Commit Graph

2180 Commits

Author SHA1 Message Date
Damian Mooyman
ab78198946 Merge pull request #979 from ss23/SS2014005-3-1
FIX Do now allow arbitary class creation in CMS
2014-03-27 12:55:40 +13:00
Stephen Shkardoon
a67ed2799d FIX Do now allow arbitary class creation in CMS 2014-03-19 19:27:39 +13:00
Stephen Shkardoon
8e50405871 FIX Prevent SQLi when no URL filters are applied 2014-03-19 19:05:13 +13:00
Simon Welsh
b497b8f548 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	.travis.yml
	code/reports/Report.php
2014-03-18 09:23:39 +13:00
Russell Michell
b4a1aa4537 FIX Fixes #965. Allow user date-settings to show on GridField Page admin
- Relies on framework PR #2961.
2014-03-17 10:40:08 +13:00
Simon Welsh
403b47fe6c Merge pull request #951 from sheadawson/950-fileexists
FIX fileexists check
2014-03-16 20:29:12 +13:00
Simon Welsh
2503d1dca2 Merge pull request #911 from chillu/pulls/908-all-sections-canedit
Page edit access with CMS_ACCESS_LeftAndMain (fixes #908)
2014-03-16 20:12:15 +13:00
Simon Welsh
5024a48f89 FIX: Reports with Parameter fields override ReportTitle and ReportDescription
Fixes #696
2014-03-16 19:09:47 +13:00
sheadawson
dc865399dc FIX fileexists check via ajax didnt know what folder the file was being uploaded to. Fixes #950 2014-02-20 15:17:04 +11:00
Ingo Schommer
889e97e17d Merge remote-tracking branch 'origin/3.1' 2014-02-18 22:06:56 +13:00
Hamish Friedlander
224033e518 FIX Limit ExtraMeta to only allow meta and link elements 2014-02-17 12:08:09 +13:00
Sam Minnee
d0a4fc2065 FIX: Fix failover to index template in ContentController::getViewer()
Historically, if you visit a foo action on Page, and Page_foo.ss doesn't exist, then it fails over
to Page.ss.  The introduction of ContentController::getViewer() broke this, but this patch adds a
test for this case and fixes it.

It was identified by build failures on silverstripe/userforms when tested against the master branch.
2014-02-14 17:44:53 +13:00
Sean Harvey
0bb5b4c8a4 Merge branch '3.1' 2014-02-12 11:13:29 +13:00
Gus King
7b4cc316ef Numerous PHPDoc fixes. 2014-02-10 15:35:13 -05:00
Gus King
457cadb103 Documented magic properties/methods of SiteTree and SiteConfig. 2014-02-09 19:13:04 -05:00
Ingo Schommer
683b099308 Merge pull request #914 from micmania1/900-page-templates-without-controller
NEW Locate page template without needing to define a controller
2014-02-07 14:20:30 +13:00
Russell Michell
7d7c75414c NEW Track broken anchors 2014-01-31 12:44:59 +13:00
micmania1
47582b3e3c getViewer will now locate and use the correct templates for pages which don't have their own controller 2013-12-20 20:52:11 +00:00
Ingo Schommer
07033548fc Merge remote-tracking branch 'origin/3.1' 2013-12-19 20:22:26 +01:00
Ingo Schommer
1f17f4320d Page edit access with CMS_ACCESS_LeftAndMain (fixes #908)
"Access to all sections" implies edit access in the CMS
2013-12-13 10:05:06 +01:00
Martijn
dec2be38fa use Controller::join_links() for listview links
This fixes incorrect adding of the locale parameter when using translatable :

http://site.com/admin/pages/edit/show?locale=nl_NL/11
2013-12-06 15:45:15 +01:00
Ingo Schommer
6403be518a Backwards compat OldPageRedirector
Regression from f972466880.
Passes tests in 3.1, but fails in master due to Deprecation notices.
Tests needed adjustments because OldPageRedirector::find_old_page()
doesn't have the same method signature...
2013-12-06 14:28:08 +01:00
Ingo Schommer
9ca336bea3 Merge remote-tracking branch 'origin/3.1' 2013-12-02 20:44:57 +01:00
Ingo Schommer
ec41cb38ce ValidationException support in CMS "Settings" UI 2013-12-02 16:38:46 +01:00
Ingo Schommer
6804461539 Merge pull request #898 from dnadesign/errorpagepermissions
FIX: ErrorPage generating empty responses for 403/401 requests
2013-11-22 11:49:37 -08:00
Loz Calver
8f720406b5 Implement History.js logic for "Cancel" action 2013-11-22 12:46:03 +01:00
Loz Calver
95d9257b1b ENHANCEMENT: Add 'Cancel' button to 'Add Page' form 2013-11-20 20:15:08 +01:00
Will Rossiter
ddc2e3822b FIX: ErrorPage generating empty responses for 403/401 requests
Previously by setting the response status code inside the action, this prevented response bodies from being included due to 403/401 being matched by SS_HTTPResponse::isFinished() (which stops popular

I assume SS_HTTPResponse::isFinished() is valid for the permission error use case (and I would be hesitant to change it) so this simply moves the declaration of the response status code till after the parent has populated the body of the response.
2013-11-18 16:32:15 +13:00
Martijn
0a854e9260 Make Settings Link in CMSSettingsController clickable
When SiteConfig has a GridField, you can't click on the Link to go back
2013-11-15 09:55:31 +01:00
Andrew Short
e17fb17520 Merge branch '3.1'
Conflicts:
	lang/es.yml
2013-11-11 18:24:03 +11:00
Damian Mooyman
f9c3f4d1cc Merge pull request #889 from chillu/pulls/2638-uploadfield
Disable UploadField change detection in assets/admin/add
2013-11-06 17:16:17 -08:00
Stephen Shkardoon
f972466880 Refactor old page redirector into an extension 2013-11-06 23:00:50 +13:00
Ingo Schommer
2d0ee2ca91 Disable UploadField change detection in assets/admin/add
See https://github.com/silverstripe/silverstripe-framework/issues/2638
2013-11-06 10:08:15 +01:00
Trevor
e3724e9207 Fix comment typo 2013-10-28 13:48:31 +11:00
Loz Calver
b6589ba9a9 NEW: Page types no longer require a controller, they can inherit the parent page type's
Use ClassInfo::ancestry() instead of get_parent_class()

Fall back to ContentController by default
2013-10-23 16:44:59 +01:00
Ingo Schommer
ef0f633f46 Merge remote-tracking branch 'origin/3.1' 2013-10-23 14:53:33 +02:00
Ingo Schommer
3d9fc2cc4c Default CMSMain to Versioned::reading_stage("Stage")
Regression caused by https://github.com/silverstripe/silverstripe-framework/pull/2585
2013-10-23 14:29:24 +02:00
Ingo Schommer
c645d76b1f Merge pull request #879 from sheadawson/833-currentPageID
Add hook for extensions to update current page id, before falling ...
2013-10-21 00:24:06 -07:00
sheadawson
1b5465809d MINOR add hook for extensions to update current page id, before falling back to default 2013-10-21 17:42:45 +11:00
Ingo Schommer
0a1ffd3e1a Merge remote-tracking branch 'origin/3.1'
Conflicts:
	.travis.yml
2013-10-20 13:51:19 +02:00
Ingo Schommer
aae6b2b296 Avoid encoded HTML breadcrumbs 2013-10-11 00:27:21 +02:00
Andrew Short
68d254c3c4 Add an extension hook for customising site tree hints. 2013-10-11 01:31:07 +11:00
Ingo Schommer
dd29936fee Merge remote-tracking branch 'origin/3.1' 2013-10-10 12:10:20 +02:00
Andrew Short
b7476f2a46 BUG: Fix add new button not passing the correct parent ID.
The `%s` parent ID placeholder was being URL encoded, so it was not being
replaced properly when adding a new page. This fix separately adds
placeholder parameters to the URL to avoid this issue.

The fix is not ideal, but there is no easy way to indicate that some
URL parameters should be URL encoded and others should not while still
correctly constructing the URL.
2013-10-10 13:09:24 +11:00
Loz Calver
66bfff4d15 FIX Don't validate pages when restoring or reverting (fixes #2449)
Use new method
2013-10-03 16:54:38 +01:00
Ingo Schommer
2a4191d449 Merge remote-tracking branch 'origin/3.0' into 3.1 2013-10-02 12:21:50 +02:00
Ingo Schommer
92e0c410b8 Fixed report link escaping 2013-10-02 12:19:23 +02:00
Ingo Schommer
956b6de05c Merge remote-tracking branch 'origin/3.0' into 3.1 2013-10-01 11:19:14 +02:00
Ingo Schommer
daf92e6ce0 FIX ReportAdmin report links regression
Regression from 79996a76fe,
escaped quotes are no longer necessary because the string
doesn't get eval'ed.
2013-10-01 11:17:36 +02:00
Ingo Schommer
32478ab512 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	code/controllers/ReportAdmin.php
	code/reports/Report.php
2013-09-27 19:07:13 +02:00
Ingo Schommer
8a96bab70d Merge remote-tracking branch 'origin/3.0' into 3.1 2013-09-27 18:50:52 +02:00
Ingo Schommer
9a4a5d909d Merge pull request #816 from kinglozzer/798-custom-page-icons
Move CMSMain->generatePageIconsCss() into a LeftAndMain extension (fixes #798)
2013-09-25 12:54:01 -07:00
Ingo Schommer
86339a551d Clearer escaping in CMSMain
No direct security issue, but makes intent clearer
2013-09-24 21:37:26 +02:00
Ingo Schommer
e170f4c21b FIX Escaping in "dependent pages" (SS-2013-009) 2013-09-24 21:37:26 +02:00
Ingo Schommer
79996a76fe Clearer escaping in ReportAdmin
No direct security issue since report titles can't be set by the user
2013-09-24 21:37:26 +02:00
Ingo Schommer
29e502a63a Hints for SiteTree.TreeTitle casting
Relates to SS-2013-009
2013-09-24 21:37:26 +02:00
Ingo Schommer
201f4881e6 Merge remote-tracking branch 'origin/3.0' into 3.1 2013-09-12 17:16:29 +02:00
Ingo Schommer
4e031076be Search callback for "add page" selector
Necessary since we now default $showSearch=true in TreeDropdownField.
See https://github.com/silverstripe/silverstripe-framework/pull/2364
2013-08-29 17:08:42 +02:00
Tom Densham
4f30fedafd FIX: GridField button styling in reports 2013-08-29 13:56:29 +01:00
Damian Mooyman
5f828149c3 BUG Fixed instances of loosely defined SQL predicates not qualified by table name
Fixed duplicate SQL escaping on SiteTree::get_by_link
2013-08-29 13:59:45 +12:00
Ingo Schommer
6d694a550a Merge pull request #837 from ARNHOE/3.1-siteconfigfix
SiteConfig updated to modeladmin style and fixed ajax switching
2013-08-28 02:20:47 -07:00
Sean Harvey
27749fdb7a AssetAdmin: PHP warning trying to add empty values into CompositeField
If the logged in user doesn't have permission to add a Folder record,
AssetAdmin::getEditForm() tries to enter an empty value into the
children of a ComposteField. This breaks SSViewer with a
call_user_func invalid args PHP warning.

Only include these buttons when they're available to the user.
2013-08-27 14:30:39 +12:00
Arno Poot
920da0d120 SiteConfig updated to modeladmin style and fixed ajax switching 2013-08-24 12:33:38 +02:00
Ingo Schommer
c62f992dc3 Merge remote-tracking branch 'origin/3.1' 2013-08-22 13:56:28 +02:00
Ingo Schommer
3dc86f98a3 Fixed merge error 2013-08-20 22:25:24 +02:00
Ingo Schommer
ba57d42349 Merge remote-tracking branch 'origin/3.0' into 3.1.0
Conflicts:
	code/controllers/ContentController.php
	code/model/SiteTree.php
	tests/search/SearchFormTest.php
2013-08-20 20:59:44 +02:00
Ingo Schommer
7ad9712f05 Merge remote-tracking branch 'origin/3.1' 2013-08-16 13:37:49 +02:00
Ingo Schommer
44fdf66834 Merge pull request #809 from ARNHOE/3.1-siteconfig
Updated siteconfig layout to be more like modeladmin
2013-08-15 13:45:50 -07:00
Hamish Friedlander
71608f0d4a FIX Add SiteTree link tracking as an extension, and apply to SiteTree itself 2013-08-09 11:46:32 +02:00
Sam Minnée
d7d0cb45ae Merge pull request #824 from hafriedlander/fix/archivedate
FIX ArchiveDate enforcement
2013-08-08 17:38:53 -07:00
Simon Welsh
b1664f86a4 FIX Check for stage and drafts in SiteTree::canView() 2013-08-09 10:45:09 +12:00
Hamish Friedlander
2fae9280e5 FIX ArchiveDate enforcement 2013-08-08 17:17:35 +12:00
Ingo Schommer
5eaeb7462a Merge remote-tracking branch 'origin/3.1'
Conflicts:
	lang/en.yml
2013-08-07 17:20:28 +02:00
Ingo Schommer
99ba7bdb4e Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	lang/en.yml
	templates/CMSPageHistoryController_versions.ss
2013-08-07 17:15:17 +02:00
Ingo Schommer
07cccc8e95 Translations: Switch to Transifex format
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Removed "lolcat" locale, uses custom notation (en@lolcal)
  which SilverStripe's i18n system can't handle
  (needs mapping from SS naming to Zend naming)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
- Only allow selection of locales registered through i18n::$all_locales to avoid
  issues with unknown locales in Zend's CLDR database
2013-08-04 12:31:29 +02:00
Ingo Schommer
3f118ef08f Translations: Switch to Transifex format
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Removed "lolcat" locale, uses custom notation (en@lolcal)
  which SilverStripe's i18n system can't handle
  (needs mapping from SS naming to Zend naming)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
2013-08-04 12:28:07 +02:00
Ingo Schommer
ab0f83c48d Translations: Switch to Transifex format
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Renamed "lolcat" locale from "lc_xx" to "en@lolcat" (Transifex/CLDR notation)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
2013-08-04 11:05:41 +02:00
Ingo Schommer
e0aa610172 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	.travis.yml
	templates/Includes/ReportAdmin_Content.ss
	templates/ReportAdminForm.ss
2013-08-03 19:46:46 +02:00
Loz Calver
09b869f5d3 Move CMSMain->generatePageIconsCss() into a LeftAndMain extension (fixes #798) 2013-07-31 09:30:58 +01:00
Arno Poot
afd9f28279 Updated siteconfig layout to be more like modeladmin 2013-07-26 17:45:28 +02:00
Simon Welsh
ff18abb994 Merge branch '3.0' into 3.1
Conflicts:
	.travis.yml
2013-07-14 17:24:06 +12:00
Simon Welsh
3a3e8f2faa Adds LoginForm as an allowed action
Behaves as a form method defined on ContentController
2013-07-14 17:21:59 +12:00
Andrew Short
1710958207 Merge branch '3.1'
Conflicts:
	.travis.yml
	code/controllers/ReportAdmin.php
2013-07-09 13:54:05 +10:00
Hamish Friedlander
a5f00ae2c3 FIX Not checking stage in SiteTree#canView
SiteTree versions that arent the live version shouldnt be accessed by
regular users, but the logic to check that was split off into canViewStage,
which wasnt checked by code that isnt specifically SiteTree aware
(like RestfulServer)
2013-07-05 12:14:22 +12:00
Ingo Schommer
a2c2be2ad5 Correct form name in CMSFileAddController, fixes upload
Fixes https://github.com/silverstripe/silverstripe-framework/issues/2172
2013-07-02 09:33:38 +02:00
Ingo Schommer
0bd257c8fc Merge pull request #770 from chillu/pulls/cmsform
Using new CMSForm class to allow for validation errors in CMS
2013-06-28 02:54:09 -07:00
Ingo Schommer
98750a9cf1 Merge pull request #772 from chillu/pulls/sitetree-urlsegment-votes
API SiteTree->validURLSegment() prioritizes extension votes
2013-06-25 02:18:08 -07:00
Ingo Schommer
aeacbc38aa Fix AssetAdmin::$allowed_actions 2013-06-21 00:54:28 +02:00
Ingo Schommer
a29ce594a1 Merge remote-tracking branch 'origin/3.1' 2013-06-19 11:17:57 +02:00
Jeremy Thomerson
b8908efdf7 ENHANCEMENT: allow sites to override meta generator tag 2013-06-17 20:35:14 +00:00
Mike Parkhill
c7f14129ea FIX #651 Broken redirection after creating new folder in assets 2013-06-13 14:58:09 +02:00
Ingo Schommer
2deb525d47 Using new CMSForm class to allow for validation errors in CMS
This class allows deferring handling of responses to the parent
controller's response negotiator implementation.
2013-06-13 07:44:37 +02:00
Ingo Schommer
0c4b2f8157 API SiteTree->validURLSegment() prioritizes extension votes
Tri-state, use NULL to ignore the extension result
2013-06-12 12:32:42 +02:00
g4b0
238f2908e5 BUG: fixed "regression" inserted with 9281ebc647 adding a new class to SiteTree elem (edit-disabled) 2013-06-03 13:46:10 +02:00
Ingo Schommer
c21c9cba0d Merge remote-tracking branch 'origin/3.1' 2013-05-31 18:10:26 +02:00
Sean Harvey
206f09ab65 Merge pull request #757 from mparkhill/651-assets-broken-redirection
FIX #651 Broken redirection after creating new folder in assets
2013-05-27 15:04:22 -07:00
Mike Parkhill
85f5a45951 FIX #651 Broken redirection after creating new folder in assets 2013-05-27 17:21:07 +12:00
Sean Harvey
20f044cef0 BUG Fixing regression from silverstripe/sapphire/67d1327
Status flag classes didn't pick up styling because the flag was
changed to prefix "status-".
2013-05-26 12:31:15 +12:00
Simon Welsh
e8f6b416d7 Revert call to setCheckModelPermissions() 2013-05-25 13:56:02 +12:00
Sean Harvey
9c1a69ae08 Merge pull request #755 from patbolo/restored-page-correct-title
FIX Correct page title shown when restoring a page, instead of html of t...
2013-05-24 18:45:38 -07:00