Merge branch 'master' into 3.next

cakephp · Oct 28, 2017 · 15d5e2b · 15d5e2b
2 parents 87f547e + b3acb51
commit 15d5e2b
Show file tree

Hide file tree

Showing 50 changed files with 246 additions and 99 deletions.
diff --git a/appveyor.yml b/appveyor.yml
@@ -27,7 +27,7 @@ init:
 
 install:
   - cd c:\
-  - appveyor DownloadFile http://windows.php.net/downloads/releases/php-5.6.31-nts-Win32-VC11-x86.zip -FileName php.zip
+  - appveyor DownloadFile http://windows.php.net/downloads/releases/php-5.6.32-nts-Win32-VC11-x86.zip -FileName php.zip
   - 7z x php.zip -oc:\php > nul
   - appveyor DownloadFile https://dl.dropboxusercontent.com/s/euip490d9183jkr/SQLSRV32.cab -FileName sqlsrv.cab
   - 7z x sqlsrv.cab -oc:\php\ext php*_56_nts.dll > nul

diff --git a/src/Controller/Component/PaginatorComponent.php b/src/Controller/Component/PaginatorComponent.php
@@ -18,7 +18,6 @@
 use Cake\Controller\ComponentRegistry;
 use Cake\Datasource\Exception\PageOutOfBoundsException;
 use Cake\Datasource\Paginator;
-use Cake\Datasource\QueryInterface;
 use Cake\Network\Exception\NotFoundException;
 use InvalidArgumentException;
 

diff --git a/src/Database/Schema/SqlserverSchema.php b/src/Database/Schema/SqlserverSchema.php
@@ -81,6 +81,10 @@ public function describeColumnSql($tableName, $config)
     protected function _convertColumn($col, $length = null, $precision = null, $scale = null)
     {
         $col = strtolower($col);
+        $length = (int)$length;
+        $precision = (int)$precision;
+        $scale = (int)$scale;
+
         if (in_array($col, ['date', 'time'])) {
             return ['type' => $col, 'length' => null];
         }
@@ -113,7 +117,11 @@ protected function _convertColumn($col, $length = null, $precision = null, $scal
         if ($col === 'real' || $col === 'float') {
             return ['type' => TableSchema::TYPE_FLOAT, 'length' => null];
         }
-
+        // SqlServer schema reflection returns double length for unicode
+        // columns because internally it uses UTF16/UCS2
+        if ($col === 'nvarchar' || $col === 'nchar' || $col === 'ntext') {
+            $length = $length / 2;
+        }
         if (strpos($col, 'varchar') !== false && $length < 0) {
             return ['type' => TableSchema::TYPE_TEXT, 'length' => null];
         }

diff --git a/src/Http/BaseApplication.php b/src/Http/BaseApplication.php
@@ -17,6 +17,7 @@
 use Cake\Core\ConsoleApplicationInterface;
 use Cake\Core\HttpApplicationInterface;
 use Cake\Routing\DispatcherFactory;
+use Cake\Routing\Router;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
@@ -69,7 +70,11 @@ public function bootstrap()
      */
     public function routes($routes)
     {
-        require $this->configDir . '/routes.php';
+        if (!Router::$initialized) {
+            require $this->configDir . '/routes.php';
+            // Prevent routes from being loaded again
+            Router::$initialized = true;
+        }
     }
 
     /**

diff --git a/src/Http/Client/FormData.php b/src/Http/Client/FormData.php
@@ -100,14 +100,14 @@ public function add($name, $value = null)
         if (is_array($value)) {
             $this->addRecursive($name, $value);
         } elseif (is_resource($value)) {
-            $this->_parts[] = $this->addFile($name, $value);
+            $this->addFile($name, $value);
         } elseif (is_string($value) && strlen($value) && $value[0] === '@') {
             trigger_error(
                 'Using the @ syntax for file uploads is not safe and is deprecated. ' .
                 'Instead you should use file handles.',
                 E_USER_DEPRECATED
             );
-            $this->_parts[] = $this->addFile($name, $value);
+            $this->addFile($name, $value);
         } elseif ($name instanceof FormDataPart && $value === null) {
             $this->_hasComplexPart = true;
             $this->_parts[] = $name;
@@ -169,6 +169,7 @@ public function addFile($name, $value)
         if ($filename) {
             $part->filename($filename);
         }
+        $this->add($part);
 
         return $part;
     }

diff --git a/src/Http/Client/Response.php b/src/Http/Client/Response.php
@@ -13,7 +13,6 @@
  */
 namespace Cake\Http\Client;
 
-use Cake\Http\Cookie\Cookie;
 // This alias is necessary to avoid class name conflicts
 // with the deprecated class in this namespace.
 use Cake\Http\Cookie\CookieCollection as CookiesCollection;

diff --git a/src/Http/Cookie/Cookie.php b/src/Http/Cookie/Cookie.php
@@ -18,7 +18,6 @@
 use DateTimeImmutable;
 use DateTimezone;
 use InvalidArgumentException;
-use RuntimeException;
 
 /**
  * Cookie object to build a cookie and turn it into a header value

diff --git a/src/Http/Cookie/CookieCollection.php b/src/Http/Cookie/CookieCollection.php
@@ -14,7 +14,6 @@
 namespace Cake\Http\Cookie;
 
 use ArrayIterator;
-use Cake\Http\Client\Response as ClientResponse;
 use Countable;
 use DateTimeImmutable;
 use DateTimeZone;

diff --git a/src/Http/Response.php b/src/Http/Response.php
@@ -1041,19 +1041,20 @@ public function httpCodes($code = null)
      * ```
      *
      * @param string|null $contentType Content type key.
-     * @return mixed Current content type or false if supplied an invalid content type
+     * @return mixed Current content type or false if supplied an invalid content type.
+     * @deprecated 3.5.5 Use getType() or withType() instead.
      */
     public function type($contentType = null)
     {
         if ($contentType === null) {
-            return $this->_contentType;
+            return $this->getType();
         }
         if (is_array($contentType)) {
             foreach ($contentType as $type => $definition) {
                 $this->_mimeTypes[$type] = $definition;
             }
 
-            return $this->_contentType;
+            return $this->getType();
         }
         if (isset($this->_mimeTypes[$contentType])) {
             $contentType = $this->_mimeTypes[$contentType];
@@ -1068,6 +1069,16 @@ public function type($contentType = null)
         return $contentType;
     }
 
+    /**
+     * Returns the current content type.
+     *
+     * @return string
+     */
+    public function getType()
+    {
+        return $this->_contentType;
+    }
+
     /**
      * Get an updated response with the content type set.
      *
@@ -1167,7 +1178,7 @@ public function charset($charset = null)
     }
 
     /**
-     * Retruns the current charset.
+     * Returns the current charset.
      *
      * @return string
      */

diff --git a/src/I18n/Translator.php b/src/I18n/Translator.php
@@ -12,8 +12,6 @@
  */
 namespace Cake\I18n;
 
-use Aura\Intl\FormatterInterface;
-use Aura\Intl\Package;
 use Aura\Intl\Translator as BaseTranslator;
 
 /**

diff --git a/src/Mailer/Transport/MailTransport.php b/src/Mailer/Transport/MailTransport.php
@@ -53,6 +53,9 @@ public function send(Email $email)
         $params = isset($this->_config['additionalParameters']) ? $this->_config['additionalParameters'] : null;
         $this->_mail($to, $subject, $message, $headers, $params);
 
+        $headers .= $eol . 'To: ' . $to;
+        $headers .= $eol . 'Subject: ' . $subject;
+
         return ['headers' => $headers, 'message' => $message];
     }
 

diff --git a/src/Network/Socket.php b/src/Network/Socket.php
@@ -83,18 +83,31 @@ class Socket
     /**
      * Contains all the encryption methods available
      *
+     * SSLv2 and SSLv3 are deprecated, and should not be used as they
+     * have several published vulnerablilities.
+     *
      * @var array
      */
     protected $_encryptMethods = [
         // @codingStandardsIgnoreStart
+        // @deprecated Will be removed in 4.0.0
         'sslv2_client' => STREAM_CRYPTO_METHOD_SSLv2_CLIENT,
+        // @deprecated Will be removed in 4.0.0
         'sslv3_client' => STREAM_CRYPTO_METHOD_SSLv3_CLIENT,
         'sslv23_client' => STREAM_CRYPTO_METHOD_SSLv23_CLIENT,
         'tls_client' => STREAM_CRYPTO_METHOD_TLS_CLIENT,
+        'tlsv10_client' => STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT,
+        'tlsv11_client' => STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT,
+        'tlsv12_client' => STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT,
+        // @deprecated Will be removed in 4.0.0
         'sslv2_server' => STREAM_CRYPTO_METHOD_SSLv2_SERVER,
+        // @deprecated Will be removed in 4.0.0
         'sslv3_server' => STREAM_CRYPTO_METHOD_SSLv3_SERVER,
         'sslv23_server' => STREAM_CRYPTO_METHOD_SSLv23_SERVER,
-        'tls_server' => STREAM_CRYPTO_METHOD_TLS_SERVER
+        'tls_server' => STREAM_CRYPTO_METHOD_TLS_SERVER,
+        'tlsv10_server' => STREAM_CRYPTO_METHOD_TLSv1_0_SERVER,
+        'tlsv11_server' => STREAM_CRYPTO_METHOD_TLSv1_1_SERVER,
+        'tlsv12_server' => STREAM_CRYPTO_METHOD_TLSv1_2_SERVER
         // @codingStandardsIgnoreEnd
     ];
 
@@ -431,8 +444,27 @@ public function enableCrypto($type, $clientOrServer = 'client', $enable = true)
         if (!array_key_exists($type . '_' . $clientOrServer, $this->_encryptMethods)) {
             throw new InvalidArgumentException('Invalid encryption scheme chosen');
         }
+        $method = $this->_encryptMethods[$type . '_' . $clientOrServer];
+
+        // Prior to PHP 5.6.7 TLS_CLIENT was any version of TLS. This was changed in 5.6.7
+        // to fix backwards compatibility issues, and now only resolves to TLS1.0
+        //
+        // See https://github.com/php/php-src/commit/10bc5fd4c4c8e1dd57bd911b086e9872a56300a0
+        if (version_compare(PHP_VERSION, '5.6.7', '>=')) {
+            if ($method == STREAM_CRYPTO_METHOD_TLS_CLIENT) {
+                // @codingStandardsIgnoreStart
+                $method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
+                // @codingStandardsIgnoreEnd
+            }
+            if ($method == STREAM_CRYPTO_METHOD_TLS_SERVER) {
+                // @codingStandardsIgnoreStart
+                $method |= STREAM_CRYPTO_METHOD_TLSv1_1_SERVER | STREAM_CRYPTO_METHOD_TLSv1_2_SERVER;
+                // @codingStandardsIgnoreEnd
+            }
+        }
+
         try {
-            $enableCryptoResult = stream_socket_enable_crypto($this->connection, $enable, $this->_encryptMethods[$type . '_' . $clientOrServer]);
+            $enableCryptoResult = stream_socket_enable_crypto($this->connection, $enable, $method);
         } catch (Exception $e) {
             $this->setLastError(null, $e->getMessage());
             throw new SocketException($e->getMessage(), null, $e);

diff --git a/src/ORM/Behavior/TreeBehavior.php b/src/ORM/Behavior/TreeBehavior.php
@@ -228,12 +228,16 @@ public function beforeDelete(Event $event, EntityInterface $entity, ArrayObject
         $diff = $right - $left + 1;
 
         if ($diff > 2) {
-            $this->_table->deleteAll(function ($exp) use ($config, $left, $right) {
-                /* @var \Cake\Database\Expression\QueryExpression $exp */
-                return $exp
-                    ->gte($config['leftField'], $left + 1)
-                    ->lte($config['leftField'], $right - 1);
-            });
+            $query = $this->_scope($this->_table->query())
+                ->delete()
+                ->where(function ($exp) use ($config, $left, $right) {
+                    /* @var \Cake\Database\Expression\QueryExpression $exp */
+                    return $exp
+                        ->gte($config['leftField'], $left + 1)
+                        ->lte($config['leftField'], $right - 1);
+                });
+            $statement = $query->execute();
+            $statement->closeCursor();
         }
 
         $this->_sync($diff, '-', "> {$right}");

diff --git a/src/Routing/Middleware/RoutingMiddleware.php b/src/Routing/Middleware/RoutingMiddleware.php
@@ -18,7 +18,6 @@
 use Cake\Http\MiddlewareQueue;
 use Cake\Http\Runner;
 use Cake\Routing\Exception\RedirectException;
-use Cake\Routing\RouteBuilder;
 use Cake\Routing\Router;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
@@ -57,11 +56,9 @@ public function __construct(BaseApplication $app = null)
      */
     protected function loadRoutes()
     {
-        if ($this->app && !Router::$initialized) {
+        if ($this->app) {
             $builder = Router::createRouteBuilder('/');
             $this->app->routes($builder);
-            // Prevent routes from being loaded again
-            Router::$initialized = true;
         }
     }
 

diff --git a/src/Routing/Router.php b/src/Routing/Router.php
@@ -15,10 +15,8 @@
 namespace Cake\Routing;
 
 use Cake\Core\Configure;
-use Cake\Http\MiddlewareQueue;
 use Cake\Http\ServerRequest;
 use Cake\Utility\Inflector;
-use InvalidArgumentException;
 use Psr\Http\Message\ServerRequestInterface;
 
 /**
@@ -40,6 +38,7 @@ class Router
      * Have routes been loaded
      *
      * @var bool
+     * @deprecated 3.5.0 Routes will be loaded via the Application::routes() hook in 4.0.0
      */
     public static $initialized = false;
 

diff --git a/src/TestSuite/Constraint/EventFired.php b/src/TestSuite/Constraint/EventFired.php
@@ -8,7 +8,6 @@ class_alias('PHPUnit_Framework_Constraint', 'PHPUnit\Framework\Constraint\Constr
     class_alias('PHPUnit_Framework_AssertionFailedError', 'PHPUnit\Framework\AssertionFailedError');
 }
 
-use Cake\Event\EventManager;
 use PHPUnit\Framework\AssertionFailedError;
 use PHPUnit\Framework\Constraint\Constraint;
 

diff --git a/src/TestSuite/Constraint/EventFiredWith.php b/src/TestSuite/Constraint/EventFiredWith.php
@@ -9,7 +9,6 @@ class_alias('PHPUnit_Framework_AssertionFailedError', 'PHPUnit\Framework\Asserti
 }
 
 use Cake\Event\Event;
-use Cake\Event\EventManager;
 use PHPUnit\Framework\AssertionFailedError;
 use PHPUnit\Framework\Constraint\Constraint;