Merge remote-tracking branch 'origin/3.0' into 3.1

Conflicts: docs/en/changelogs/3.0.6.md forms/Form.php forms/FormField.php forms/TreeDropdownField.php
2024-10-22 12:05:37 +00:00 · 2013-09-27 18:50:47 +02:00 · 2013-09-27 18:50:47 +02:00 · 2e3511bc5f
commit 2e3511bc5f
parent 8c958cd5fb d963eac0a6
8 changed files with 57 additions and 16 deletions
--- a/docs/en/changelogs/3.0.6.md
+++ b/docs/en/changelogs/3.0.6.md
@ -1,4 +1,4 @@
-# 3.0.6 (Not yet released)
+# 3.0.6
 ## Overview
@ -23,6 +23,10 @@ See [announcement](http://www.silverstripe.org/ss-2013-004-privilege-escalation-
 See [announcement](http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/)
 ### Security: Information disclosure in Versioned.php (SS-2013-006)
 See [announcement](http://www.silverstripe.org/ss-2013-006-information-disclosure-in-versioned/)
 ### Security: Privilege escalation through Group hierarchy setting (SS-2013-003)
 See [announcement](http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/)
--- a/docs/en/changelogs/3.0.7.md
+++ b/docs/en/changelogs/3.0.7.md
@ -0,0 +1,17 @@
 # 3.0.7
 ## Overview
 ### Security: XSS in form validation errors (SS-2013-008)
 See [announcement](http://www.silverstripe.org/ss-2013-008-xss-in-numericfield-validation/)
 ### Security: XSS in CMS "Pages" section (SS-2013-009)
 See [announcement](http://www.silverstripe.org/ss-2013-009-xss-in-cms-pages-section/)
 ### API: Form validation message no longer allow HTML
 Due to cross-site scripting concerns when user data is used for form messages,
 it is no longer possible to use HTML in `Form->sessionMessage()`, and consequently
 in the `FormField->validate()` API.
--- a/docs/en/changelogs/rc/3.0.7-rc1.md
+++ b/docs/en/changelogs/rc/3.0.7-rc1.md
@ -0,0 +1,17 @@
 # 3.0.7-rc1
 ## Overview
 ### Security: XSS in form validation errors (SS-2013-008)
 See [announcement](http://www.silverstripe.org/ss-2013-008-xss-in-numericfield-validation/)
 ### Security: XSS in CMS "Pages" section (SS-2013-009)
 See [announcement](http://www.silverstripe.org/ss-2013-009-xss-in-cms-pages-section/)
 ### API: Form validation message no longer allow HTML
 Due to cross-site scripting concerns when user data is used for form messages,
 it is no longer possible to use HTML in `Form->sessionMessage()`, and consequently
 in the `FormField->validate()` API.
--- a/docs/en/topics/versioning.md
+++ b/docs/en/topics/versioning.md
@ -81,7 +81,7 @@ but also include information about when and how a record was published.
 	:::php
 	$record = MyRecord::get()->byID(99); // stage doesn't matter here
 	$versions = $record->allVersions();
-	echo $versions->First()->Version; // instance of Versioned_Versoin
+	echo $versions->First()->Version; // instance of Versioned_Version
 ### Writing Versions and Changing Stages
--- a/forms/CreditCardField.php
+++ b/forms/CreditCardField.php
@ -35,6 +35,9 @@ class CreditCardField extends TextField {
 	 * @return string
 	 */
 	protected function getTabIndexHTML($increment = 0) {
 		// we can't add a tabindex if there hasn't been one set yet.
 		if($this->getAttribute('tabindex') === null) return false;
 		$tabIndex = (int)$this->getAttribute('tabindex') + (int)$increment;
 		return (is_numeric($tabIndex)) ? ' tabindex = "' . $tabIndex . '"' : '';
 	}
--- a/forms/Form.php
+++ b/forms/Form.php
@ -1481,7 +1481,7 @@ class Form extends RequestHandler {
 	public function addExtraClass($class) {
 		//split at white space
 		$classes = preg_split('/\s+/', $class);
-		foreach ($classes as $class) {
+		foreach($classes as $class) {
 			//add classes one by one
 			$this->extraClasses[$class] = $class;
 		}
--- a/forms/FormField.php
+++ b/forms/FormField.php
@ -886,7 +886,7 @@ class FormField extends RequestHandler {
 		// of the field, e.g. its "type" attribute.
 		foreach($this->attributes as $k => $v) {
 			$field->setAttribute($k, $v);
-		}
+}
 		$field->dontEscape = $this->dontEscape;
 		return $field;