 +05:30
Eric Büttner
1e3865acc7
formatting app::uses blocks (refs #2265 )
2013-11-18 11:56:00 +01:00
Marc Würth
229bd69903
Added link to three hash methods
2013-11-17 03:40:39 +01:00
Marc Würth
7cfa0116f4
Removed "PHP 5" from file header DocBlocks
...
This statement does not serve a purpose anymore.
In a long forgotten world it indicated the main version number of PHP which the code in the file was compatible to.
http://pear.php.net/manual/en/standards.sample.php
But since PHP 5.1 and later this is only marginally true.
Thus I propose to remove it from CakePHP.
2013-11-13 22:58:39 +01:00
Kim Egede Jakobsen
f0205f53ad
Try to make same comments for constructors.
...
Conflicts:
lib/Cake/I18n/L10n.php
2013-11-11 11:03:57 +01:00
mark_story
afd182898f
Merge branch 'master' into 2.5
2013-11-01 16:54:57 -04:00
Luis Ramos
db63ba2d8f
Parse cookie values "{}" & "[]" as array
2013-10-30 15:26:50 -06:00
ADmad
d9ca148499
Merge branch 'master' into 2.5
...
Conflicts:
CONTRIBUTING.md
lib/Cake/Model/Model.php
lib/Cake/VERSION.txt
2013-10-30 02:34:09 +05:30
mark_story
a753718387
Update docs for CookieComponent::delete().
...
Refs #2182
2013-10-28 23:13:51 -04:00
mark_story
07f4779efe
Fix cookie component being inconsistent about writes.
...
Instead of treating multi-key and single key writes differently, they
should be treated consistently to allow simpler and more consistent interactions
with the stored data. This also results in fewer cookies being sent
across the wire which is an added benefit.
Fixes #2182
2013-10-28 23:13:51 -04:00
Bryan Crowe
a943ea5c34
Add space between classname(s)
2013-10-22 22:59:50 -04:00
Bryan Crowe
d39ced8381
Correct 'an URL' to 'a URL' in docblocks
2013-10-22 00:09:34 -04:00
mark_story
5a394c379a
Merge branch 'master' into 2.5
2013-10-14 22:57:50 -04:00
euromark
ee0ed3a43a
coding standards
2013-10-13 18:18:24 +02:00
Jose Lorenzo Rodriguez
df549898ad
Merge remote-tracking branch 'origin/2.5' into k-halaburda-master
2013-10-12 01:05:02 +02:00
Bryan Crowe
4242bd4f3d
Additional Cake references to CakePHP and docblock typo
2013-10-09 19:38:16 -04:00
Bryan Crowe
c1dd0e4393
Changed url to URL where appropriate
2013-10-07 23:17:58 -04:00
mark_story
60b0893c79
Merge branch 'master' into 2.5
2013-10-06 23:49:32 -03:00
mark_story
314ae1c8b4
Merge branch 'master' of github.com:cakephp/cakephp
2013-10-01 15:12:34 -04:00
Simon Males
c998888fe7
Do not assume CONTENT_TYPE is available.
...
In some server environments notably the CLI server, _SERVER['CONTENT_TYPE'] is not available.
In these cases, fall back to the HTTP_CONTENT_TYPE header.
Refs #GH-1661
2013-10-01 15:10:33 -04:00
mark_story
5e9b22271a
Merge branch 'master' into 2.5
2013-09-27 22:26:33 -04:00
Frank de Graaf
3e8af8b180
Merge pull request #1689 from dereuromark/master-cakephp-name
...
Cake to CakePHP name
2013-09-27 12:16:25 -07:00
Frank de Graaf
ceb78fee9c
Merge pull request #1671 from ADmad/bugfix/auth-infinite-redirect
...
Fixed infinite redirects when authenticated user tried to access login p...
2013-09-27 12:13:36 -07:00
euromark
df269ba0ef
Cake to CakePHP name
2013-09-27 19:36:43 +02:00
ADmad
4dbf9107a8
Fixed infinite redirects for authenticated users accessing login page.
2013-09-27 22:33:07 +05:30
mark_story
cc5795c67d
Merge branch 'master' into 2.5
2013-09-26 10:07:10 -04:00
Bryan Crowe
ab4bc16463
Updated Controller:: doc block and ControllerMergeVarsTest::
2013-09-25 22:53:23 -04:00
Bryan Crowe
915b51b239
Updated JavaScript casing and JsHelper references in doc blocks
2013-09-25 22:46:38 -04:00
Bryan Crowe
1393325ad1
Use instanceof instead of is_a() in Controller.php
2013-09-23 21:37:27 -04:00
mark_story
a7a6fcae8a
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/VERSION.txt
2013-09-17 10:11:24 -04:00
euromark
e3a3946e89
address casting cs
2013-09-17 15:15:25 +02:00
euromark
12f2f729c8
more cs
2013-09-17 14:53:07 +02:00
euromark
382f75dbfc
cs corrections, bool to boolean and int to integer.
2013-09-17 14:44:34 +02:00
mark_story
a2bd91638e
Merge branch 'master' into 2.5
2013-09-12 19:47:13 -04:00
euromark
a796b26f13
fix renderLayout and update deprecated and outdated code
2013-09-13 00:09:31 +02:00
ADmad
1d0c785725
Fixed setting of order in Paginator options when using model's order. Refs f680c76
, #3902
2013-09-10 22:47:31 +05:30
mark_story
59bb05b433
Merge branch 'master' into 2.5
...
Conflicts:
lib/Cake/VERSION.txt
2013-09-02 11:35:09 -04:00
Renan Gonçalves
6750a65e1b
Merge pull request #1568 from markstory/2.5-encrypt
...
2.5 - Add Security::encrypt() and Security::decrypt()
2013-09-02 01:19:47 -07:00
euromark
a36456cc87
Correct doc blocks for AuthComponent
2013-08-31 19:58:10 -07:00
mark_story
005a7d841d
Add support for aes encrypted cookies.
...
With Security supporting AES encryption it is also ideal to have AES
compatible cookies. Refactor and simplify code. Dynamic invocation of
static method is a bit obtuse and the various methods don't all have the
same arguments.
2013-08-27 21:34:18 -04:00
euromark
1aba204ec7
remove $name where not necessary to unify this in 2.x
2013-08-25 21:19:55 +02:00
euromark
361980fade
remove code, class names and paths from translation strings.
2013-08-21 00:05:53 +02:00
mark_story
0f2d59d987
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Network/CakeResponse.php
lib/Cake/TestSuite/CakeTestCase.php
2013-08-18 23:10:08 -04:00
euromark
6cf147e8c8
unify null checks - avoid method call in favor of strict check
2013-08-16 20:12:49 +02:00
dmromanov
56ef44f495
Excluded method names from several tanslation strings
...
Removed unnecessary sprintfs
2013-08-16 13:42:28 +04:00
mark_story
26769edd04
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Utility/CakeTime.php
lib/Cake/VERSION.txt
2013-08-12 14:39:02 -04:00
Mark Story
2f5963e2d3
Merge pull request #1496 from ravage84/else-clause-after-redirect
...
Removed else clauses after redirects and added return before redirect() ...
2013-08-12 11:05:39 -07:00
euromark
b09dc7213a
deprecate Controller::flash() and adjust some other deprecation messages.
2013-08-12 12:51:12 +02:00
Jose Lorenzo Rodriguez
9d07fc4330
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Console/ShellDispatcher.php
lib/Cake/Utility/CakeNumber.php
lib/Cake/View/Elements/sql_dump.ctp
2013-08-11 23:31:10 +02:00
Marc Würth
4c13a39f3e
Removed else clauses after redirects and added return before redirect() and flash() calls
2013-08-08 21:10:41 +02:00
euromark
fc2d28974b
remove undocumented code and uncessary in_array() checks + cleanup
2013-08-08 03:56:58 +02:00
mark_story
9efad54e31
Fix missing expiry times on cookies.
...
When writing multiple cookies in a single request with the default
expiry time, cookies after the first should continue to have the default
expiry time used.
Fixes #3965
2013-08-06 22:01:13 -04:00
ADmad
38b050a711
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Console/Command/ConsoleShell.php
2013-08-04 19:26:55 +05:30
Simon Males
0adef209e3
Camel case SecurityComponent::blackHole() method call
2013-08-02 12:07:33 +08:00
mark_story
95b74bd9ef
Make sure ComponentCollection has the controller dependency.
...
Add setter method as changing ComponentCollection's constructor now is
not possible. This fixes issues where components that rely on
Collection->getController() in their constructor can work properly.
Fixes #3946
2013-07-30 09:09:52 -04:00
ADmad
a691e70065
Docblock and return type fixes
2013-07-29 19:13:31 +05:30
Phally
a70e004cda
Corrects bad merge.
...
Bad merge: d161b21ae1
Fixes #3938 .
2013-07-26 20:00:32 +02:00
Phally
6b41eaa950
Merge branch 'master' into 2.4
2013-07-26 19:44:11 +02:00
Phally
f7eab23a5c
Strips the base off the generated URL from the AuthComponent.
...
Fixes #3922 .
2013-07-26 15:18:28 +02:00
euromark
8b21710c95
whitespace correction
2013-07-25 13:26:21 +02:00
mark_story
e03d3df0fe
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Test/Case/View/HelperTest.php
lib/Cake/VERSION.txt
2013-07-17 22:40:09 -04:00
mark_story
a8f4ec0450
Simplify whitelist logic.
2013-07-16 19:33:06 -04:00
mark_story
b873186468
Fix being unable to sort on custom synthetic columns.
...
If a sort field whitelist is used we should trust its data and also
trust that the developer wanted what they asked for. This solves issues
where it was impossible to sort on synthetic columns added in custom
find types.
Fixes #3919
2013-07-16 10:19:18 -04:00
ADmad
d161b21ae1
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Controller/Component/AuthComponent.php
2013-07-14 10:58:55 +05:30
mark_story
d40c7376ce
Rebalance where URL normalization happens in AuthComponent.
...
Make URL's not include the base path when storing them in the session.
This makes future redirection simpler. When URL's are an array use
Router::url() on them.
Fixes #3916
2013-07-12 21:54:22 -04:00
mark_story
8133f72b53
Update AuthComponent to not strip when normalizing URLs.
...
Revert most of the changes done to fix #3897 originally and try
a different strategy of solving the base path issues and not breaking
apps running in a subdirectory.
Fixes #3916
2013-07-12 21:17:25 -04:00
ADmad
4ded269549
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Controller/Component/Auth/BlowfishAuthenticate.php
lib/Cake/VERSION.txt
2013-07-07 12:22:12 +05:30
Marc Würth
a397f034e6
Some love for a deprecated class
...
Whitespace and wording.
Optionally we could include a version number until when this class will work. I assumed this will be 3.0...
http://www.phpdoc.org/docs/latest/for-users/phpdoc/tags/deprecated.html
I treid that but after I let apigen generate the doc and I saw it did nothing special about it ;-/
2013-07-06 19:50:26 +02:00
euromark
af455b4121
correct return types in doc blocks
2013-07-05 17:19:22 +02:00
euromark
e7f380d2b7
doublespace to single space
2013-07-05 14:36:40 +02:00
euromark
c989624f80
whitespace coding standards
2013-07-05 14:15:18 +02:00
mark_story
22a198a8ba
Merge branch 'master' into 2.4
2013-07-04 21:40:51 -04:00
euromark
f680c763b2
ticket-3902 - paginator and display of order via model default order
2013-07-04 13:07:14 +02:00
José Lorenzo Rodríguez
9c4775a220
Merge pull request #1393 from markstory/constant-time-login
...
Hash passwords even when users don't exist.
2013-07-03 13:49:03 -07:00
mark_story
c597855fe4
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Test/Case/Network/CakeRequestTest.php
2013-07-03 14:21:09 -04:00
euromark
f389435bae
coding standards and else block simplification
2013-07-03 19:27:17 +02:00
euromark
7cb19b97db
coding standards and simplification of else cases as well as some minor fixes
2013-07-03 00:52:48 +02:00
mark_story
17e4eee73d
Hash passwords even when users don't exist.
...
Not hashing passwords when users don't exist means there is an
opportunity for timing attacks when people use blowfish or other
expensive hashing algorithms.
2013-07-01 21:52:15 -04:00
Mark Story
94db8fbed6
Merge pull request #1380 from ceeram/2.4-ext
...
Set extension with multiple accept based on order in parseExtensions.
2013-06-30 19:42:50 -07:00
Marc Würth
e84bf65016
Typo in FormAuthenticate.php
2013-07-01 00:03:03 +02:00
mark_story
f09693f6e8
Merge branch 'master' into 2.4
2013-06-29 23:26:26 -04:00
mark_story
1d18a4f702
Fix issue where redirectURLs were not generated correctly.
...
When the first path segment matches the base path an incorrect URL was
generated. Trimming slashes off makes Router normalize the URL correctly
as the leading / implies that the base is already prepended.
Fixes #3897
2013-06-29 23:26:13 -04:00
Ceeram
6a0185d7e6
Set extension with multiple accept based on order in parseExtensions, currently with multiple accepted types, no extension is set at all
2013-06-27 14:34:00 +02:00
mark_story
dcf7df39d2
Merge branch 'master' into 2.4
2013-06-21 17:47:37 -04:00
Marc Würth
2418ea0a57
Fixed typo in AuthComponent::redirectUrl
2013-06-21 16:49:31 +02:00
Rachman Chavik
0d486bdab4
AuthComponent: Allow suppressing authError message
...
When unauthenticated users accesses protected areas, they are greeted
with the default 'You are not allowed to access that location' which is
not desired in some cases.
This patch allows applications to suppress this message by setting
AuthComponent::authError to false bypassing the call to
SessionComponent::setFlash() altogether.
Refs: https://github.com/croogo/croogo/pull/175#discussion_r4714240
2013-06-17 09:33:59 +07:00
mark_story
cd3c54bb9d
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/VERSION.txt
2013-06-10 22:12:10 -04:00
euromark
4518624187
more whitespace coding standard corrections
2013-06-09 17:39:48 +02:00
ADmad
636cc8c103
Merge branch 'master' into 2.4
2013-06-09 18:08:32 +05:30
mark_story
3aa189eb3a
Fix cookie expiry time calculation on 32bit systems.
...
strtotime() misbehaves on 32bit systems when the resulting timestamp
would overflow an integer. Use a DateTime to workaround this issue.
Fixes #3868
2013-06-03 20:16:18 -04:00
ADmad
f3c69c9f40
docblock updates
2013-06-03 01:04:00 +05:30
ADmad
3303a2cda1
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Console/Templates/skel/Config/Schema/db_acl.php
lib/Cake/Console/Templates/skel/Config/Schema/i18n.php
lib/Cake/Console/Templates/skel/Config/Schema/sessions.php
lib/Cake/Console/Templates/skel/Config/acl.ini.php
lib/Cake/Console/Templates/skel/Config/acl.php
lib/Cake/Console/Templates/skel/Config/bootstrap.php
lib/Cake/Console/Templates/skel/Config/core.php
lib/Cake/Console/Templates/skel/Config/database.php.default
lib/Cake/Console/Templates/skel/Config/email.php.default
lib/Cake/Console/Templates/skel/Config/routes.php
lib/Cake/Console/Templates/skel/Console/Command/AppShell.php
lib/Cake/Console/Templates/skel/Console/cake.bat
lib/Cake/Console/Templates/skel/Console/cake.php
lib/Cake/Console/Templates/skel/Controller/AppController.php
lib/Cake/Console/Templates/skel/Controller/PagesController.php
lib/Cake/Console/Templates/skel/Model/AppModel.php
lib/Cake/Console/Templates/skel/View/Errors/error400.ctp
lib/Cake/Console/Templates/skel/View/Errors/error500.ctp
lib/Cake/Console/Templates/skel/View/Helper/AppHelper.php
lib/Cake/Console/Templates/skel/View/Layouts/Emails/html/default.ctp
lib/Cake/Console/Templates/skel/View/Layouts/ajax.ctp
lib/Cake/Console/Templates/skel/View/Layouts/default.ctp
lib/Cake/Console/Templates/skel/View/Layouts/error.ctp
lib/Cake/Console/Templates/skel/View/Layouts/flash.ctp
lib/Cake/Console/Templates/skel/View/Pages/home.ctp
lib/Cake/Console/Templates/skel/index.php
lib/Cake/Console/Templates/skel/webroot/index.php
lib/Cake/Console/Templates/skel/webroot/test.php
2013-06-02 18:03:59 +05:30
Marc Würth
4c9f0414cb
Improved the DocBlocks and other code cleanup
...
Fixed @license tag, url comes first
Whitespace and other minor code cleanup
Added some docblocks
2013-05-31 00:11:19 +02:00
ADmad
00f972f033
Deprecated AuthComponent::password()
2013-05-27 00:25:42 +05:30
ADmad
56fa0dccda
Remove unnecessary overriding of '_findUser()' in 'DigestAuthenticate'.
2013-05-26 12:31:40 +05:30
ADmad
dd2892ad8d
Added password hasher
2013-05-26 11:29:06 +05:30
ADmad
36c592e72e
Merge branch 'master' into 2.4
2013-05-26 11:23:53 +05:30
Rachman Chavik
a63b54c34b
Fix: Incorrect model being used as Controller::$modelClass
...
We cannot be sure that Controller::$uses have not been iterated, so
reset the array to use the first value.
2013-05-24 17:50:43 +07:00
ADmad
fb86859585
Merge branch 'master' into 2.4
2013-05-19 14:37:41 +05:30
mark_story
e23c4ffad9
Fix empty response bodies when redirect URL's are empty.
...
When redirecting XHR requests to an empty URL the response body should
not be overwritten.
Fixes #3835
2013-05-17 16:33:08 -04:00
mark_story
72b75660e5
Merge branch 'master' into 2.4
2013-05-16 21:31:27 -04:00
euromark
0822578813
$this->modelClass needs to be correct prior to the components init() call if the component itself accesses the model, lazyloading would try to load the wrong model otherwise
2013-05-14 10:17:57 +02:00
ADmad
a10275fb8b
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Test/Case/Model/Datasource/Database/PostgresTest.php
2013-05-05 14:36:46 +05:30
mark_story
4f179b01bd
Make note of method removal.
2013-05-04 15:03:04 -04:00
mark_story
2096d3f632
Clamp limit values to be unsigned integers.
...
This solves large page numbers potentially turning into scientific
notation when being formatted into queries. It also further safeguards
against SQL manipulation.
Refs #GH-1263
2013-05-02 22:36:50 -04:00
mark_story
37ce6dfc81
Only allow sort fields that match the current object alias.
...
Instead of modifying aliases that do not match, only allow aliases that
do match.
Refs #3803
2013-04-30 12:41:42 -04:00
euromark
09d9efe235
spelling corrections (a url to an URL, unify URL)
2013-04-29 11:05:17 +02:00
mark_story
62186ac8da
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/VERSION.txt
2013-04-28 17:00:30 -04:00
mark_story
c327bdc4bd
Enforce model aliases when generating order by clauses.
...
Invalid SQL could be created by sorting on an invalid alias, with
a field that exists on the model.
Fixes #3797
2013-04-27 13:29:29 -04:00
ADmad
19f8274a95
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/VERSION.txt
2013-04-25 03:06:04 +05:30
Jose Lorenzo Rodriguez
db6dd18f86
Fixing case where it was possible to pass array data to FormAuthenticate
...
fields
2013-04-24 22:33:24 +02:00
ADmad
3db632732c
Avoid unnecessary overhead if user record already available from session.
2013-04-23 01:35:04 +05:30
ADmad
06a5c509c0
Merge branch 'master' into 2.4
2013-04-21 19:15:55 +05:30
mark_story
efd86a498a
Do type checks when looking for models in Controller::$uses.
...
This solves issues with models not being added when $uses = true.
Fixes #3774
2013-04-19 12:20:46 -04:00
mark_story
3fc627c5f8
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Controller/Component/AuthComponent.php
lib/Cake/Error/ErrorHandler.php
lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
lib/Cake/View/Helper/HtmlHelper.php
2013-03-30 22:12:27 -04:00
ADmad
342bf65811
Ensure referrer is saved in session even when AuthComponent::$loginRedirect is set.
...
Clarified redirectUrl() docblock.
2013-03-27 15:11:02 +05:30
Ceeram
89ecd95e55
fix failing tests
2013-03-18 18:47:05 +01:00
Ceeram
b28ea65b24
stop execution when unauthenticated, to prevent the page to show when canceling auth popup
2013-03-18 15:41:34 +01:00
ADmad
8e299fc404
Move 'Auth.redirect' session value clearing from AuthComponent::shutdown() to prevent unnecessary session start.
...
Closes #3702
2013-03-14 12:42:21 +05:30
ADmad
b7834a2b16
Implemented stateless login for Auth
2013-03-10 00:11:35 +05:30
mark_story
8209097bc3
Merge branch 'master' into 2.4
2013-03-09 12:40:59 -05:00
Adam Taylor
433dd09ec4
Fix typos
2013-03-05 00:05:14 -07:00
mark_story
4b13e0a5f2
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/VERSION.txt
2013-03-04 21:55:29 -05:00
mark_story
d9fbe5e00a
Tidy up doc blocks.
...
These kind of changes make tidyier method summaries in apigen.
2013-02-26 21:43:53 -05:00
mark_story
d1c88ebf8a
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Log/Engine/FileLog.php
lib/Cake/Utility/Validation.php
lib/Cake/View/Helper/HtmlHelper.php
2013-02-24 20:24:26 -05:00
euromark
111366d5c8
== to === and != to !== where applicable
2013-02-12 03:38:08 +01:00
ADmad
49157d83ae
Breaking down AuthComponent::startup() into multiple methods for easier management and extension.
2013-02-10 13:49:07 +05:30
ADmad
a7c751922d
Replace loose comparison with casting to boolean.
...
In any case AuthComponent::user() returns null not empty array when user isn't logged in.
2013-02-10 12:16:20 +05:30
mark_story
fee6172958
Update docs for SecurityComponent::requireAuth()
2013-02-09 14:06:24 -05:00
mark_story
e4110b1e01
Deprecate features in SecurityComponent
...
These features are available in CakeRequest now. The CakeRequest
version is improved as it raises more appropriate exceptions.
2013-02-09 13:57:55 -05:00
ADmad
a9bbfd80c7
Added type hinting
2013-02-09 18:09:11 +05:30
Graham Weldon
66d856d883
Added extra line for referencing license file for copyright
2013-02-08 21:22:51 +09:00
Graham Weldon
7b860debe4
This commit is dedicated to Mark Story, who has put in much dedicated time and effort into CakePHP over the years.
...
I just wanted to ruin his evening, because this change needs to be merged into CakePHP 3.0.
2013-02-08 20:59:49 +09:00
mark_story
00078e007c
Import ClassRegistry before using.
...
Fixes #3594
2013-02-01 10:46:25 -05:00
Mark Story
7a184708fc
Merge pull request #1086 from burzum/refactor/controller-render
...
Refactoring the Controller::render method
Create Controller::_getViewObject() which is responsible for creating
the view instance. This gives an easier way to override view construction.
2013-01-27 17:49:29 -08:00
ADmad
04ec9dd614
Renamed AuthComponent::redirect() to AuthComponent::redirectUrl().
...
Closes #3268
2013-01-27 21:22:11 +05:30
mark_story
4af6039107
Merge branch 'master' into 2.3
...
Conflicts:
lib/Cake/Console/Command/Task/ModelTask.php
lib/Cake/Model/Model.php
2013-01-26 21:16:26 -05:00
Florian Krämer
d269b28ece
Changing the doc block of Controller::_getViewObject()
2013-01-25 12:45:08 +01:00
Florian Krämer
d242081067
Fixing typo in Controller::_getViewObject doc block and changing the view class comparison from != to !==
2013-01-25 11:30:04 +01:00
Florian Krämer
8d9acd9a8a
Renaming Controller::_view() to Controller::_getViewObject()
2013-01-25 10:30:06 +01:00
Florian Krämer
bb91bebc4d
Fixing a code formatting mistake in Controller::render()
2013-01-24 22:01:25 +01:00
Florian Krämer
f9d27b6291
Refactoring the Controller::render method, moved the part that constructs the view instance into Controller::_view() for easier overloading this part and better modularization
2013-01-24 18:38:39 +01:00