[CakePHP : The Rapid Development Framework for PHP] #5687: Missing Method Errors/404s Broken when using Auth Component

Thu, 30 Oct 2008 23:10:28 -0700 

#5687: Missing Method Errors/404s Broken when using Auth Component
----------------------------------------------+-----------------------------
    Reporter:  bighill89                      |          Type:  Bug  
      Status:  new                            |      Priority:  Low  
   Milestone:  1.2.x.x                        |     Component:  Auth 
     Version:  RC3                            |      Severity:  Major
    Keywords:  missing method error 404 auth  |   Php_version:  PHP 5
Cake_version:  1.2.0.7692 RC3                 |  
----------------------------------------------+-----------------------------
 When using the Auth component, if $Auth->allowedActions!='*' and the
 requested controller action is not in $Auth->allowedActions,
 $isAllowed=false.

 This becomes a problem when a user browses to
 "http://mycake.tld/controller/''testing123''" where ''testing123'' is an
 invalid action. Auth will redirect the user to $loginAction rather than
 displaying ''Missing Method in Testing123Controller'' (ie 404).

 Old code from cake/libs/controller/components/auth.php starting from line
 302:

 {{{
 $isAllowed = (
         $this->allowedActions == array('*') ||
         in_array($controller->action, $this->allowedActions)
 );
 }}}

 New code to preserve missing method/404 errors:
 {{{
 $isAllowed = (
         $this->allowedActions == array('*') ||
         in_array($controller->action, $this->allowedActions) ||
         !method_exists($controller, $controller->action) // Let the user
 in if the method does not exist; preserve 404s
 );
 }}}

 This may or may not be an appropriate solution to the problem. I'll leave
 it to the experts to determine that.

 Thank you! This is my first contribution to the Cake community :)

-- 
Ticket URL: <https://trac.cakephp.org/ticket/5687>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design 
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. 
Our primary goal is to provide a structured framework that enables PHP users at 
all levels to rapidly develop robust web applications, without any loss to 
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"tickets cakephp" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---
  • [CakePHP : The Rapid Dev... CakePHP : The Rapid Development Framework for PHP

Reply via email to