mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
BUGFIX: Add a default list of allowed extensions so that the CMS works reasonably out of the box.
BUGFIX: Allow files that don't have an extension (most notably folders) BUGFIX: Ensure that file URL rewriting works if you rename a page twice without publishing. BUGFIX: Ensure that the page doesn't go green after URLs are rewritten ENHANCEMENT: Recognise HTTP_X_FORWARDED_HOST header and use that in place of HTTP_HOST (from r93148) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@96752 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
fc0bc9ba03
commit
3c88905299
@ -91,6 +91,13 @@ if(!isset($_SERVER['HTTP_HOST'])) {
|
||||
if($_GET) stripslashes_recursively($_GET);
|
||||
if($_POST) stripslashes_recursively($_POST);
|
||||
}
|
||||
|
||||
/**
|
||||
* Fix HTTP_HOST from reverse proxies
|
||||
*/
|
||||
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
|
||||
$_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -1331,6 +1331,8 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
|
||||
}
|
||||
}
|
||||
|
||||
echo "=======\nUPDATING LINK TRACKING FOR $this->Title\n=========\n";
|
||||
SSBacktrace::backtrace();
|
||||
$this->LinkTracking()->setByIDList($linkedPages);
|
||||
$this->ImageTracking()->setByIDList($linkedFiles);
|
||||
|
||||
@ -1463,26 +1465,24 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
|
||||
*/
|
||||
function rewriteFileURL($old, $new) {
|
||||
$fields = $this->inheritedDatabaseFields();
|
||||
// Update the content without actually creating a new version
|
||||
foreach(array("SiteTree_Live", "SiteTree") as $table) {
|
||||
// Published site
|
||||
$published = DB::query("SELECT * FROM \"$table\" WHERE \"ID\" = $this->ID")->record();
|
||||
$origPublished = $published;
|
||||
|
||||
foreach($fields as $fieldName => $fieldType) {
|
||||
if ($fieldType != 'HTMLText') continue;
|
||||
|
||||
$original = clone $this;
|
||||
|
||||
// Draft site
|
||||
$this->$fieldName = str_replace($old, $new, $this->$fieldName, $numReplaced);
|
||||
if($numReplaced) $this->write();
|
||||
|
||||
// Published site
|
||||
$published = DB::query("SELECT * FROM \"SiteTree_Live\" WHERE \"ID\" = $this->ID")->record();
|
||||
$origPublished = $published;
|
||||
|
||||
// TODO: This doesn't work for HTMLText fields on other tables.
|
||||
if(isset($published[$fieldName])) {
|
||||
$published[$fieldName] = str_replace($old, $new, $published[$fieldName], $numReplaced);
|
||||
if($numReplaced) {
|
||||
DB::query("UPDATE \"SiteTree_Live\" SET \"$fieldName\" = '"
|
||||
DB::query("UPDATE \"$table\" SET \"$fieldName\" = '"
|
||||
. Convert::raw2sql($published[$fieldName]) . "' WHERE \"ID\" = $this->ID");
|
||||
|
||||
// Tell static caching to update itself
|
||||
if($table == 'SiteTree_Live') {
|
||||
$publishedClass = $origPublished['ClassName'];
|
||||
$origPublishedObj = new $publishedClass($origPublished);
|
||||
$this->extend('onRenameLinkedAsset', $origPublishedObj);
|
||||
@ -1490,6 +1490,8 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a FieldSet with which to create the CMS editing form.
|
||||
|
@ -51,7 +51,15 @@ class File extends DataObject {
|
||||
* @see Upload->allowedExtensions
|
||||
* @var array
|
||||
*/
|
||||
public static $allowed_extensions = array();
|
||||
public static $allowed_extensions = array(
|
||||
'html','htm','xhtml','js','css',
|
||||
'png','gif','jpg','jpeg',
|
||||
'mov','mkv','mp3','m4a',
|
||||
'doc','docx','txt','rtf','xls','xlsx','pages',
|
||||
'ppt','pptx','pps','csv',
|
||||
'zip','zipx','sit','sitx','gz','pkg','dmg','hqx',
|
||||
'xml','pdf',
|
||||
);
|
||||
|
||||
/**
|
||||
* If this is true, then restrictions set in $allowed_max_file_size and
|
||||
@ -269,14 +277,6 @@ class File extends DataObject {
|
||||
parent::onBeforeWrite();
|
||||
|
||||
if(!$this->Name) $this->Name = "new-" . strtolower($this->class);
|
||||
|
||||
if($brokenPages = $this->BackLinkTracking()) {
|
||||
foreach($brokenPages as $brokenPage) {
|
||||
Notifications::event("BrokenLink", $brokenPage, $brokenPage->OwnerID);
|
||||
$brokenPage->HasBrokenFile = true;
|
||||
$brokenPage->write();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -629,7 +629,11 @@ class File extends DataObject {
|
||||
|
||||
function validate() {
|
||||
if(!File::$apply_restrictions_to_admin && Permission::check('ADMIN')) {
|
||||
if(!in_array(strtolower(pathinfo($this->Name, PATHINFO_EXTENSION)), self::$allowed_extensions)) {
|
||||
$extension = strtolower(pathinfo($this->Name, PATHINFO_EXTENSION));
|
||||
|
||||
if($extension && !in_array($extension, self::$allowed_extensions)) {
|
||||
$exts = self::$allowed_extensions;
|
||||
sort($exts);
|
||||
$message = sprintf(
|
||||
_t(
|
||||
'File.INVALIDEXTENSION',
|
||||
@ -637,7 +641,7 @@ class File extends DataObject {
|
||||
PR_MEDIUM,
|
||||
'Argument 1: Comma-separated list of valid extensions'
|
||||
),
|
||||
implode(',',self::$allowed_extensions)
|
||||
implode(', ',$exts)
|
||||
);
|
||||
return new ValidationResult(false, $message);
|
||||
}
|
||||
|
@ -16,6 +16,7 @@ class FileLinkTrackingTest extends SapphireTest {
|
||||
$testFiles = array(
|
||||
'/assets/testscript-test-file.pdf',
|
||||
'/assets/renamed-test-file.pdf',
|
||||
'/assets/renamed-test-file-second-time.pdf',
|
||||
);
|
||||
foreach($testFiles as $file) {
|
||||
if(file_exists(Director::baseFolder().$file)) unlink(Director::baseFolder().$file);
|
||||
@ -33,6 +34,8 @@ class FileLinkTrackingTest extends SapphireTest {
|
||||
|
||||
$this->assertContains('<img src="assets/renamed-test-file.pdf" />',
|
||||
DB::query("SELECT \"Content\" FROM \"SiteTree\" WHERE \"ID\" = $page->ID")->value());
|
||||
$this->assertContains('<img src="assets/renamed-test-file.pdf" />',
|
||||
DB::query("SELECT \"Content\" FROM \"SiteTree_Live\" WHERE \"ID\" = $page->ID")->value());
|
||||
}
|
||||
|
||||
function testFileLinkRewritingOnVirtualPages() {
|
||||
@ -56,6 +59,45 @@ class FileLinkTrackingTest extends SapphireTest {
|
||||
$this->assertContains('<img src="assets/renamed-test-file.pdf" />',
|
||||
DB::query("SELECT \"Content\" FROM \"SiteTree_Live\" WHERE \"ID\" = $svp->ID")->value());
|
||||
}
|
||||
|
||||
function testLinkRewritingOnAPublishedPageDoesntMakeItEditedOnDraft() {
|
||||
// Publish the source page
|
||||
$page = $this->objFromFixture('Page', 'page1');
|
||||
$this->assertTrue($page->doPublish());
|
||||
$this->assertFalse($page->IsModifiedOnStage);
|
||||
|
||||
// Rename the file
|
||||
$file = $this->objFromFixture('File', 'file1');
|
||||
$file->Name = 'renamed-test-file.pdf';
|
||||
|
||||
// Caching hack
|
||||
Versioned::prepopulate_versionnumber_cache('SiteTree', 'Stage', array($page->ID));
|
||||
Versioned::prepopulate_versionnumber_cache('SiteTree', 'Live', array($page->ID));
|
||||
|
||||
// Confirm that the page hasn't gone green.
|
||||
$this->assertFalse($page->IsModifiedOnStage);
|
||||
}
|
||||
|
||||
function testTwoFileRenamesInARowWork() {
|
||||
$page = $this->objFromFixture('Page', 'page1');
|
||||
$this->assertTrue($page->doPublish());
|
||||
$this->assertContains('<img src="assets/testscript-test-file.pdf" />',
|
||||
DB::query("SELECT \"Content\" FROM \"SiteTree_Live\" WHERE \"ID\" = $page->ID")->value());
|
||||
|
||||
// Rename the file twice
|
||||
$file = $this->objFromFixture('File', 'file1');
|
||||
$file->Name = 'renamed-test-file.pdf';
|
||||
$file->write();
|
||||
|
||||
$file->Name = 'renamed-test-file-second-time.pdf';
|
||||
$file->write();
|
||||
|
||||
// Confirm that the correct image is shown in both the draft and live site
|
||||
$this->assertContains('<img src="assets/renamed-test-file-second-time.pdf" />',
|
||||
DB::query("SELECT \"Content\" FROM \"SiteTree\" WHERE \"ID\" = $page->ID")->value());
|
||||
$this->assertContains('<img src="assets/renamed-test-file-second-time.pdf" />',
|
||||
DB::query("SELECT \"Content\" FROM \"SiteTree_Live\" WHERE \"ID\" = $page->ID")->value());
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
Loading…
Reference in New Issue
Block a user