From 849113b45f070d51bbed5bc48544ff1675f448d8 Mon Sep 17 00:00:00 2001 From: Vivek Date: Thu, 7 Sep 2017 17:54:51 +0530 Subject: [PATCH 01/33] [testcase] Flush application resources in application flush (#21058) --- src/Illuminate/Foundation/Application.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/Illuminate/Foundation/Application.php b/src/Illuminate/Foundation/Application.php index bf3f53edfa38..ba7eea1817bb 100755 --- a/src/Illuminate/Foundation/Application.php +++ b/src/Illuminate/Foundation/Application.php @@ -1143,6 +1143,16 @@ public function flush() parent::flush(); $this->loadedProviders = []; + $this->bootingCallbacks = []; + $this->bootedCallbacks = []; + $this->middlewares = []; + $this->serviceProviders = []; + $this->deferredServices = []; + $this->reboundCallbacks = []; + $this->resolvingCallbacks = []; + $this->afterResolvingCallbacks = []; + $this->globalResolvingCallbacks = []; + $this->buildStack = []; } /** From 3a9ef5ed36ab24252903705169e9ed4f7c3049be Mon Sep 17 00:00:00 2001 From: Sam Stenvall Date: Wed, 20 Sep 2017 15:31:30 +0300 Subject: [PATCH 02/33] [5.4] Fix invalid phpdoc on the Queue contract (#21269) Backport of https://github.com/laravel/framework/pull/21248 --- src/Illuminate/Contracts/Queue/Queue.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Illuminate/Contracts/Queue/Queue.php b/src/Illuminate/Contracts/Queue/Queue.php index 03c260003a3c..d0954416d3e2 100644 --- a/src/Illuminate/Contracts/Queue/Queue.php +++ b/src/Illuminate/Contracts/Queue/Queue.php @@ -15,7 +15,7 @@ public function size($queue = null); /** * Push a new job onto the queue. * - * @param string $job + * @param string|object $job * @param mixed $data * @param string $queue * @return mixed @@ -26,7 +26,7 @@ public function push($job, $data = '', $queue = null); * Push a new job onto the queue. * * @param string $queue - * @param string $job + * @param string|object $job * @param mixed $data * @return mixed */ @@ -46,7 +46,7 @@ public function pushRaw($payload, $queue = null, array $options = []); * Push a new job onto the queue after a delay. * * @param \DateTime|int $delay - * @param string $job + * @param string|object $job * @param mixed $data * @param string $queue * @return mixed @@ -58,7 +58,7 @@ public function later($delay, $job, $data = '', $queue = null); * * @param string $queue * @param \DateTime|int $delay - * @param string $job + * @param string|object $job * @param mixed $data * @return mixed */ From 576cba749f9cfa150e9ba3eb23c06c70b75f64a8 Mon Sep 17 00:00:00 2001 From: Michael Cordingley Date: Wed, 20 Sep 2017 21:35:31 -0400 Subject: [PATCH 03/33] Perform constant-time token comparison in DatabaseUserProvider --- src/Illuminate/Auth/DatabaseUserProvider.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/Illuminate/Auth/DatabaseUserProvider.php b/src/Illuminate/Auth/DatabaseUserProvider.php index a94b74b8b452..e131e4223da2 100755 --- a/src/Illuminate/Auth/DatabaseUserProvider.php +++ b/src/Illuminate/Auth/DatabaseUserProvider.php @@ -70,10 +70,9 @@ public function retrieveByToken($identifier, $token) { $user = $this->conn->table($this->table) ->where('id', $identifier) - ->where('remember_token', $token) ->first(); - return $this->getGenericUser($user); + return hash_equals($user->remember_token, $token) ? $this->getGenericUser($user) : null; } /** From 41de9cee235ddec5cd0b9695d891c4ffdc40185b Mon Sep 17 00:00:00 2001 From: Michael Cordingley Date: Wed, 20 Sep 2017 21:38:22 -0400 Subject: [PATCH 04/33] Perform constant-time token comparison in EloquentUserProvider --- src/Illuminate/Auth/EloquentUserProvider.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php index 0d5cad9c785e..a629661294ad 100755 --- a/src/Illuminate/Auth/EloquentUserProvider.php +++ b/src/Illuminate/Auth/EloquentUserProvider.php @@ -60,12 +60,11 @@ public function retrieveById($identifier) */ public function retrieveByToken($identifier, $token) { - $model = $this->createModel(); - - return $model->newQuery() + $model = $this->createModel()->newQuery() ->where($model->getAuthIdentifierName(), $identifier) - ->where($model->getRememberTokenName(), $token) ->first(); + + return $model && hash_equals($model->getRememberToken(), $token) ? $model : null; } /** From d03a07e066aea967d9f1884fa4cfc797a50f5bd2 Mon Sep 17 00:00:00 2001 From: Michael Cordingley Date: Wed, 20 Sep 2017 21:38:58 -0400 Subject: [PATCH 05/33] Null-check the $user --- src/Illuminate/Auth/DatabaseUserProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Illuminate/Auth/DatabaseUserProvider.php b/src/Illuminate/Auth/DatabaseUserProvider.php index e131e4223da2..9fe12e55c8b8 100755 --- a/src/Illuminate/Auth/DatabaseUserProvider.php +++ b/src/Illuminate/Auth/DatabaseUserProvider.php @@ -72,7 +72,7 @@ public function retrieveByToken($identifier, $token) ->where('id', $identifier) ->first(); - return hash_equals($user->remember_token, $token) ? $this->getGenericUser($user) : null; + return $user && hash_equals($user->remember_token, $token) ? $this->getGenericUser($user) : null; } /** From 22471ae267f35311b0f2ff4fd7ba4cbf32c3577d Mon Sep 17 00:00:00 2001 From: Michael Cordingley Date: Thu, 21 Sep 2017 11:04:19 -0400 Subject: [PATCH 06/33] Remove trailing white-space. --- src/Illuminate/Auth/EloquentUserProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php index a629661294ad..ac56a04c37f6 100755 --- a/src/Illuminate/Auth/EloquentUserProvider.php +++ b/src/Illuminate/Auth/EloquentUserProvider.php @@ -63,7 +63,7 @@ public function retrieveByToken($identifier, $token) $model = $this->createModel()->newQuery() ->where($model->getAuthIdentifierName(), $identifier) ->first(); - + return $model && hash_equals($model->getRememberToken(), $token) ? $model : null; } From 76ea45df5570f0edff226ece11586b4af2fe0ca3 Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Thu, 21 Sep 2017 11:36:01 -0500 Subject: [PATCH 07/33] formatting --- src/Illuminate/Auth/DatabaseUserProvider.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Illuminate/Auth/DatabaseUserProvider.php b/src/Illuminate/Auth/DatabaseUserProvider.php index 9fe12e55c8b8..1fec9318b277 100755 --- a/src/Illuminate/Auth/DatabaseUserProvider.php +++ b/src/Illuminate/Auth/DatabaseUserProvider.php @@ -72,7 +72,8 @@ public function retrieveByToken($identifier, $token) ->where('id', $identifier) ->first(); - return $user && hash_equals($user->remember_token, $token) ? $this->getGenericUser($user) : null; + return $user && hash_equals($user->remember_token, $token) + ? $this->getGenericUser($user) : null; } /** From 6c63130c001bd0b2bec30d330e110be63b5caee6 Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Thu, 21 Sep 2017 13:00:58 -0500 Subject: [PATCH 08/33] version --- src/Illuminate/Foundation/Application.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Illuminate/Foundation/Application.php b/src/Illuminate/Foundation/Application.php index eed102a7a2d3..b473b8c13a37 100755 --- a/src/Illuminate/Foundation/Application.php +++ b/src/Illuminate/Foundation/Application.php @@ -29,7 +29,7 @@ class Application extends Container implements ApplicationContract, HttpKernelIn * * @var string */ - const VERSION = '5.5.9'; + const VERSION = '5.5.10'; /** * The base path for the Laravel installation. From c5e231f953b02c605ab8c29f1f0b3fe9d9ebc26c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Till=20Kru=CC=88ss?= Date: Thu, 21 Sep 2017 11:48:20 -0700 Subject: [PATCH 09/33] add v5.5.10 release notes --- CHANGELOG-5.5.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/CHANGELOG-5.5.md b/CHANGELOG-5.5.md index b86ac6c55e8b..277e700a7845 100644 --- a/CHANGELOG-5.5.md +++ b/CHANGELOG-5.5.md @@ -1,5 +1,23 @@ # Release Notes for 5.5.x +## v5.5.10 (2017-09-21) + +### Added +- Added `Route::respondWithRoute($name)` method ([#21299](https://github.com/laravel/framework/pull/21299), [66c5e46](https://github.com/laravel/framework/commit/66c5e462dbdb9d0c9d23114da3a3dc1b6e9fa0a1)) +- Added `$strict` parameter to `TestResponse::assertJson()` ([#21301](https://github.com/laravel/framework/pull/21301)) + +### Changed +- Added "firmware" as an uncountable word ([#21306](https://github.com/laravel/framework/pull/21306)) +- Allow `MorphTo::associate()` accept `null` ([#21318](https://github.com/laravel/framework/pull/21318)) +- Changed `__()` signature to match `Translation::trans()` ([10c013c](https://github.com/laravel/framework/commit/10c013c564b7e518640e42e97d9178f9e05ec7d9)) + +### Fixed +- Add missing `driver` parameter to doctrine connection ([#21297](https://github.com/laravel/framework/pull/21297)) + +### Security +- Perform constant-time token comparison in `DatabaseUserProvider` ([#21320](https://github.com/laravel/framework/pull/21320)) + + ## v5.5.9 (2017-09-20) ### Changed From faf5cce7b826a39850fba38be3143155a7eff66c Mon Sep 17 00:00:00 2001 From: Mohamed Said Date: Thu, 21 Sep 2017 20:59:28 +0200 Subject: [PATCH 10/33] fix release --- src/Illuminate/Auth/EloquentUserProvider.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php index ac56a04c37f6..8593262ff14a 100755 --- a/src/Illuminate/Auth/EloquentUserProvider.php +++ b/src/Illuminate/Auth/EloquentUserProvider.php @@ -60,6 +60,8 @@ public function retrieveById($identifier) */ public function retrieveByToken($identifier, $token) { + $model = $this->createModel(); + $model = $this->createModel()->newQuery() ->where($model->getAuthIdentifierName(), $identifier) ->first(); From 74d50148cf2b24f45fcf5a1bcd6d5e0e20366b87 Mon Sep 17 00:00:00 2001 From: Mohamed Said Date: Thu, 21 Sep 2017 21:02:09 +0200 Subject: [PATCH 11/33] refactor --- src/Illuminate/Auth/EloquentUserProvider.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php index 8593262ff14a..de1ea1d8481c 100755 --- a/src/Illuminate/Auth/EloquentUserProvider.php +++ b/src/Illuminate/Auth/EloquentUserProvider.php @@ -61,8 +61,8 @@ public function retrieveById($identifier) public function retrieveByToken($identifier, $token) { $model = $this->createModel(); - - $model = $this->createModel()->newQuery() + + $model = $model->newQuery() ->where($model->getAuthIdentifierName(), $identifier) ->first(); From f74c83eff70a05c47f97e6f0566bf63a708f8bf6 Mon Sep 17 00:00:00 2001 From: Mohamed Said Date: Thu, 21 Sep 2017 21:03:02 +0200 Subject: [PATCH 12/33] refactor --- src/Illuminate/Auth/EloquentUserProvider.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php index de1ea1d8481c..423618a76d89 100755 --- a/src/Illuminate/Auth/EloquentUserProvider.php +++ b/src/Illuminate/Auth/EloquentUserProvider.php @@ -62,9 +62,7 @@ public function retrieveByToken($identifier, $token) { $model = $this->createModel(); - $model = $model->newQuery() - ->where($model->getAuthIdentifierName(), $identifier) - ->first(); + $model = $model->where($model->getAuthIdentifierName(), $identifier)->first(); return $model && hash_equals($model->getRememberToken(), $token) ? $model : null; } From 56f1ffd0880255e9ebbf0dbf47024cc5c2941c7a Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Thu, 21 Sep 2017 13:59:13 -0500 Subject: [PATCH 13/33] version --- src/Illuminate/Foundation/Application.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Illuminate/Foundation/Application.php b/src/Illuminate/Foundation/Application.php index b473b8c13a37..44ceebabb2f8 100755 --- a/src/Illuminate/Foundation/Application.php +++ b/src/Illuminate/Foundation/Application.php @@ -29,7 +29,7 @@ class Application extends Container implements ApplicationContract, HttpKernelIn * * @var string */ - const VERSION = '5.5.10'; + const VERSION = '5.5.11'; /** * The base path for the Laravel installation. From be4313b85b42dd607459942b12892fee60f03f73 Mon Sep 17 00:00:00 2001 From: Mohamed Said Date: Thu, 21 Sep 2017 20:59:28 +0200 Subject: [PATCH 14/33] fix release --- src/Illuminate/Auth/EloquentUserProvider.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php index ac56a04c37f6..8593262ff14a 100755 --- a/src/Illuminate/Auth/EloquentUserProvider.php +++ b/src/Illuminate/Auth/EloquentUserProvider.php @@ -60,6 +60,8 @@ public function retrieveById($identifier) */ public function retrieveByToken($identifier, $token) { + $model = $this->createModel(); + $model = $this->createModel()->newQuery() ->where($model->getAuthIdentifierName(), $identifier) ->first(); From 469bced0a00f0f96bbd00db7f0595beb6e8760e5 Mon Sep 17 00:00:00 2001 From: Mohamed Said Date: Thu, 21 Sep 2017 21:02:09 +0200 Subject: [PATCH 15/33] refactor --- src/Illuminate/Auth/EloquentUserProvider.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php index 8593262ff14a..de1ea1d8481c 100755 --- a/src/Illuminate/Auth/EloquentUserProvider.php +++ b/src/Illuminate/Auth/EloquentUserProvider.php @@ -61,8 +61,8 @@ public function retrieveById($identifier) public function retrieveByToken($identifier, $token) { $model = $this->createModel(); - - $model = $this->createModel()->newQuery() + + $model = $model->newQuery() ->where($model->getAuthIdentifierName(), $identifier) ->first(); From 0275f9c1c76b15438a238624850966cfd18e98de Mon Sep 17 00:00:00 2001 From: Mohamed Said Date: Thu, 21 Sep 2017 21:03:02 +0200 Subject: [PATCH 16/33] refactor --- src/Illuminate/Auth/EloquentUserProvider.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php index de1ea1d8481c..423618a76d89 100755 --- a/src/Illuminate/Auth/EloquentUserProvider.php +++ b/src/Illuminate/Auth/EloquentUserProvider.php @@ -62,9 +62,7 @@ public function retrieveByToken($identifier, $token) { $model = $this->createModel(); - $model = $model->newQuery() - ->where($model->getAuthIdentifierName(), $identifier) - ->first(); + $model = $model->where($model->getAuthIdentifierName(), $identifier)->first(); return $model && hash_equals($model->getRememberToken(), $token) ? $model : null; } From 28eca8519cb055a97ccd1fcb420900a235c2cbf6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Till=20Kru=CC=88ss?= Date: Thu, 21 Sep 2017 12:06:26 -0700 Subject: [PATCH 17/33] add v5.5.11 release notes --- CHANGELOG-5.5.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CHANGELOG-5.5.md b/CHANGELOG-5.5.md index 277e700a7845..0813ccfc852c 100644 --- a/CHANGELOG-5.5.md +++ b/CHANGELOG-5.5.md @@ -1,5 +1,11 @@ # Release Notes for 5.5.x +## v5.5.11 (2017-09-21) + +### Fixed +- Fixed bug in `EloquentUserProvider` introduced in [#21320](https://github.com/laravel/framework/pull/21320) ([#21323](https://github.com/laravel/framework/pull/21323)) + + ## v5.5.10 (2017-09-21) ### Added From 4be83c57cd7c258d290081edbe37b9e68ad52348 Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Thu, 21 Sep 2017 20:36:15 +0100 Subject: [PATCH 18/33] Simplified auth db provider code --- src/Illuminate/Auth/DatabaseUserProvider.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/Illuminate/Auth/DatabaseUserProvider.php b/src/Illuminate/Auth/DatabaseUserProvider.php index 1fec9318b277..fdd25fb08ac0 100755 --- a/src/Illuminate/Auth/DatabaseUserProvider.php +++ b/src/Illuminate/Auth/DatabaseUserProvider.php @@ -68,9 +68,7 @@ public function retrieveById($identifier) */ public function retrieveByToken($identifier, $token) { - $user = $this->conn->table($this->table) - ->where('id', $identifier) - ->first(); + $user = $this->conn->table($this->table)->find($identifier); return $user && hash_equals($user->remember_token, $token) ? $this->getGenericUser($user) : null; From 8809580f985ac9aacfc014abbf195b08fdc73ae0 Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Thu, 21 Sep 2017 21:59:21 +0100 Subject: [PATCH 19/33] Added "software" as an uncountable word (#21324) --- src/Illuminate/Support/Pluralizer.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/Illuminate/Support/Pluralizer.php b/src/Illuminate/Support/Pluralizer.php index 2775147d1996..3f8a30406d85 100755 --- a/src/Illuminate/Support/Pluralizer.php +++ b/src/Illuminate/Support/Pluralizer.php @@ -46,6 +46,7 @@ class Pluralizer 'rice', 'series', 'sheep', + 'software', 'species', 'swine', 'traffic', From 0b03f4bfd7dcac006dc1c5f4ad0b73dc83b902db Mon Sep 17 00:00:00 2001 From: Daniel Naxon Date: Fri, 22 Sep 2017 15:49:16 +0300 Subject: [PATCH 20/33] Fixed hash_equals error when getRememberToken() is null by checking for its value before comparing it to (#21328) --- src/Illuminate/Auth/EloquentUserProvider.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php index 423618a76d89..39413709dc1d 100755 --- a/src/Illuminate/Auth/EloquentUserProvider.php +++ b/src/Illuminate/Auth/EloquentUserProvider.php @@ -64,7 +64,9 @@ public function retrieveByToken($identifier, $token) $model = $model->where($model->getAuthIdentifierName(), $identifier)->first(); - return $model && hash_equals($model->getRememberToken(), $token) ? $model : null; + $rememberToken = $model->getRememberToken(); + + return $model && $rememberToken && hash_equals($rememberToken, $token) ? $model : null; } /** From b3785b7b5170a6718b609f09940a617fa2976323 Mon Sep 17 00:00:00 2001 From: Mohamed Said Date: Fri, 22 Sep 2017 15:33:06 +0200 Subject: [PATCH 21/33] Test retrieving user by remember me token (#21333) * test retreiving user by remember me token * fix style --- tests/Integration/Auth/AuthenticationTest.php | 48 ++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/tests/Integration/Auth/AuthenticationTest.php b/tests/Integration/Auth/AuthenticationTest.php index dde5e4631e19..7faea9f38a84 100644 --- a/tests/Integration/Auth/AuthenticationTest.php +++ b/tests/Integration/Auth/AuthenticationTest.php @@ -5,6 +5,7 @@ use Orchestra\Testbench\TestCase; use Illuminate\Support\Facades\Event; use Illuminate\Support\Facades\Schema; +use Illuminate\Auth\EloquentUserProvider; use Illuminate\Foundation\Auth\User as Authenticatable; /** @@ -34,7 +35,7 @@ public function setUp() $table->string('email'); $table->string('username'); $table->string('password'); - $table->string('remember_token')->default(''); + $table->string('remember_token')->default(null)->nullable(); $table->tinyInteger('is_active')->default(0); }); @@ -157,6 +158,51 @@ public function test_logging_out() $this->assertNull($this->app['auth']->user()); Event::assertDispatched(\Illuminate\Auth\Events\Logout::class); } + + /** + * @test + */ + public function logging_in_out_via_attempt_remembering() + { + $this->assertTrue( + $this->app['auth']->attempt(['email' => 'email', 'password' => 'password'], true) + ); + $this->assertInstanceOf(AuthenticationTestUser::class, $this->app['auth']->user()); + $this->assertTrue($this->app['auth']->check()); + $this->assertNotNull($this->app['auth']->user()->getRememberToken()); + + $oldToken = $this->app['auth']->user()->getRememberToken(); + $user = $this->app['auth']->user(); + + $this->app['auth']->logout(); + + $this->assertNotNull($user->getRememberToken()); + $this->assertNotEquals($oldToken, $user->getRememberToken()); + } + + /** + * @test + */ + public function auth_via_attempt_remembering() + { + $provider = new EloquentUserProvider(app('hash'), AuthenticationTestUser::class); + + $user = AuthenticationTestUser::create([ + 'username' => 'username2', + 'email' => 'email2', + 'password' => bcrypt('password'), + 'remember_token' => $token = str_random(), + 'is_active' => false, + ]); + + $this->assertEquals($user->id, $provider->retrieveByToken($user->id, $token)->id); + + $user->update([ + 'remember_token' => null, + ]); + + $this->assertNull($provider->retrieveByToken($user->id, $token)); + } } class AuthenticationTestUser extends Authenticatable From 74f5831447817034838b3539c644303036df3d8e Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Fri, 22 Sep 2017 08:33:35 -0500 Subject: [PATCH 22/33] version --- src/Illuminate/Foundation/Application.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Illuminate/Foundation/Application.php b/src/Illuminate/Foundation/Application.php index 44ceebabb2f8..805aaf249203 100755 --- a/src/Illuminate/Foundation/Application.php +++ b/src/Illuminate/Foundation/Application.php @@ -29,7 +29,7 @@ class Application extends Container implements ApplicationContract, HttpKernelIn * * @var string */ - const VERSION = '5.5.11'; + const VERSION = '5.5.12'; /** * The base path for the Laravel installation. From c39faf75ab5eca770a66be8032ac5c599ed904f9 Mon Sep 17 00:00:00 2001 From: Jeff Puckett Date: Fri, 22 Sep 2017 14:38:25 +0000 Subject: [PATCH 23/33] add config option for whoops blacklist --- src/Illuminate/Foundation/Exceptions/Handler.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/Illuminate/Foundation/Exceptions/Handler.php b/src/Illuminate/Foundation/Exceptions/Handler.php index 2af2a8f0fcd9..d0892805bf1c 100644 --- a/src/Illuminate/Foundation/Exceptions/Handler.php +++ b/src/Illuminate/Foundation/Exceptions/Handler.php @@ -365,6 +365,12 @@ protected function whoopsHandler() $handler->handleUnconditionally(true); + foreach (config('whoops.blacklist', []) as $key => $secrets) { + foreach ($secrets as $secret) { + $handler->blacklist($key, $secret); + } + } + $handler->setApplicationPaths( array_flip(Arr::except( array_flip($files->directories(base_path())), [base_path('vendor')] From 266b60e56066617fe60acb145b79348a094852cb Mon Sep 17 00:00:00 2001 From: Miguel Piedrafita Date: Fri, 22 Sep 2017 17:02:11 +0200 Subject: [PATCH 24/33] Add changelog for 5.5.12 release (#21334) --- CHANGELOG-5.5.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG-5.5.md b/CHANGELOG-5.5.md index 0813ccfc852c..dd259fb1cc10 100644 --- a/CHANGELOG-5.5.md +++ b/CHANGELOG-5.5.md @@ -1,5 +1,13 @@ # Release Notes for 5.5.x +## v5.5.12 (2017-09-22) + +### Added +- Added "software" as an uncountable word ([#21324](https://github.com/laravel/framework/pull/21324)) + +### Fixed +- Fixed null remember token error on EloquentUserProvider ([#21328](https://github.com/laravel/framework/pull/21328)) + ## v5.5.11 (2017-09-21) ### Fixed From 34172590718f693c3d8ce6e851294a5a01316f51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Till=20Kru=CC=88ss?= Date: Fri, 22 Sep 2017 09:02:04 -0700 Subject: [PATCH 25/33] update CHANGELOG-5.5.md --- CHANGELOG-5.5.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG-5.5.md b/CHANGELOG-5.5.md index dd259fb1cc10..ffd0ef7b151f 100644 --- a/CHANGELOG-5.5.md +++ b/CHANGELOG-5.5.md @@ -6,7 +6,8 @@ - Added "software" as an uncountable word ([#21324](https://github.com/laravel/framework/pull/21324)) ### Fixed -- Fixed null remember token error on EloquentUserProvider ([#21328](https://github.com/laravel/framework/pull/21328)) +- Don't compare remember token if it's `null` ([#21328](https://github.com/laravel/framework/pull/21328)) + ## v5.5.11 (2017-09-21) From 9754d8985b6c44d3dbfb2200a643a55fa2d7b6d5 Mon Sep 17 00:00:00 2001 From: Trevor Fitzgerald Date: Fri, 22 Sep 2017 12:21:59 -0400 Subject: [PATCH 26/33] Optional callback for `Arr::sort()` (#21337) --- src/Illuminate/Support/Arr.php | 4 ++-- src/Illuminate/Support/helpers.php | 4 ++-- tests/Support/SupportArrTest.php | 3 +++ 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/src/Illuminate/Support/Arr.php b/src/Illuminate/Support/Arr.php index 43d7953d1ea4..075ad6889763 100755 --- a/src/Illuminate/Support/Arr.php +++ b/src/Illuminate/Support/Arr.php @@ -550,10 +550,10 @@ public static function shuffle($array) * Sort the array using the given callback or "dot" notation. * * @param array $array - * @param callable|string $callback + * @param callable|string|null $callback * @return array */ - public static function sort($array, $callback) + public static function sort($array, $callback = null) { return Collection::make($array)->sortBy($callback)->all(); } diff --git a/src/Illuminate/Support/helpers.php b/src/Illuminate/Support/helpers.php index 2803271aeb14..05a86ec5aef3 100755 --- a/src/Illuminate/Support/helpers.php +++ b/src/Illuminate/Support/helpers.php @@ -282,10 +282,10 @@ function array_set(&$array, $key, $value) * Sort the array by the given callback or attribute name. * * @param array $array - * @param callable|string $callback + * @param callable|string|null $callback * @return array */ - function array_sort($array, $callback) + function array_sort($array, $callback = null) { return Arr::sort($array, $callback); } diff --git a/tests/Support/SupportArrTest.php b/tests/Support/SupportArrTest.php index ca4d812bfe21..794e9de2e46a 100644 --- a/tests/Support/SupportArrTest.php +++ b/tests/Support/SupportArrTest.php @@ -510,6 +510,9 @@ public function testSort() ['name' => 'Desk'], ]; + $sorted = array_values(Arr::sort($unsorted)); + $this->assertEquals($expected, $sorted); + // sort with closure $sortedWithClosure = array_values(Arr::sort($unsorted, function ($value) { return $value['name']; From 746b41a19efccbf99451d0b0755aecbc0f62287d Mon Sep 17 00:00:00 2001 From: dylan_DPC Date: Sat, 23 Sep 2017 04:25:12 +0530 Subject: [PATCH 27/33] pad function added to collections --- src/Illuminate/Database/Eloquent/Collection.php | 12 ++++++++++++ src/Illuminate/Support/Collection.php | 15 +++++++++++++++ tests/Support/SupportCollectionTest.php | 11 +++++++++++ 3 files changed, 38 insertions(+) diff --git a/src/Illuminate/Database/Eloquent/Collection.php b/src/Illuminate/Database/Eloquent/Collection.php index b13c81ac60fd..b87315ebc167 100755 --- a/src/Illuminate/Database/Eloquent/Collection.php +++ b/src/Illuminate/Database/Eloquent/Collection.php @@ -365,6 +365,18 @@ public function flip() return $this->toBase()->flip(); } + /** + * Pad collection to the specified length with a value. + * + * @param int $size + * @param mixed $value + * @return \Illuminate\Support\Collection + */ + public function pad($size, $value) + { + return $this->toBase()->pad($size, $value); + } + /** * Get the type of the entities being queued. * diff --git a/src/Illuminate/Support/Collection.php b/src/Illuminate/Support/Collection.php index f7bc4e88660f..a758a6ce0278 100644 --- a/src/Illuminate/Support/Collection.php +++ b/src/Illuminate/Support/Collection.php @@ -1542,6 +1542,21 @@ public function zip($items) return new static(call_user_func_array('array_map', $params)); } + /** + * Pad collection to the specified length with a value. + * + * e.g. new Collection([1, 2, 3])->pad(5,0); + * => [1, 2, 3, 0, 0] + * + * @param int $size + * @param mixed $value + * @return static + */ + public function pad($size, $value) + { + return new static(array_pad($this->items, $size, $value)); + } + /** * Get the collection of items as a plain array. * diff --git a/tests/Support/SupportCollectionTest.php b/tests/Support/SupportCollectionTest.php index 88223169a731..b5a0f7e86300 100755 --- a/tests/Support/SupportCollectionTest.php +++ b/tests/Support/SupportCollectionTest.php @@ -1802,6 +1802,17 @@ public function testZip() $this->assertEquals([3, 6, null], $c[2]->all()); } + public function testPadPadsArrayWithValue() + { + $c = new Collection([1,2,3]); + $c = $c->pad(4, 0); + $this->assertEquals([1,2,3,0], $c->all()); + + $c = new Collection([1,2,3,4,5]); + $c = $c->pad(4, 0); + $this->assertEquals([1,2,3,4,5], $c->all()); + } + public function testGettingMaxItemsFromCollection() { $c = new Collection([(object) ['foo' => 10], (object) ['foo' => 20]]); From 9638e3661e00c8a60bb23680d39eaa65e82cefe1 Mon Sep 17 00:00:00 2001 From: dylan_DPC Date: Sat, 23 Sep 2017 04:31:14 +0530 Subject: [PATCH 28/33] doing styleCI's job :P --- tests/Support/SupportCollectionTest.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/Support/SupportCollectionTest.php b/tests/Support/SupportCollectionTest.php index b5a0f7e86300..c39ff18528b4 100755 --- a/tests/Support/SupportCollectionTest.php +++ b/tests/Support/SupportCollectionTest.php @@ -1804,13 +1804,13 @@ public function testZip() public function testPadPadsArrayWithValue() { - $c = new Collection([1,2,3]); + $c = new Collection([1, 2, 3]); $c = $c->pad(4, 0); - $this->assertEquals([1,2,3,0], $c->all()); + $this->assertEquals([1, 2, 3, 0], $c->all()); - $c = new Collection([1,2,3,4,5]); + $c = new Collection([1, 2, 3, 4, 5]); $c = $c->pad(4, 0); - $this->assertEquals([1,2,3,4,5], $c->all()); + $this->assertEquals([1, 2, 3, 4, 5], $c->all()); } public function testGettingMaxItemsFromCollection() From 69388c0a56cf833a205b4712507665682c63f01d Mon Sep 17 00:00:00 2001 From: Michael Cordingley Date: Fri, 22 Sep 2017 21:01:42 -0400 Subject: [PATCH 29/33] [5.5] Add Tests for User Providers and Null-Check DatabaseUserProvider (#21341) * Add tests for EloquentUserProvider::retrieveByToken. * Add tests for DatabaseUserProvider::retrieveByToken. * Add null-check for remember tokens to DatabaseUserProvider. * Fix whitespace transposition. --- src/Illuminate/Auth/DatabaseUserProvider.php | 4 ++- tests/Auth/AuthDatabaseUserProviderTest.php | 31 +++++++++++++++++++ tests/Auth/AuthEloquentUserProviderTest.php | 32 ++++++++++++++++++++ 3 files changed, 66 insertions(+), 1 deletion(-) diff --git a/src/Illuminate/Auth/DatabaseUserProvider.php b/src/Illuminate/Auth/DatabaseUserProvider.php index fdd25fb08ac0..45758eca9a91 100755 --- a/src/Illuminate/Auth/DatabaseUserProvider.php +++ b/src/Illuminate/Auth/DatabaseUserProvider.php @@ -70,7 +70,9 @@ public function retrieveByToken($identifier, $token) { $user = $this->conn->table($this->table)->find($identifier); - return $user && hash_equals($user->remember_token, $token) + $rememberToken = $user->remember_token; + + return $user && $rememberToken && hash_equals($rememberToken, $token) ? $this->getGenericUser($user) : null; } diff --git a/tests/Auth/AuthDatabaseUserProviderTest.php b/tests/Auth/AuthDatabaseUserProviderTest.php index f6e5d155463c..01648e3b3d99 100755 --- a/tests/Auth/AuthDatabaseUserProviderTest.php +++ b/tests/Auth/AuthDatabaseUserProviderTest.php @@ -4,6 +4,7 @@ use Mockery as m; use PHPUnit\Framework\TestCase; +use Illuminate\Auth\GenericUser; use Illuminate\Auth\DatabaseUserProvider; class AuthDatabaseUserProviderTest extends TestCase @@ -39,6 +40,36 @@ public function testRetrieveByIDReturnsNullWhenUserIsNotFound() $this->assertNull($user); } + public function testRetrieveByTokenReturnsUser() + { + $mockUser = new \stdClass(); + $mockUser->remember_token = 'a'; + + $conn = m::mock('Illuminate\Database\Connection'); + $conn->shouldReceive('table')->once()->with('foo')->andReturn($conn); + $conn->shouldReceive('find')->once()->with(1)->andReturn($mockUser); + $hasher = m::mock('Illuminate\Contracts\Hashing\Hasher'); + $provider = new DatabaseUserProvider($conn, $hasher, 'foo'); + $user = $provider->retrieveByToken(1, 'a'); + + $this->assertEquals(new GenericUser((array) $mockUser), $user); + } + + public function testRetrieveByBadTokenReturnsNull() + { + $mockUser = new \stdClass(); + $mockUser->remember_token = null; + + $conn = m::mock('Illuminate\Database\Connection'); + $conn->shouldReceive('table')->once()->with('foo')->andReturn($conn); + $conn->shouldReceive('find')->once()->with(1)->andReturn($mockUser); + $hasher = m::mock('Illuminate\Contracts\Hashing\Hasher'); + $provider = new DatabaseUserProvider($conn, $hasher, 'foo'); + $user = $provider->retrieveByToken(1, 'a'); + + $this->assertNull($user); + } + public function testRetrieveByCredentialsReturnsUserWhenUserIsFound() { $conn = m::mock('Illuminate\Database\Connection'); diff --git a/tests/Auth/AuthEloquentUserProviderTest.php b/tests/Auth/AuthEloquentUserProviderTest.php index c3fb5f060497..214a0036d75d 100755 --- a/tests/Auth/AuthEloquentUserProviderTest.php +++ b/tests/Auth/AuthEloquentUserProviderTest.php @@ -27,6 +27,38 @@ public function testRetrieveByIDReturnsUser() $this->assertEquals('bar', $user); } + public function testRetrieveByTokenReturnsUser() + { + $mockUser = m::mock('stdClass'); + $mockUser->shouldReceive('getRememberToken')->once()->andReturn('a'); + + $provider = $this->getProviderMock(); + $mock = m::mock('stdClass'); + $mock->shouldReceive('getAuthIdentifierName')->once()->andReturn('id'); + $mock->shouldReceive('where')->once()->with('id', 1)->andReturn($mock); + $mock->shouldReceive('first')->once()->andReturn($mockUser); + $provider->expects($this->once())->method('createModel')->will($this->returnValue($mock)); + $user = $provider->retrieveByToken(1, 'a'); + + $this->assertEquals($mockUser, $user); + } + + public function testRetrieveByBadTokenReturnsNull() + { + $mockUser = m::mock('stdClass'); + $mockUser->shouldReceive('getRememberToken')->once()->andReturn(null); + + $provider = $this->getProviderMock(); + $mock = m::mock('stdClass'); + $mock->shouldReceive('getAuthIdentifierName')->once()->andReturn('id'); + $mock->shouldReceive('where')->once()->with('id', 1)->andReturn($mock); + $mock->shouldReceive('first')->once()->andReturn($mockUser); + $provider->expects($this->once())->method('createModel')->will($this->returnValue($mock)); + $user = $provider->retrieveByToken(1, 'a'); + + $this->assertNull($user); + } + public function testRetrieveByCredentialsReturnsUser() { $provider = $this->getProviderMock(); From 1bc8dd90218d382e516425e7f4abb28fafb33dc1 Mon Sep 17 00:00:00 2001 From: Patrick Finucane Date: Sat, 23 Sep 2017 11:07:35 -0500 Subject: [PATCH 30/33] Updating MakesHttpRequests (#21351) This is a fix for setting remote ip for http tests with the ->get($url, [ 'REMOTE_ADDR' => $custom_ip ]) see https://github.com/laravel/framework/issues/21350 --- .../Foundation/Testing/Concerns/MakesHttpRequests.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php b/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php index 3c9058e89123..41fe211cb33e 100644 --- a/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php +++ b/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php @@ -281,7 +281,7 @@ protected function transformHeadersToServerVars(array $headers) */ protected function formatServerHeaderKey($name) { - if (! Str::startsWith($name, 'HTTP_') && $name != 'CONTENT_TYPE') { + if (! Str::startsWith($name, 'HTTP_') && $name != 'CONTENT_TYPE' && $name != 'REMOTE_ADDR') { return 'HTTP_'.$name; } From a0ecda3a0ecaf0203d71bf1e0405f1e07a6b3712 Mon Sep 17 00:00:00 2001 From: Diego SIlveira Mota Date: Sat, 23 Sep 2017 13:11:19 -0300 Subject: [PATCH 31/33] Update Route.php (#21344) Fix comments adding the redirect and view methods --- src/Illuminate/Support/Facades/Route.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Illuminate/Support/Facades/Route.php b/src/Illuminate/Support/Facades/Route.php index 9640bca10937..5197ce07aef8 100755 --- a/src/Illuminate/Support/Facades/Route.php +++ b/src/Illuminate/Support/Facades/Route.php @@ -22,6 +22,8 @@ * @method \Illuminate\Support\Facades\Route name(string $value) * @method \Illuminate\Support\Facades\Route namespace(string $value) * @method \Illuminate\Routing\Route group(string $value) + * @method \Illuminate\Support\Facades\Route redirect(string $uri, string $destination, int $status = 301) + * @method \Illuminate\Support\Facades\Route view(string $uri, string $view, array $data = []) * * @see \Illuminate\Routing\Router */ From a83ebc15e768fab3955013bf5797fa090ee693d7 Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Sat, 23 Sep 2017 11:24:34 -0500 Subject: [PATCH 32/33] rename variable --- src/Illuminate/Foundation/Exceptions/Handler.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Illuminate/Foundation/Exceptions/Handler.php b/src/Illuminate/Foundation/Exceptions/Handler.php index d0892805bf1c..eeefe23b5d22 100644 --- a/src/Illuminate/Foundation/Exceptions/Handler.php +++ b/src/Illuminate/Foundation/Exceptions/Handler.php @@ -365,7 +365,7 @@ protected function whoopsHandler() $handler->handleUnconditionally(true); - foreach (config('whoops.blacklist', []) as $key => $secrets) { + foreach (config('app.debug_blacklist', []) as $key => $secrets) { foreach ($secrets as $secret) { $handler->blacklist($key, $secret); } From 3a833b377eb60884a9476f6ee8c8c98dd471f7c4 Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Sat, 23 Sep 2017 11:26:48 -0500 Subject: [PATCH 33/33] formatting --- src/Illuminate/Support/Collection.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/Illuminate/Support/Collection.php b/src/Illuminate/Support/Collection.php index a758a6ce0278..c7d16d243271 100644 --- a/src/Illuminate/Support/Collection.php +++ b/src/Illuminate/Support/Collection.php @@ -1545,11 +1545,8 @@ public function zip($items) /** * Pad collection to the specified length with a value. * - * e.g. new Collection([1, 2, 3])->pad(5,0); - * => [1, 2, 3, 0, 0] - * * @param int $size - * @param mixed $value + * @param mixed $value * @return static */ public function pad($size, $value)