Fix incorrect pattern in SecurityComponent.

The test pattern was not catching multi digit numbers. Refs #6456
cakephp · May 1, 2015 · 29c9836 · 29c9836
1 parent 6528df6
commit 29c9836
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/src/Controller/Component/SecurityComponent.php b/src/Controller/Component/SecurityComponent.php
@@ -306,7 +306,7 @@ protected function _validatePost(Controller $controller)
         $multi = [];
 
         foreach ($fieldList as $i => $key) {
-            if (preg_match('/(\.\d){1,10}$/', $key)) {
+            if (preg_match('/(\.\d+){1,10}$/', $key)) {
                 $multi[$i] = preg_replace('/(\.\d+){1,10}$/', '', $key);
                 unset($fieldList[$i]);
             } else {

diff --git a/tests/TestCase/Controller/Component/SecurityComponentTest.php b/tests/TestCase/Controller/Component/SecurityComponentTest.php
@@ -500,6 +500,12 @@ public function testValidatePostArray()
             '_Token' => compact('fields', 'unlocked')
         ];
         $this->assertTrue($this->Controller->Security->validatePost($this->Controller));
+
+        $this->Controller->request->data = [
+            'Model' => ['multi_field' => [12 => '1',  20 => '3']],
+            '_Token' => compact('fields', 'unlocked')
+        ];
+        $this->assertTrue($this->Controller->Security->validatePost($this->Controller));
     }
 
     /**