"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/View/Helper/FormHelper.php" between
cakephp-4.0.1.tar.gz and cakephp-4.0.2.tar.gz

About: CakePHP is a rapid development framework for PHP applications. Source code.

FormHelper.php  (cakephp-4.0.1):FormHelper.php  (cakephp-4.0.2)
skipping to change at line 448 skipping to change at line 448
if (!empty($options['encoding'])) { if (!empty($options['encoding'])) {
$htmlAttributes['accept-charset'] = $options['encoding']; $htmlAttributes['accept-charset'] = $options['encoding'];
} }
unset($options['type'], $options['encoding']); unset($options['type'], $options['encoding']);
$htmlAttributes += $options; $htmlAttributes += $options;
if ($this->requestType !== 'get') { if ($this->requestType !== 'get') {
$formTokenData = $this->_View->getRequest()->getAttribute('formToken Data'); $formTokenData = $this->_View->getRequest()->getAttribute('formToken Data');
if ($formTokenData !== null) { if ($formTokenData !== null) {
$this->formProtector = $this->createFormProtector($this->_lastAc tion, $formTokenData); $this->formProtector = $this->createFormProtector($formTokenData );
} }
$append .= $this->_csrfField(); $append .= $this->_csrfField();
} }
if (!empty($append)) { if (!empty($append)) {
$append = $templater->format('hiddenBlock', ['content' => $append]); $append = $templater->format('hiddenBlock', ['content' => $append]);
} }
$actionAttr = $templater->formatAttributes(['action' => $action, 'escape ' => false]); $actionAttr = $templater->formatAttributes(['action' => $action, 'escape ' => false]);
skipping to change at line 605 skipping to change at line 605
} }
$debugSecurity = Configure::read('debug'); $debugSecurity = Configure::read('debug');
if (isset($secureAttributes['debugSecurity'])) { if (isset($secureAttributes['debugSecurity'])) {
$debugSecurity = $debugSecurity && $secureAttributes['debugSecurity' ]; $debugSecurity = $debugSecurity && $secureAttributes['debugSecurity' ];
unset($secureAttributes['debugSecurity']); unset($secureAttributes['debugSecurity']);
} }
$secureAttributes['secure'] = static::SECURE_SKIP; $secureAttributes['secure'] = static::SECURE_SKIP;
$secureAttributes['autocomplete'] = 'off'; $secureAttributes['autocomplete'] = 'off';
$tokenData = $this->formProtector->buildTokenData(); $tokenData = $this->formProtector->buildTokenData(
$this->_lastAction,
$this->_View->getRequest()->getSession()->id()
);
$tokenFields = array_merge($secureAttributes, [ $tokenFields = array_merge($secureAttributes, [
'value' => $tokenData['fields'], 'value' => $tokenData['fields'],
]); ]);
$out = $this->hidden('_Token.fields', $tokenFields); $out = $this->hidden('_Token.fields', $tokenFields);
$tokenUnlocked = array_merge($secureAttributes, [ $tokenUnlocked = array_merge($secureAttributes, [
'value' => $tokenData['unlocked'], 'value' => $tokenData['unlocked'],
]); ]);
$out .= $this->hidden('_Token.unlocked', $tokenUnlocked); $out .= $this->hidden('_Token.unlocked', $tokenUnlocked);
if ($debugSecurity) { if ($debugSecurity) {
$tokenDebug = array_merge($secureAttributes, [ $tokenDebug = array_merge($secureAttributes, [
skipping to change at line 642 skipping to change at line 645
public function unlockField(string $name) public function unlockField(string $name)
{ {
$this->getFormProtector()->unlockField($name); $this->getFormProtector()->unlockField($name);
return $this; return $this;
} }
/** /**
* Create FormProtector instance. * Create FormProtector instance.
* *
* @param string $url URL
* @param array $formTokenData Token data. * @param array $formTokenData Token data.
* @return \Cake\Form\FormProtector * @return \Cake\Form\FormProtector
*/ */
protected function createFormProtector(string $url, array $formTokenData): F ormProtector protected function createFormProtector(array $formTokenData): FormProtector
{ {
$session = $this->_View->getRequest()->getSession(); $session = $this->_View->getRequest()->getSession();
$session->start(); $session->start();
return new FormProtector( return new FormProtector(
$url,
$session->id(),
$formTokenData $formTokenData
); );
} }
/** /**
* Get form protector instance. * Get form protector instance.
* *
* @return \Cake\Form\FormProtector * @return \Cake\Form\FormProtector
* @throws \Cake\Core\Exception\Exception * @throws \Cake\Core\Exception\Exception
*/ */
skipping to change at line 1810 skipping to change at line 1810
'attrs' => $templater->formatAttributes($formOptions) . $action, 'attrs' => $templater->formatAttributes($formOptions) . $action,
]); ]);
$out .= $this->hidden('_method', [ $out .= $this->hidden('_method', [
'value' => $requestMethod, 'value' => $requestMethod,
'secure' => static::SECURE_SKIP, 'secure' => static::SECURE_SKIP,
]); ]);
$out .= $this->_csrfField(); $out .= $this->_csrfField();
$formTokenData = $this->_View->getRequest()->getAttribute('formTokenData '); $formTokenData = $this->_View->getRequest()->getAttribute('formTokenData ');
if ($formTokenData !== null) { if ($formTokenData !== null) {
$this->formProtector = $this->createFormProtector($this->_lastAction , $formTokenData); $this->formProtector = $this->createFormProtector($formTokenData);
} }
$fields = []; $fields = [];
if (isset($options['data']) && is_array($options['data'])) { if (isset($options['data']) && is_array($options['data'])) {
foreach (Hash::flatten($options['data']) as $key => $value) { foreach (Hash::flatten($options['data']) as $key => $value) {
$fields[$key] = $value; $fields[$key] = $value;
$out .= $this->hidden($key, ['value' => $value, 'secure' => stat ic::SECURE_SKIP]); $out .= $this->hidden($key, ['value' => $value, 'secure' => stat ic::SECURE_SKIP]);
} }
unset($options['data']); unset($options['data']);
} }
 End of changes. 6 change blocks. 
7 lines changed or deleted 7 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)