Brandon Kelly
e6f5c46cdc
Fixes #15633 : Deprecate some things going away/changing in 2.1
...
- Deprecated `yii\base\BaseObject::className()` in favor of native PHP syntax `::class`, which does not trigger autoloading
- Deprecated XCache and Zend data cache support as caching backends
- Deprecated `yii\BaseYii::powered()` method
- Added `yii\base\InvalidArgumentException` and deprecated `yii\base\InvalidParamException`
- Added `yii\BaseYii::debug()` and deprecated `yii\BaseYii::trace()`
7 years ago
Alexander Makarov
d7be512fa0
Fixes #10186 : Use native `hash_equals` in `yii\base\Security::compareString()` if available, throw exception if non-strings are compared
7 years ago
Ankit Padia
533f9edd35
generatePasswordHash() documentation example syntax error fixed
7 years ago
Sam
05f197825b
Fixes #15332 : Always check for availability of `openssl_pseudo_random_bytes`, even if LibreSSL is available
7 years ago
Robert Korulczyk
1501c659ac
Add empty lines before return statements. ( #14682 ) [skip ci]
7 years ago
Robert Korulczyk
ba0ab403b5
Added php-cs-fixer coding standards validation to Travis CI ( #14100 )
...
* php-cs-fixer: PSR2 rule.
* php-cs-fixer: PSR2 rule - fix views.
* Travis setup refactoring.
* Add php-cs-fixer to travis cs tests.
* Fix tests on hhvm-3.12
* improve travis config
* composer update
* revert composer update
* improve travis config
* Fix CS.
* Extract config to separate classes.
* Extract config to separate classes.
* Add file header.
* Force short array syntax.
* binary_operator_spaces fixer
* Fix broken tests
* cast_spaces fixer
* concat_space fixer
* dir_constant fixer
* ereg_to_preg fixer
* function_typehint_space fixer
* hash_to_slash_comment fixer
* is_null fixer
* linebreak_after_opening_tag fixer
* lowercase_cast fixer
* magic_constant_casing fixer
* modernize_types_casting fixer
* native_function_casing fixer
* new_with_braces fixer
* no_alias_functions fixer
* no_blank_lines_after_class_opening fixer
* no_blank_lines_after_phpdoc fixer
* no_empty_comment fixer
* no_empty_phpdoc fixer
* no_empty_statement fixer
* no_extra_consecutive_blank_lines fixer
* no_leading_import_slash fixer
* no_leading_namespace_whitespace fixer
* no_mixed_echo_print fixer
* no_multiline_whitespace_around_double_arrow fixer
* no_multiline_whitespace_before_semicolons fixer
* no_php4_constructor fixer
* no_short_bool_cast fixer
* no_singleline_whitespace_before_semicolons fixer
* no_spaces_around_offset fixer
* no_trailing_comma_in_list_call fixer
* no_trailing_comma_in_singleline_array fixer
* no_unneeded_control_parentheses fixer
* no_unused_imports fixer
* no_useless_return fixer
* no_whitespace_before_comma_in_array fixer
* no_whitespace_in_blank_line fixer
* not_operator_with_successor_space fixer
* object_operator_without_whitespace fixer
* ordered_imports fixer
* php_unit_construct fixer
* php_unit_dedicate_assert fixer
* php_unit_fqcn_annotation fixer
* phpdoc_indent fixer
* phpdoc_no_access fixer
* phpdoc_no_empty_return fixer
* phpdoc_no_package fixer
* phpdoc_no_useless_inheritdoc fixer
* Fix broken tests
* phpdoc_return_self_reference fixer
* phpdoc_single_line_var_spacing fixer
* phpdoc_single_line_var_spacing fixer
* phpdoc_to_comment fixer
* phpdoc_trim fixer
* phpdoc_var_without_name fixer
* psr4 fixer
* self_accessor fixer
* short_scalar_cast fixer
* single_blank_line_before_namespace fixer
* single_quote fixer
* standardize_not_equals fixer
* ternary_operator_spaces fixer
* trailing_comma_in_multiline_array fixer
* trim_array_spaces fixer
* protected_to_private fixer
* unary_operator_spaces fixer
* whitespace_after_comma_in_array fixer
* `parent::setRules()` -> `$this->setRules()`
* blank_line_after_opening_tag fixer
* Update finder config.
* Revert changes for YiiRequirementChecker.
* Fix array formatting.
* Add missing import.
* Fix CS for new code merged from master.
* Fix some indentation issues.
7 years ago
Nikolay Oleynikov
950e895fe0
Fix phpDocumentor annotations ( #13905 ) [skip ci]
8 years ago
Sam Mousa
8ae207c3a1
Fixes #13837 : Refactored masking of CSRF tokens
8 years ago
Charles R. Portwood II
953a0bba2b
Fixes #13650 : Improved `yii\base\Security::hkdf()` to take advantage of native `hash_hkdf()` implementation in PHP >= 7.1.2
8 years ago
Andrew Nester
953c4a8e5a
Fixes #13407 : Added URL-safe base64 encode/decode methods to `StringHelper`
8 years ago
Carsten Brandt
b8b3aeeb00
update deprecated phpdoc messages
8 years ago
Robert Korulczyk
7a3a342127
Fix errors reported by apidoc extension. ( #12986 )
8 years ago
Robert Korulczyk
4aa935e69e
Fixes #12055 : Changed `boolean` to `bool` and `integer` to `int` in phpdoc
8 years ago
Boudewijn Vahrmeijer
32f4dc8997
Fixes #5385 : links created from classes to corresponding guide articles ( #12920 )
8 years ago
Almir Bolduan
6c1fe1a137
Update Security.php
...
Corrected description for method decryptByKey().
8 years ago
Carsten Brandt
e94b68436d
complete test coverage for reading /dev/urandom
...
fixes an issue with buffered reading
9 years ago
Carsten Brandt
f2f082dbab
moved checks before random_bytes() to have consistent behavior accross php versions
9 years ago
Alexander Makarov
0c6c1eebd1
Better buffer usage description as suggested by @tom--
...
https://github.com/yiisoft/yii2/pull/11285#discussion_r59960199
9 years ago
Alexander Makarov
6a80a132e2
Converted constant into local variable #11285
9 years ago
Alexander Makarov
81b18e1538
Fixed variable name
9 years ago
Alexander Makarov
371440d59a
More Security component enhancements
...
- Removed PHP version checks since both are met by default because Yii requires 5.4.0+.
- Limit PHP fread buffer in order to prevent entropy wasting.
- Fixed incorrect bytes to read calculation.
- Added more notes explaining decisions.
9 years ago
Tom Worster
c455a3c54b
Security component enhancements
...
- Added tests for random key generation speed.
- Better generateRandomKey() performance for small reads because of using fopen + buffered read and local caching of source detection.
- Use /dev/random on FreeBSD.
9 years ago
Carsten Brandt
191f2a4943
fixed phpdoc type names
9 years ago
Carsten Brandt
f620f4de90
phpdoc fixes
9 years ago
Tom Worster
40fc49bf16
remove obsolete @throw tags
9 years ago
Tom Worster
ba19858e58
move private state var also
9 years ago
Tom Worster
83b61eae43
move "private" consts before generateRandomKey()
9 years ago
Tom Worster
358e9115ed
comment lstat
9 years ago
Tom Worster
e7a888ad11
use file_get_contents and not magic numbers
9 years ago
Tom Worster
1f41a2c9af
Fixes #9878,9879,9880: Make `\base\Security` use `random_bytes()`, LibreSSL, mcrypt, limit OpenSSL to Windows, and to prefer `password_hash()` over `crypt()`
9 years ago
SilverFire - Dmitry Naumenko
cd87d67f34
Global DOCS update: ~~~ replaced with ```
9 years ago
artur
e1509bfe73
Fix methods references
9 years ago
Carsten Brandt
6d9fe671de
various code style and whitespace adjustments
9 years ago
freezy
6a4436f95b
[ Fixes #9177 ] Password Hash Cost setting for Security component
9 years ago
onedevlink
c4ab9a0891
Fixed typo in base/Security file and docs
9 years ago
Alexander Mohorev
68c30c1034
Replace aliases of functions
9 years ago
Yasser Hassan
daab0e9aef
Fixing typo.
...
close #7941
10 years ago
Alexander Makarov
d7346cbfaf
Used PHP_OS instead of php_uname() to check for Linix
10 years ago
Alexander Makarov
4fffd8fcef
Prevented Security from erroring in case of /dev/urandom or /dev/random aren't available
10 years ago
Alexander Makarov
7721baae1f
Used StringHelper for byte operations
10 years ago
tom--
4512833fac
Fixes #7215 : Uses OpenSSL crypto lib instead of Mcrypt. Added testing of encrypted data compatibility, both backward and forward
10 years ago
munawer
33b760eca2
[ci skip] Guide typos fixed
10 years ago
Alexander Mohorev
899b778994
Correct type declarations
10 years ago
Alexander Mohorev
bb8550886e
PHP type casting
10 years ago
Alexander Mohorev
f1edafffaf
PHPDoc comment doesn't contain all necessary @throws tag
...
close #5762
10 years ago
Sergey
783d1ccaed
typo fix
...
close #5454
10 years ago
Henry Abbott
00aab7c379
Fixed typo in comments for generatePasswordHash
10 years ago
RichWeber
92cd13a913
pull origin
10 years ago
Qiang Xue
a0d19e922b
Fixes #4497 : changed to use hex digits by default when hashing data.
10 years ago
Carsten Brandt
ca9d4867f4
code style
10 years ago