Merge branch '5.x' into 5.next

en/controllers/components/form-protection.rst

@@ -1,5 +1,5 @@
-FormProtection
-##############
+Form Protection Component
+#########################
 
 .. php:class:: FormProtection(ComponentCollection $collection, array $config = [])
 

en/controllers/pagination.rst

@@ -62,6 +62,8 @@ You can also use :ref:`custom-find-methods` in pagination by using the ``finder`
         ];
     }
 
+Note: This only works with Table as string input in ``$this->paginate('MyTable')``. Once you use ``$this->MyTable->find()`` as input for ``paginate()``, you must directly use that Query object instead.
+
 If your finder method requires additional options you can pass those
 as values for the finder::
 

en/controllers/request-response.rst

@@ -273,22 +273,26 @@ types making the parsed data available in ``$request->getData()`` and
 Environment Variables (from $_SERVER and $_ENV)
 -----------------------------------------------
 
-.. php:method:: putenv($key, $value = null)
+.. php:method:: getEnv($key, $default = null)
 
 ``ServerRequest::getEnv()`` is a wrapper for ``getenv()`` global function and acts as
-a getter/setter for environment variables without having to modify globals
-``$_SERVER`` and ``$_ENV``::
+a getter for environment variables without possible undefined keys::
 
-    // Get the host
     $host = $this->request->getEnv('HTTP_HOST');
 
-    // Set a value, generally helpful in testing.
-    $this->request->withEnv('REQUEST_METHOD', 'POST');
-
 To access all the environment variables in a request use ``getServerParams()``::
 
     $env = $this->request->getServerParams();
 
+.. php:method:: withEnv($key, $value)
+
+``ServerRequest::withEnv()`` is a wrapper for ``putenv()`` global function and acts as
+a setter for environment variables without having to modify globals
+``$_SERVER`` and ``$_ENV``::
+
+    // Set a value, generally helpful in testing.
+    $this->request->withEnv('REQUEST_METHOD', 'POST');
+
 XML or JSON Data
 ----------------
 

en/development/dependency-injection.rst

@@ -55,10 +55,13 @@ Command Example
 ::
 
     // In src/Command/CheckUsersCommand.php
+    use Cake\Console\CommandFactoryInterface;
+
     class CheckUsersCommand extends Command
     {
-        public function __construct(public UsersService $users)
+        public function __construct(protected UsersService $users, ?CommandFactoryInterface $factory = null)
         {
+            parent::__construct($factory);
         }
 
         public function execute(Arguments $args, ConsoleIo $io)
@@ -73,7 +76,8 @@ Command Example
     {
         $container
             ->add(CheckUsersCommand::class)
-            ->addArgument(UsersService::class);
+            ->addArgument(UsersService::class)
+            ->addArgument(CommandFactoryInterface::class);
         $container->add(UsersService::class);
     }
 
@@ -89,13 +93,14 @@ Component Example
 ::
 
     // In src/Controller/Component/SearchComponent.php
-    class SearchComponent extends Command
+    class SearchComponent extends Component
     {
         public function __construct(
             ComponentRegistry $registry,
-            private UserService $users
+            private UserService $users,
+            array $config = []
         ) {
-            parent::__construct($registry, []);
+            parent::__construct($registry, $config);
         }
 
         public function something()

en/development/errors.rst

@@ -354,7 +354,7 @@ provide more context around your errors::
 
     use Cake\Core\Exception\CakeException;
 
-    class MissingWidgetException extends Exception
+    class MissingWidgetException extends CakeException
     {
         // Context data is interpolated into this format string.
         protected $_messageTemplate = 'Seems that %s is missing.';

en/development/routing.rst

@@ -295,7 +295,7 @@ will be treated as part of the parameter::
 
 The above example illustrates how to create a quick way to view
 models from any controller by crafting a URL that looks like
-``/controllername/{id}``. The URL provided to ``connect()`` specifies two
+``/controller-name/{id}``. The URL provided to ``connect()`` specifies two
 route elements: ``{controller}`` and ``{id}``. The ``{controller}`` element
 is a CakePHP default route element, so the router knows how to match and
 identify controller names in URLs. The ``{id}`` element is a custom
@@ -712,7 +712,7 @@ When using nesting, you need to chain them together::
         ['prefix' => 'Admin/MyPrefix', 'controller' => 'TodoItems', 'action' => 'create']
     );
 
-This would link to a controller with the namespace ``App\\Controller\\Admin\\MyPrefix`` and the file path
+This would link to a controller with the namespace ``App\Controller\Admin\MyPrefix`` and the file path
 ``src/Controller/Admin/MyPrefix/TodoItemsController.php``.
 
 .. note::
@@ -1579,7 +1579,7 @@ Custom Route Classes
 Custom route classes allow you to extend and change how individual routes parse
 requests and handle reverse routing. Route classes have a few conventions:
 
-* Route classes are expected to be found in the ``Routing\\Route`` namespace of
+* Route classes are expected to be found in the ``Routing\Route`` namespace of
   your application or plugin.
 * Route classes should extend :php:class:`\\Cake\\Routing\\Route\\Route`.
 * Route classes should implement one or both of ``match()`` and/or ``parse()``.

en/orm/database-basics.rst

@@ -476,12 +476,14 @@ Enum Type
 Maps a `BackedEnum <https://www.php.net/manual/en/language.enumerations.backed.php>`_ to a string or integer column.
 To use this type you need to specify which column is associated to which BackedEnum inside the table class::
 
-    use \Cake\Database\Type\EnumType;
-    use \App\Model\Enum\ArticleStatus;
+    use App\Model\Enum\ArticleStatus;
+    use Cake\Database\Type\EnumType;
 
     // in src/Model/Table/ArticlesTable.php
     public function initialize(array $config): void
     {
+        parent::initialize($config);
+
         $this->getSchema()->setColumnType('status', EnumType::from(ArticleStatus::class));
     }
 
@@ -599,14 +601,16 @@ We then have two ways to use our datatype in our models.
 
 Overwriting the reflected schema with our custom type will enable CakePHP's
 database layer to automatically convert JSON data when creating queries. In your
-Table's :ref:`getSchema() method <saving-complex-types>` add the
+Table's :ref:`initialize() method <saving-complex-types>` add the
 following::
 
     class WidgetsTable extends Table
     {
-        public function getSchema(): TableSchemaInterface
+        public function initialize(array $config): void
         {
-            return parent::getSchema()->setColumnType('widget_prefs', 'json');
+            parent::initialize($config);
+
+            $this->getSchema()->setColumnType('widget_prefs', 'json');
         }
     }
 

en/orm/query-builder.rst

@@ -150,12 +150,12 @@ You can also get a key-value list out of a query result::
 For more information on how to customize the fields used for populating the list
 refer to :ref:`table-find-list` section.
 
-Resultset Are Collection Objects
+ResultSet Is A Collection Object
 --------------------------------
 
 Once you get familiar with the Query object methods, it is strongly encouraged
 that you visit the :doc:`Collection </core-libraries/collections>` section to
-improve your skills in efficiently traversing the results. The resultset (returned
+improve your skills in efficiently traversing the results. The ResultSet (returned
 by calling the ``SelectQuery``'s ``all()`` method) implements the collection interface::
 
     // Use the combine() method from the collections library

en/orm/saving-data.rst

@@ -1094,12 +1094,11 @@ column Types::
 
     class UsersTable extends Table
     {
-        public function getSchema(): TableSchemaInterface
+        public function initialize(array $config): void
         {
-            $schema = parent::getSchema();
-            $schema->setColumnType('preferences', 'json');
+            parent::initialize($config);
 
-            return $schema;
+            $this->getSchema()->setColumnType('preferences', 'json');
         }
     }
 

en/quickstart.rst

@@ -6,6 +6,7 @@ To start off we'll build a simple Content Management application.
 
 .. include:: /tutorials-and-examples/cms/installation.rst
 .. include:: /tutorials-and-examples/cms/database.rst
+.. include:: /tutorials-and-examples/cms/articles-model.rst
 .. include:: /tutorials-and-examples/cms/articles-controller.rst
 
 .. meta::

en/security.rst

@@ -1,14 +1,14 @@
 Security
 ########
 
-CakePHP provides you some tools to secure your application.
-The following sections cover those tools:
+CakePHP provides you some tools to secure your application. In addition to the
+:doc:`controllers/components/form-protection`,  the following sections cover
+additional security features:
 
 .. toctree::
     :maxdepth: 1
 
     core-libraries/security
-    Form Protection Middleware <controllers/components/form-protection>
     CSRF Protection <security/csrf>
     Content Security Policy <security/content-security-policy>
     Security Headers <security/security-headers>

en/views/helpers/form.rst

@@ -2054,7 +2054,7 @@ Will output:
 .. note::
 
     If you are using
-    :php:class:`Cake\\Controller\\Component\\SecurityComponent` in your
+    :php:class:`Cake\\Controller\\Component\\FormProtectionComponent` in your
     application you should always end your forms with ``end()``.
 
 Creating Standalone Buttons and POST Links
@@ -2074,7 +2074,7 @@ Creating POST Buttons
 
 Creates a ``<button>`` tag with a surrounding ``<form>`` element that submits
 via POST, by default. Also, by default, it generates hidden input fields for the
-SecurityComponent.
+FormProtectionComponent.
 
 **Options for POST Button**
 
@@ -2588,23 +2588,23 @@ widget using the magic method::
 
     echo $this->Form->autocomplete('search', $options);
 
-Working with SecurityComponent
-==============================
+Working with FormProtectionComponent
+====================================
 
-:php:meth:`\\Cake\\Controller\\Component\\SecurityComponent` offers several
+:php:meth:`\\Cake\\Controller\\Component\\FormProtectionComponent` offers several
 features that make your forms safer and more secure. By simply including the
-``SecurityComponent`` in your controller, you'll automatically benefit from
+``FormProtectionComponent`` in your controller, you'll automatically benefit from
 form tampering-prevention features.
 
-As mentioned previously when using SecurityComponent, you should always close
+As mentioned previously when using FormProtectionComponent, you should always close
 your forms using :php:meth:`\\Cake\\View\\Helper\\FormHelper::end()`. This will
 ensure that the special ``_Token`` inputs are generated.
 
 .. php:method:: unlockField($name)
 
 * ``$name`` - Optional. The dot-separated name for the field.
 
-Unlocks a field making it exempt from the ``SecurityComponent`` field
+Unlocks a field making it exempt from the ``FormProtectionComponent`` field
 hashing. This also allows the fields to be manipulated by JavaScript.
 The ``$name`` parameter should be the entity property name for the field::
 
@@ -2620,7 +2620,7 @@ The ``$name`` parameter should be the entity property name for the field::
 Generates a hidden ``input`` field with a security hash based on the fields used
 in the form or an empty string when secured forms are not in use.
 If ``$secureAttributes`` is set, these HTML attributes will be
-merged into the hidden input tags generated for the SecurityComponent. This is
+merged into the hidden input tags generated for the FormProtectionComponent. This is
 especially useful to set HTML5 attributes like ``'form'``.
 
 .. meta::

en/views/json-and-xml-views.rst

@@ -4,7 +4,7 @@ JSON and XML views
 The ``JsonView`` and ``XmlView`` integration with CakePHP's
 :ref:`controller-viewclasses` features and  let you create JSON and XML responses.
 
-These view classes are most commonly used alongside :php:meth:`\Cake\Controller\Controller::viewClasses()`.
+These view classes are most commonly used alongside :php:meth:`Cake\\Controller\\Controller::viewClasses()`.
 
 There are two ways you can generate data views. The first is by using the
 ``serialize`` option, and the second is by creating normal template files.

es/development/errors.rst

@@ -273,7 +273,7 @@ El constructor para :php:exc:`Cake\\Core\\Exception\\CakeException` te permite p
 
     use Cake\Core\Exception\CakeException;
 
-    class MissingWidgetException extends Exception
+    class MissingWidgetException extends CakeException
     {
         // Los datos del contexto se interpolan en esta cadena de formato.
         protected $_messageTemplate = 'Parece que falta %s.';

es/development/routing.rst

@@ -717,7 +717,7 @@ Al utilizar anidamiento, es necesario encadenarlos entre sí::
         ['prefix' => 'Admin/MyPrefix', 'controller' => 'TodoItems', 'action' => 'create']
     );
 
-Esto se vincularía a un controlador con el espacio de nombre ``App\\Controller\\Admin\\MyPrefix`` y
+Esto se vincularía a un controlador con el espacio de nombre ``App\Controller\Admin\MyPrefix`` y
 la ruta de archivo ``src/Controller/Admin/MyPrefix/TodoItemsController.php``.
 
 .. note::
@@ -1600,7 +1600,7 @@ Las clases de ruta personalizadas te permiten ampliar y cambiar la forma en que
 las rutas individuales analizan las solicitudes y manejan el enrutamiento inverso.
 Las clases de ruta tienen algunas convenciones:
 
-* Se espera que las clases de ruta se encuentren en el espacio de nombres ``Routing\\Route`` de tu aplicación o plugin.
+* Se espera que las clases de ruta se encuentren en el espacio de nombres ``Routing\Route`` de tu aplicación o plugin.
 * Las clases de ruta deben extender :php:class:`\\Cake\\Routing\\Route\\Route`.
 * Las clases de ruta deben implementar uno o ambos ``match()`` y/o ``parse()``.
 

fr/development/routing.rst

@@ -751,7 +751,7 @@ Lorsque vous utilisez l'imbrication, vous devez les chaîner ensemble::
         ['prefix' => 'Admin/MyPrefix', 'controller' => 'TodoItems', 'action' => 'create']
     );
 
-Cela serait lié à un contrôleur avec l'espace de noms ``App\\Controller\\Admin\\MyPrefix``
+Cela serait lié à un contrôleur avec l'espace de noms ``App\Controller\Admin\MyPrefix``
 et le chemin de fichier ``src/Controller/Admin/MyPrefix/TodoItemsController.php``.
 
 .. note::
@@ -1647,7 +1647,7 @@ Les classes de route personnalisées vous permettent d'étendre et modifier la
 manière dont les routes individuelles parsent les requêtes et gèrent le routing
 inversé. Les classes de route suivent quelques conventions:
 
-* Les classes de Route doivent se trouver dans le namespace ``Routing\\Route``
+* Les classes de Route doivent se trouver dans le namespace ``Routing\Route``
   de votre application ou plugin.
 * Les classes de Route doivent étendre :php:class:`\\Cake\\Routing\\Route\\Route`.
 * Les classes de Route doivent implémenter au moins un des méthodes ``match()``

fr/views/helpers/form.rst

@@ -2088,7 +2088,7 @@ Affichera:
 .. note::
 
     Si vous utilisez
-    :php:class:`Cake\\Controller\\Component\\SecurityComponent` dans votre
+    :php:class:`Cake\\Controller\\Component\\FormProtectionComponent` dans votre
     application, vous devrez obligatoirement terminer vos formulaires avec
     ``end()``.
 
@@ -2110,7 +2110,7 @@ Créer des Boutons POST
 
 Crée une balise ``<button>`` avec un ``<form>`` l'entourant qui soumet par
 défaut une requête POST. De plus, par défaut, cela générera des inputs
-``hidden`` pour le ``SecurityComponent``.
+``hidden`` pour le ``FormProtectionComponent``.
 
 **Options for POST Button**
 
@@ -2623,16 +2623,16 @@ widget en utilisant la méthode magique::
 
     echo $this->Form->autocomplete('search', $options);
 
-Travailler avec SecurityComponent
-=================================
+Travailler avec FormProtectionComponent
+=======================================
 
-:php:meth:`\\Cake\\Controller\\Component\\SecurityComponent` offre plusieurs
+:php:meth:`\\Cake\\Controller\\Component\\FormProtectionComponent` offre plusieurs
 fonctionnalités qui rendent vos formulaires plus sûrs et
-plus sécurisés. En incluant simplement le ``SecurityComponent`` dans votre
+plus sécurisés. En incluant simplement le ``FormProtectionComponent`` dans votre
 controller, vous bénéficierez automatiquement des fonctionnalités de prévention
 contre la falsification de formulaires.
 
-Comme mentionné précédemment, lorsque vous utilisez le SecurityComponent,
+Comme mentionné précédemment, lorsque vous utilisez le FormProtectionComponent,
 vous devez toujours fermer vos formulaires en utilisant
 :php:meth:`\\Cake\\View\\Helper\\FormHelper::end()`. Cela assurera que les
 inputs spéciales ``_Token`` soient générées.
@@ -2642,7 +2642,7 @@ inputs spéciales ``_Token`` soient générées.
 * ``$name`` - Optionnel. Le nom du champ en notation avec point (sous la forme
   ``'Modelname.fieldname'``).
 
-Déverrouille un champ en l’exemptant du hachage par ``SecurityComponent``.
+Déverrouille un champ en l’exemptant du hachage par ``FormProtectionComponent``.
 Cela autorise également le client à manipuler le champ via JavaScript.
 Le paramètre ``$name`` doit correspondre au nom de la propriété de l'entity
 pour l'input::
@@ -2661,7 +2661,7 @@ Génère un ``input`` de type ``hidden`` avec un hash de sécurité basé sur le
 champs utilisés dans le formulaire, ou une chaîne vide si la sécurisation des
 formulaires n'est pas utilisée.
 Si l'option ``$secureAttributes`` est définie, ces attributs HTML seront
-fusionnés avec ceux générés par le SecurityComponent. C'est particulièrement
+fusionnés avec ceux générés par le FormProtectionComponent. C'est particulièrement
 utile pour définir des attributs HTML5 tels que ``'form'``.
 
 .. meta::