diff --git a/CHANGELOG.md b/CHANGELOG.md index ab010be76..6eccf17f6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -37,12 +37,13 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [v4.2.3] ### Added -- Config to set Domain of RememberMe Cookie ([#990]; [#991]; Thanks @xrobau!) +- Config to set Domain of RememberMe Cookie ([#990], [#991]; Thanks @xrobau !) - Config settings for password min/max length ([#993]) ### Fixed -- [PHPMailer] Turn off opportunistic TLS when disabled ([#986]; [#987]) -- Migrator now ignore files that don't end in `.php` ([#965]; Temporary fix for [#998]) +- [PHPMailer] Turn off opportunistic TLS when disabled ([#986], [#987]) +- Migrator now ignore files that don't end in `.php` ([#965], [#998]) +- Respects CSRF_ENABLED environment variable ([#976]; Thanks @Poldovico !) ## [v4.2.2] @@ -796,6 +797,7 @@ See [http://learn.userfrosting.com/upgrading/40-to-41](Upgrading 4.0.x to 4.1.x [#963]: https://github.com/userfrosting/UserFrosting/issues/963 [#965]: https://github.com/userfrosting/UserFrosting/issues/965 [#968]: https://github.com/userfrosting/UserFrosting/issues/968 +[#976]: https://github.com/userfrosting/UserFrosting/issues/976 [#981]: https://github.com/userfrosting/UserFrosting/issues/981 [#983]: https://github.com/userfrosting/UserFrosting/issues/983 [#986]: https://github.com/userfrosting/UserFrosting/issues/986 diff --git a/app/sprinkles/core/config/default.php b/app/sprinkles/core/config/default.php index eedcd73ef..ba27a43e6 100755 --- a/app/sprinkles/core/config/default.php +++ b/app/sprinkles/core/config/default.php @@ -97,7 +97,7 @@ * Note : CSRF Middleware should only be disabled for dev or debug purposes. */ 'csrf' => [ - 'enabled' => getenv('CSRF_ENABLED') ?: true, + 'enabled' => (getenv('CSRF_ENABLED') !== false) ? getenv('CSRF_ENABLED') : true, 'name' => 'csrf', 'storage_limit' => 200, 'strength' => 16, diff --git a/app/sprinkles/core/src/Database/Migrator/MigrationLocator.php b/app/sprinkles/core/src/Database/Migrator/MigrationLocator.php index 3ee918af1..7059be976 100644 --- a/app/sprinkles/core/src/Database/Migrator/MigrationLocator.php +++ b/app/sprinkles/core/src/Database/Migrator/MigrationLocator.php @@ -56,7 +56,7 @@ public function getMigrations() foreach ($migrationFiles as $migrationFile) { // Note that PSR4 insists that all php files must end in PHP, so ignore all // files that don't end in PHP. - if (preg_match('/php$/', $migrationFile)) { + if ($migrationFile->getExtension() == 'php') { $migrations[] = $this->getMigrationDetails($migrationFile); } } diff --git a/app/sprinkles/core/tests/Integration/Database/Migrator/MigrationLocatorTest.php b/app/sprinkles/core/tests/Integration/Database/Migrator/MigrationLocatorTest.php index a5c0fbdcb..dbb94f16c 100644 --- a/app/sprinkles/core/tests/Integration/Database/Migrator/MigrationLocatorTest.php +++ b/app/sprinkles/core/tests/Integration/Database/Migrator/MigrationLocatorTest.php @@ -90,7 +90,13 @@ public function testGetMigrations() new Resource($resourceStream, $resourceAccountLocation, 'one/CreatePasswordResetsTable.php'), new Resource($resourceStream, $resourceAccountLocation, 'two/CreateFlightsTable.php'), new Resource($resourceStream, $resourceAccountLocation, 'CreateMainTable.php'), - new Resource($resourceStream, $resourceAccountLocation, 'README.md'), // This shoudn't be returned by the migrator + + // Theses shoudn't be returned by the migrator + new Resource($resourceStream, $resourceAccountLocation, 'README.md'), + new Resource($resourceStream, $resourceAccountLocation, 'php.md'), + new Resource($resourceStream, $resourceAccountLocation, 'foo.foophp'), + new Resource($resourceStream, $resourceAccountLocation, 'blah.phpphp'), + new Resource($resourceStream, $resourceAccountLocation, 'bar.phpbar'), ]); // Create a new MigrationLocator instance with our simulated ResourceLocation