Re: [CakePHP : The Rapid Development Framework for PHP] #6257: Missing callback: beforeSaveAll
#6257: Missing callback: beforeSaveAll -+-- Reporter: michaelc | Owner: Type: Enhancement |Status: closed Priority: Medium| Milestone: 1.3.x.x Component: Model | Version: Severity: Normal|Resolution: wontfix Keywords: beforeSave saveAll beforeSaveAll | Php_version: n/a Cake_version: 1.2.2.8120| -+-- Comment (by mark_story): No its the correct approach :) By overloading the core functions you can customize the methods you want without additional callbacks even needing to exist. -- Ticket URL: https://trac.cakephp.org/ticket/6257#comment:4 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #6142: Auth checking camel case action
#6142: Auth checking camel case action
---+
Reporter: tinh| Owner:
Type: Bug |Status: reopened
Priority: Medium | Milestone: 1.2.x.x
Component: Auth| Version: 1.2 Final
Severity: Normal |Resolution:
Keywords: | Php_version: PHP 5
Cake_version: 1.2.1.8004 |
---+
Changes (by stefan.izota):
* status: closed = reopened
* resolution: fixed =
Comment:
Still not fixed in 1.2.2.8120 as changeset
[https://trac.cakephp.org/changeset/8011 8011] states. The changeset only
checks if the action name is a method in the controller.
The authorization is performed a little below (check line 298 in auth.php
component).
Replacing
{{{
in_array($controller-params['action'], $this-allowedActions)
}}}
with
{{{
in_array(strtolower($controller-params['action']), $this-allowedActions)
}}}
does the trick.
The test case provided in [https://trac.cakephp.org/changeset/8065 8065]
only checks if the user is not authorized. Another test is needed to check
the result if the user is authorized.
--
Ticket URL: https://trac.cakephp.org/ticket/6142#comment:2
CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
tickets cakephp group.
To post to this group, send email to tickets-cakephp@googlegroups.com
To unsubscribe from this group, send email to
tickets-cakephp+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~--~~~~--~~--~--~---
[CakePHP : The Rapid Development Framework for PHP] #6282: Authorization ignored for actions named like myAction
#6282: Authorization ignored for actions named like myAction ---+ Reporter: rostislav | Type: Bug Status: new | Priority: Medium Milestone: 1.2.x.x | Component: Auth Version: 1.2 Final | Severity: Normal Keywords: | Php_version: PHP 5 Cake_version: 1.2.1.8004 | ---+ Conditions:[[BR]] 1) Controller with Auth and $this-Auth-authorize = 'controller';[[BR]] 2) Action method 'function myAction()'[[BR]] Requested url http://loclhost/controller/myAction does not call isAuthorized in controller and allow to invoke action withtout authorization. [[BR]] Side effect - when requested http://loclhost/controller/my_action authorization works.[[BR]] My solution: renamed all actions to 'my_action' style. -- Ticket URL: https://trac.cakephp.org/ticket/6282 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #5815: [PATCH]DboSource::calculate() should make use of $model param and should support 'SUM'
#5815: [PATCH]DboSource::calculate() should make use of $model param and should support 'SUM' +--- Reporter: rafaelbandeira3 | Owner: nate Type: Enhancement |Status: assigned Priority: Medium | Milestone: 1.3.x.x Component: Core Libs| Version: Severity: Normal |Resolution: Keywords: dbosource calculate sum sql | Php_version: n/a Cake_version: | +--- Changes (by nate): * owner: = nate * status: new = assigned -- Ticket URL: https://trac.cakephp.org/ticket/5815#comment:6 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #3972: Database sessions should allow for additional fields
#3972: Database sessions should allow for additional fields -+-- Reporter: ahuino1 | Owner: jperras Type: Enhancement |Status: new Priority: Critical | Milestone: 1.3.x.x Component: Session | Version: Severity: Trivial |Resolution: Keywords: database sessions ahuino1 grigri | Php_version: PHP 5 Cake_version:| -+-- Changes (by jperras): * owner: phpnut = jperras -- Ticket URL: https://trac.cakephp.org/ticket/3972#comment:6 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #6183: Remove useless variable name conversion in Controller::set
#6183: Remove useless variable name conversion in Controller::set -+-- Reporter: Reen | Owner: nate Type: Optimization |Status: closed Priority: Medium| Milestone: 1.3.x.x Component: Controller| Version: Severity: Trivial |Resolution: fixed Keywords:| Php_version: n/a Cake_version:| -+-- Changes (by nate): * status: assigned = closed * resolution: = fixed Comment: Fixed in http://thechaw.com/cakephp/commits/view/987e469c2fc151bd5d5377517d43a74c3bdf2ba3#numbers -- Ticket URL: https://trac.cakephp.org/ticket/6183#comment:4 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #6283: form helper with get method does not generate data prefix for input fileds
#6283: form helper with get method does not generate data prefix for input
fileds
+---
Reporter: rrd | Owner:
Type: Bug |Status: closed
Priority: Medium | Milestone: 1.2.x.x
Component: Helpers | Version: 1.2 Final
Severity: Normal |Resolution: invalid
Keywords: | Php_version: PHP 5
Cake_version: |
+---
Changes (by nate):
* status: new = closed
* resolution: = invalid
Comment:
{{{$this-data}}} is for POST data only.
--
Ticket URL: https://trac.cakephp.org/ticket/6283#comment:1
CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
tickets cakephp group.
To post to this group, send email to tickets-cakephp@googlegroups.com
To unsubscribe from this group, send email to
tickets-cakephp+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #5114: Change log should have some spacing on the left side
#5114: Change log should have some spacing on the left side --+- Reporter: dho| Owner: Type: Enhancement|Status: closed Priority: Very Low | Milestone: Cookbook 1.0.x.x Component: Cookbook:book.cakephp.org | Version: Severity: Trivial|Resolution: needmoreinfo Keywords: | Php_version: n/a Cake_version: | --+- Changes (by nate): * status: new = closed * resolution: = needmoreinfo Comment: Please reopen at http://thechaw.com/cakebook/tickets -- Ticket URL: https://trac.cakephp.org/ticket/5114#comment:2 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #1660: Manual should be made available in offline formats (pdf, etc.)
#1660: Manual should be made available in offline formats (pdf, etc.) --+- Reporter: contact7 | Owner: Type: Enhancement|Status: closed Priority: Medium | Milestone: Cookbook 1.0.x.x Component: Cookbook:book.cakephp.org | Version: Severity: Normal |Resolution: needmoreinfo Keywords: manual documentation | Php_version: n/a Cake_version: | --+- Changes (by nate): * status: reopened = closed * resolution: = needmoreinfo Comment: Please re-open at http://thechaw.com/cakebook/tickets -- Ticket URL: https://trac.cakephp.org/ticket/1660#comment:7 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #5243: Subheaders should have some spacing on the left side
#5243: Subheaders should have some spacing on the left side --+- Reporter: dho| Owner: Type: Enhancement|Status: closed Priority: Low| Milestone: Cookbook 1.0.x.x Component: Cookbook:book.cakephp.org | Version: Severity: Trivial|Resolution: needmoreinfo Keywords: | Php_version: n/a Cake_version: | --+- Changes (by nate): * status: new = closed * resolution: = needmoreinfo Comment: Please re-open at http://thechaw.com/cakebook/tickets -- Ticket URL: https://trac.cakephp.org/ticket/5243#comment:2 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #5326: Make Documentation understandable for beginners
#5326: Make Documentation understandable for beginners --+- Reporter: miracol| Owner: Type: Enhancement|Status: closed Priority: Medium | Milestone: Manual 1.2.x.x Component: Cookbook:book.cakephp.org | Version: Severity: Minor |Resolution: needmoreinfo Keywords: | Php_version: n/a Cake_version: | --+- Changes (by nate): * status: new = closed * resolution: = needmoreinfo Comment: Please re-open at http://thechaw.com/cakebook/tickets -- Ticket URL: https://trac.cakephp.org/ticket/5326#comment:3 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #5619: Use overflow: auto for code blocks
#5619: Use overflow: auto for code blocks --+- Reporter: dho| Owner: Type: Optimization |Status: closed Priority: Medium | Milestone: Cookbook 1.0.x.x Component: Cookbook:book.cakephp.org | Version: Severity: Normal |Resolution: needmoreinfo Keywords: | Php_version: n/a Cake_version: | --+- Changes (by nate): * status: new = closed * resolution: = needmoreinfo Comment: Please re-open at http://thechaw.com/cakebook/tickets -- Ticket URL: https://trac.cakephp.org/ticket/5619#comment:1 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
[CakePHP : The Rapid Development Framework for PHP] #6285: Sanitize::clean($this-data) breaks Security Component
#6285: Sanitize::clean($this-data) breaks Security Component
+---
Reporter: michaelc | Type: Bug
Status: new | Priority: Medium
Milestone: 1.2.x.x | Component: Core Libs
Version: 1.2 Final| Severity: Normal
Keywords: sanitize security clean all | Php_version: n/a
Cake_version: 1.2.2.8120 |
+---
Introduction: I had this 'bright' idea to sanitize $this-data in the
app_controller's beforeFilter. This invariably triggers a black hole
callback - and I think I know why. After puttering around, I found this:
[[BR]]$this-data:[[BR]]
array ( '_Token' = array ( 'key' =
'78399c8d84d7465a6e9b357b1738b8a2c7d7c8dc', 'fields' =
'5fd113a53793345a4f70cc3380bc08faa31b53df%3An%3A2%3A%7Bv%3A0%3Bf%3A13%3A%22Pynffvsvrq.vq%22%3Bv%3A1%3Bf%3A10%3A%22Pbagnpg.vq%22%3B%7D',
), ...[[BR]]
$this-data = Sanitize::clean($this-data):[[BR]]
array ( '_Token' = array ( 'key' =
'78399c8d84d7465a6e9b357b1738b8a2c7d7c8dc', 'fields' =
'5fd113a53793345a4f70cc3380bc08faa31b53df%3An%3A2%3A%7Bv%3A0%3Bf%3A13%3A%22Pynffvsvrq.vq%22%3Bv%3A1%3Bf%3A10%3A%22Pbagnpg.vq%22%3B%7D',
), ...[[BR]]
[[BR]]See the difference? Me neither... But!
{{{
Error @ pos 147 DIFF:
cc3380bc08faa31b53df % 3An%3A2%3A%7Bv%3A0%3
cc3380bc08faa31b53df #37; 3An%3A2%
}}}
I've added spaces around the changed content - it was still identical in a
visual scan until I added a red span around the bad character. Note the
shorter length of the second string? Both go out to 20 chars after the
error - but I only broke up the first escape sequence with a span - the
rest display as %.
[[BR]]Problem:
Sanitize::clean html entity encodes '%', which Sanitize requires to be
unmodified in the string.
[[BR]]Solution? -- Sanitize clean ignores _Token, or perhaps Security
component reverses the encoding process, or Security component uses
something other than % as a pivot which Sanitize::html won't encode
(preference).
[[BR]] {{{ $this-data = Sanitize::clean($this-data,
array('encode'=false)); }}} is not the type of answer I'm looking for
here - I'm suggesting that the Sanitization and the Security Component
play nicely with the default configuration.
[[BR]]Alternate resolution: If Sanitizing all of $this-data is simply a
bad idea - suggest that as your motivation for closing it, and toss in a
thought or two about why. Some exist.
--
Ticket URL: https://trac.cakephp.org/ticket/6285
CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
tickets cakephp group.
To post to this group, send email to tickets-cakephp@googlegroups.com
To unsubscribe from this group, send email to
tickets-cakephp+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #4932: mail component no boundary with sandAs=both
#4932: mail component no boundary with sandAs=both
---+
Reporter: stefanski | Owner:
Type: Bug |Status: reopened
Priority: Medium | Milestone: 1.2.x.x
Component: Components | Version: RC1
Severity: Normal |Resolution:
Keywords: | Php_version: n/a
Cake_version: |
---+
Changes (by odeland):
* status: closed = reopened
* resolution: needmoreinfo =
Comment:
This bug is still not fixed in the latest release. I attached a patch to
fix the problem when sending emails as 'both' html and text, without any
attachments.
As you can see from the code (taken from trunk r.8120),
{{{$this-__boundary}}} is used in the header string without calling
{{{$this-__createBoundary();}}} first.
{{{
if (!empty($this-attachments)) {
$this-__createBoundary();
$this-__header[] = 'MIME-Version: 1.0';
$this-__header[] = 'Content-Type:
multipart/mixed; boundary=' . $this-__boundary . '';
$this-__header[] = 'This part of the E-mail
should never be seen. If';
$this-__header[] = 'you are reading this,
consider upgrading your e-mail';
$this-__header[] = 'client to a MIME-compatible
client.';
} elseif ($this-sendAs === 'text') {
$this-__header[] = 'Content-Type: text/plain;
charset=' . $this-charset;
} elseif ($this-sendAs === 'html') {
$this-__header[] = 'Content-Type: text/html;
charset=' . $this-charset;
} elseif ($this-sendAs === 'both') {
$this-__header[] = 'Content-Type:
multipart/alternative; boundary=alt-' . $this-__boundary . '';
$this-__header[] = '';
}
}}}
--
Ticket URL: https://trac.cakephp.org/ticket/4932#comment:2
CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
tickets cakephp group.
To post to this group, send email to tickets-cakephp@googlegroups.com
To unsubscribe from this group, send email to
tickets-cakephp+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~--~~~~--~~--~--~---
Re: [CakePHP : The Rapid Development Framework for PHP] #4932: mail component no boundary with sandAs=both
#4932: mail component no boundary with sandAs=both ---+ Reporter: stefanski | Owner: Type: Bug |Status: reopened Priority: Medium | Milestone: 1.2.x.x Component: Components | Version: RC1 Severity: Normal |Resolution: Keywords: | Php_version: n/a Cake_version: | ---+ Comment (by odeland): It should be added that some mail clients (tested with Gmail) will still show the email correctly, but other mail clients (tested with SquirrelMail) will render the whole email (both parts) as text only. -- Ticket URL: https://trac.cakephp.org/ticket/4932#comment:3 CakePHP : The Rapid Development Framework for PHP https://trac.cakephp.org/ Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups tickets cakephp group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to tickets-cakephp+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~--~~~~--~~--~--~---
