Development

Changeset 1498

You must first sign up to be able to contribute.

Changeset 1498

Show
Ignore:
Timestamp:
06/21/06 12:54:51 (2 years ago)
Author:
fabien
Message:

fixed changing case of a URL allows bypassing of validation and security rules (closes #466)

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/CHANGELOG

    r1318 r1498  
    55         building you Propel model/sql (XML schema file (PATH/config/schema.xml) does not validate) 
    66         you can add a propel.schema.validate = false at the end of your config/propel.ini file. 
     7 
     8WARNING: Actions in the routing are now case sensitive. If you have a page with an 'index' action name, 
     9         your action must be named 'executeIndex' ('fooBar' => 'executeFooBar'). 
    710 
    811* added component and partial cache 

  • trunk/lib/controller/sfController.class.php

    r1415 r1498  
    111111 
    112112        // action is defined in this class? 
    113         $defined = in_array(strtolower('execute'.$controllerName), array_map('strtolower', get_class_methods($moduleName.$classSuffix.'s'))); 
     113        $defined = in_array('execute'.ucfirst($controllerName), get_class_methods($moduleName.$classSuffix.'s')); 
    114114        if ($defined) 
    115115        {