Home Explore Help
Sign In
githab
/
cakephp
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Remove support for reading ini files with .php extensions.

Instead of relying on this feature one should ensure proper webserver config
so that config files are not web accessible.
ADmad 11 years ago
parent
3d7ef91181
commit
2f7e6a083a
4 changed files with 4 additions and 152 deletions
Split View Show Diff Stats
  1. 4 10
      src/Core/Configure/Engine/IniConfig.php
  2. 0 30
      tests/TestCase/Core/Configure/Engine/IniConfigTest.php
  3. 0 56
      tests/test_app/Plugin/TestPlugin/config/acl.ini.php
  4. 0 56
      tests/test_app/config/acl.ini.php

+ 4 - 10
src/Core/Configure/Engine/IniConfig.php
View File 

@@ -205,17 +205,11 @@ class IniConfig implements ConfigEngineInterface {
 
  * @return string Full file path
 
  */
 
 	protected function _getFilePath($key) {
 
-		if (substr($key, -8) === '.ini.php') {
 
-			$key = substr($key, 0, -8);
 
-			list($plugin, $key) = pluginSplit($key);
 
-			$key .= '.ini.php';
 
-		} else {
 
-			if (substr($key, -4) === '.ini') {
 
-				$key = substr($key, 0, -4);
 
-			}
 
-			list($plugin, $key) = pluginSplit($key);
 
-			$key .= '.ini';
 
+		if (substr($key, -4) === '.ini') {
 
+			$key = substr($key, 0, -4);
 
 		}
 
+		list($plugin, $key) = pluginSplit($key);
 
+		$key .= '.ini';
 
 
 		if ($plugin) {
 
 			$file = Plugin::configPath($plugin) . $key;

+ 0 - 30
tests/TestCase/Core/Configure/Engine/IniConfigTest.php
View File 

@@ -97,20 +97,6 @@ class IniConfigTest extends TestCase {
 
 	}
 
 
 /**
 
- * Test reading acl.ini.php.
 
- *
 
- * @return void
 
- */
 
-	public function testReadSpecialAclIniPhp() {
 
-		$engine = new IniConfig($this->path);
 
-		$config = $engine->read('acl.ini.php');
 
-
 
-		$this->assertTrue(isset($config['admin']));
 
-		$this->assertTrue(isset($config['paul']['groups']));
 
-		$this->assertEquals('ads', $config['admin']['deny']);
 
-	}
 
-
 
-/**
 
  * Test without section.
 
  *
 
  * @return void
 
@@ -228,22 +214,6 @@ class IniConfigTest extends TestCase {
 
 	}
 
 
 /**
 
- * Test reading acl.ini.php from plugins.
 
- *
 
- * @return void
 
- */
 
-	public function testReadPluginSpecialAclIniPhpValue() {
 
-		Plugin::load('TestPlugin');
 
-		$engine = new IniConfig($this->path);
 
-		$result = $engine->read('TestPlugin.acl.ini.php');
 
-
 
-		$this->assertTrue(isset($result['admin']));
 
-		$this->assertTrue(isset($result['paul']['groups']));
 
-		$this->assertEquals('ads', $result['admin']['deny']);
 
-		Plugin::unload();
 
-	}
 
-
 
-/**
 
  * Test dump method.
 
  *
 
  * @return void

+ 0 - 56
tests/test_app/Plugin/TestPlugin/config/acl.ini.php
View File 

@@ -1,56 +0,0 @@
 
-;<?php exit() ?>
 
-; SVN FILE: $Id$
 
-;/**
 
-; * Test App Ini Based Acl Config File
 
-; *
 
-; * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 
-; * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 
-; *
 
-; *  Licensed under The MIT License
 
-; *  Redistributions of files must retain the above copyright notice.
 
-; *
 
-; * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 
-; * @link          http://cakephp.org CakePHP(tm) Project
 
-; * @since         0.10.0
 
-; * @license       http://www.opensource.org/licenses/mit-license.php MIT License
 
-; */
 
-
 
-;-------------------------------------
 
-;Users
 
-;-------------------------------------
 
-
 
-[admin]
 
-groups = administrators
 
-allow =
 
-deny = ads
 
-
 
-[paul]
 
-groups = users
 
-allow =
 
-deny =
 
-
 
-[jenny]
 
-groups = users
 
-allow = ads
 
-deny = images, files
 
-
 
-[nobody]
 
-groups = anonymous
 
-allow =
 
-deny =
 
-
 
-;-------------------------------------
 
-;Groups
 
-;-------------------------------------
 
-
 
-[administrators]
 
-deny =
 
-allow = posts, comments, images, files, stats, ads
 
-
 
-[users]
 
-allow = posts, comments, images, files
 
-deny = stats, ads
 
-
 
-[anonymous]
 
-allow =
 
-deny = posts, comments, images, files, stats, ads

+ 0 - 56
tests/test_app/config/acl.ini.php
View File 

@@ -1,56 +0,0 @@
 
-;<?php exit() ?>
 
-; SVN FILE: $Id$
 
-;/**
 
-; * Test App Ini Based Acl Config File
 
-; *
 
-; * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 
-; * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 
-; *
 
-; *  Licensed under The MIT License
 
-; *  Redistributions of files must retain the above copyright notice.
 
-; *
 
-; * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 
-; * @link          http://cakephp.org CakePHP(tm) Project
 
-; * @since         0.10.0
 
-; * @license       http://www.opensource.org/licenses/mit-license.php MIT License
 
-; */
 
-
 
-;-------------------------------------
 
-;Users
 
-;-------------------------------------
 
-
 
-[admin]
 
-groups = administrators
 
-allow =
 
-deny = ads
 
-
 
-[paul]
 
-groups = users
 
-allow =
 
-deny =
 
-
 
-[jenny]
 
-groups = users
 
-allow = ads
 
-deny = images, files
 
-
 
-[nobody]
 
-groups = anonymous
 
-allow =
 
-deny =
 
-
 
-;-------------------------------------
 
-;Groups
 
-;-------------------------------------
 
-
 
-[administrators]
 
-deny =
 
-allow = posts, comments, images, files, stats, ads
 
-
 
-[users]
 
-allow = posts, comments, images, files
 
-deny = stats, ads
 
-
 
-[anonymous]
 
-allow =
 
-deny = posts, comments, images, files, stats, ads