jean
48a8213a18
BUGFIX Load jquery before leftandmain.js in upload iframe for assets
2014-02-27 14:59:28 +13:00
Ingo Schommer
6543b4e6f0
FIX Privilege escalation through Group and Member CSV upload (SS-2013-004)
...
See http://www.silverstripe.org/ss-2013-004-privilege-escalation-through-group-and-member-csv-upload/
2013-08-30 15:43:02 +02:00
Ingo Schommer
c7b0666390
BUG Escape page titles in CommentAdmin table listing
2013-02-17 23:22:02 +01:00
Ingo Schommer
41aec54e88
BUG Consistently use FormResponse in CMS JavaScript ( fixes #8036 )
...
Regression caused by a security fix in 9bf3ae9a190
2012-12-04 12:07:17 +01:00
Ingo Schommer
75e58c9508
More graceful handling of missing GET data in ModelAdmin
...
See https://github.com/silverstripe/silverstripe-cms/pull/253
2012-12-04 11:38:32 +01:00
Julian Seidenberg
838ac97177
BUGFIX: fixing an edge-case bug where a 404-page would get statically published and overwrite the homepage of the site (this would sometimes happen when a RedirectorPage was set to an external URL and still referenced an internal page ID)
2012-07-09 13:24:00 +12:00
Ingo Schommer
4abe136db5
API CHANGE silverstripe_version file now contains the plain version number, rather than an SVN path
2012-02-01 18:56:21 +01:00
Ingo Schommer
bb757d13a4
ENHANCEMENT Allow editing of new File.ShowInSearch flag through AssetTableField
2011-09-15 16:17:47 +02:00
Ingo Schommer
d15e8509b0
SECURITY Using JSON instead of serialize() to stringify user data in PageCommentsInterface
2011-09-15 15:22:54 +02:00
Ingo Schommer
b5ea2f68fe
BUGFIX Consistently using Convert::raw2sql() instead of DB::getConn()->addslashes() or PHP's deprecated addslashes() for database escaping
2011-09-15 15:20:04 +02:00
Ladislav Kubes
5d3ddafbd8
Add some translation in cms core
2011-06-09 16:18:35 +02:00
Sean Harvey
27aad3deca
BUGFIX #6291 Remove rollback action from CMSMain allowed_actions and rely on form action_rollback instead which is safer
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@115440 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:53 +13:00
Sean Harvey
3b6a9579d4
BUGFIX #6304 PageCommentInterface::PostCommentForm() loads inappropriate data from cookie, including wrong values for ParentID
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@115399 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:53 +13:00
Ingo Schommer
25de6303a8
BUGFIX Allowing CMSMain->rollback() outside of form contexts, temporariliy disabling CSRF protection. Necessary in order to get rollback actions working from admin/getversion (regression from 2.4.4 release, see #6291 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@115313 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:53 +13:00
Ingo Schommer
6a02f2edb5
BUGFIX Removing form actions from $allowed_actions in AssetAdmin, CMSMain, LeftAndMain - handled through Form->httpSubmission() (from r115185)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@115189 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:53 +13:00
Sean Harvey
77c5701fa6
BUGFIX #6162 CMSMain::publishall() fails when over 30 pages (thanks natmchugh!) (from r114940)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@114941 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:53 +13:00
Ingo Schommer
7428010748
BUGFIX Added SecurityToken to PageCommentInterface->DeleteAllLink() ( fixes #6223 , thanks Pigeon)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@114195 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:52 +13:00
Sean Harvey
e907e2e266
BUGFIX Fixed case where AssetAdmin would throw an error if $links was not an object in AssetAdmin::getCustomFieldsFor()
...
MINOR Defined $backlinks as an array before adding entries to it
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@114036 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:51 +13:00
Saophalkun Ponlu
75f12d5a7e
ENHANCEMENT: Update Asset's left and right panels with filders and files after 'Look for new files' was triggered (open #5543 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@113871 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:51 +13:00
Ingo Schommer
b8338bc2bc
MINOR Typo in AssetAdmin ( fixes #6191 , thanks Juanitou)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@113695 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:51 +13:00
Ingo Schommer
e8e5c62c5a
BUGFIX Avoid reloading CMS form twice after certain saving actions ( fixes #5451 , thanks muzdowski)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@113692 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:51 +13:00
Ingo Schommer
6df2e74323
MINOR Fixed regression from r113282 for changed SecurityToken API in CMSMain->publishall() ( fixes #6159 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@113360 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:50 +13:00
Ingo Schommer
bc3df654bd
API CHANGE Fixed various controllers to enforce CSRF protection through Form_SecurityToken on GET actions that are not routed through Form->httpSubmission(): AssetAdmin, CMSBatchActionHandler, CMSMain, CommentTableField, LeftAndMain, MemberTableField, PageComment, PageComment_Controller
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@113282 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:50 +13:00
Ingo Schommer
4bc9a5aee8
MINOR Removed unused SecurityAdmin->MemberForm() and savemember() (see MemberTableField)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@113281 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:50 +13:00
Ingo Schommer
b31cb6731e
MINOR Removed unused Security->addmember() (see MemberTableField and SecurityAdmin->addtogroup())
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@113280 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:50 +13:00
Ingo Schommer
f8fd60f02b
MINOR Removed unused SecurityAdmin->removememberfromgroup() (see MemberTableField)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@113279 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:49 +13:00
Jean-Fabien Barrios
6c0a41f0c4
Added doc for static help_link
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111879 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:48 +13:00
Saophalkun Ponlu
ee4e748803
MINOR: Enable non-default language for tinyMCE, setting language in _config.php didn't work. Thanks for @christian
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111875 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:48 +13:00
Jean-Fabien Barrios
75544392a2
ENHANCEMENT: 6017 - Configurable help link
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111828 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:48 +13:00
Ingo Schommer
054a6d2270
MINOR Fixed SS_Datetime references in BrokenLinksReport and CommentAdmin ( fixes #6063 , thanks nicolaas)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111786 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:48 +13:00
Will Rossiter
55e245aca8
MINOR: removed debug
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111454 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:48 +13:00
Will Rossiter
a584a1f516
BUGFIX: added validation to the page comment form
...
Fixes #2782
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111452 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:48 +13:00
Will Rossiter
6bf7bd1819
MINOR: removed debug
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111450 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:47 +13:00
Will Rossiter
4cc09f2a39
ENHANCEMENT: allow PageCommentForm to store all users data, rather than hardcoding the fields
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111449 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:47 +13:00
Will Rossiter
b76b6f61d2
ENHANCEMENT: simple extend hook for PageCommentForms. Temporary measure till #6053 is implemented
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111443 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:47 +13:00
Ingo Schommer
798c1d173a
MINOR Ensuring SiteTreeAccess.js is properly minified in live mode
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@111224 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:47 +13:00
Ingo Schommer
01373cf4af
BUGFIX Disallow addition of members to groups with MemberTableField->addtogroup() when the editing member doesn't have permissions on the added member
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@110859 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:47 +13:00
Ingo Schommer
51fee3fe45
BUGFIX Don't suggest members in SecurityAdmin->autocomplete() that the current user doesn't have rights to edit ( fixes #5651 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@110858 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:47 +13:00
Sean Harvey
c134b8e020
BUGFIX #5811 Fixed default selection of root node when CMS first opened (no currentPage set in session)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@110439 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:47 +13:00
Julian Seidenberg
31a9271c85
BUGFIX: CSVBulkLoader import method now no longer requires files to end in '.csv'. Some projects want to import files in CSV format, but not of csv file type.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@108887 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:46 +13:00
Sean Harvey
2e25aa2bdf
BUGFIX #5852 Missing translation for SecurityAdmin save button causes it to have no text, should default to english "Save"
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@108407 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:45 +13:00
Ingo Schommer
473347dcfe
BUGFIX Fixing default group selection in 'add member' dialog (in MemberTableField) ( fixes #5836 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@108099 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:45 +13:00
Ingo Schommer
dd70fcd5be
BUGFIX AssetAdmin->doUpload() shows JS alert *before* triggering a page reload, as this seems to mess up TinyMCE in Firefox on subsequent page loads ( fixes #5838 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@108096 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:45 +13:00
Ingo Schommer
3ef552d539
MINOR Disabled 'showcalendar' option on CMSMain->SiteTreeFilterDateField() - it causes the CMS to load jQuery UI javascript just for this (rarely used field). To be re-enabled once we work with jQuery UI on a broader scale.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@107784 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:44 +13:00
Ingo Schommer
8c43535225
MINOR Moved class-specific documentation from doc.silverstripe.org back into class-level PHPDoc
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@107726 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:44 +13:00
Ingo Schommer
b505c5540a
MINOR Removed debug code in MemberTableField
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@107525 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:44 +13:00
Sean Harvey
255aa5d0f5
ENHANCEMENT #5352 CMS now uses the user's preferred date and time formatting in DateField and TimeField
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@107327 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:43 +13:00
Sean Harvey
e6aeb94217
MINOR Reverted r107305
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@107307 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:43 +13:00
Sean Harvey
87341f9498
MINOR Code formatting fix for setting Member locale in LeftAndMain::init()
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@107305 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:43 +13:00
Luke Hudson
0fe83d2264
BUGFIX: re-enable broken link notification using BackLinkTracking() (this was broken since r101127
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@106360 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 17:53:42 +13:00