From 7ec8ebbf9e8b0bf53960fd0f41ec682967e49633 Mon Sep 17 00:00:00 2001
From: Hamish Friedlander <hamish@silverstripe.com>
Date: Mon, 18 Feb 2013 16:16:07 +1300
Subject: [PATCH 01/16] Add 3.1.0-beta2 changelog

---
 docs/en/changelogs/beta/3.1.0-beta2.md | 322 +++++++++++++++++++++++++
 1 file changed, 322 insertions(+)
 create mode 100644 docs/en/changelogs/beta/3.1.0-beta2.md

diff --git a/docs/en/changelogs/beta/3.1.0-beta2.md b/docs/en/changelogs/beta/3.1.0-beta2.md
new file mode 100644
index 000000000..ab90db0e9
--- /dev/null
+++ b/docs/en/changelogs/beta/3.1.0-beta2.md
@@ -0,0 +1,322 @@
+# 3.1.0-beta2 #
+
+## Overview ##
+
+ * Changed action handling and allowed_actions to make more secure by default
+ * Moved dev/tests/startsession to a module
+ * Security: Undefined or empty `$allowed_actions` overrides parent definitions
+ * Security: Information leakage through web access on YAML configuration files
+ * Security: Information leakage through web access on composer files
+ * Security: Require ADMIN permissions for `?showtemplate=1`
+ * Security: Reflected XSS in custom date/time formats in admin/security
+ * Security: Stored XSS in the "New Group" dialog
+ * Security: Reflected XSS in CMS status messages
+
+## Upgrading
+
+See [3.1.0 release notes](/changelogs/3.1.0)
+
+## Changelog
+
+### API Changes
+
+ * 2013-02-18 [5fd55a5](https://github.com/silverstripe/sapphire/commit/5fd55a5) Tighten up allowed_actions (Hamish Friedlander)
+ * 2013-02-12 [d969e29](https://github.com/silverstripe/sapphire/commit/d969e29) Require ADMIN for ?showtemplate=1 (Ingo Schommer)
+ * 2013-02-12 [45c68d6](https://github.com/silverstripe/sapphire/commit/45c68d6) Require ADMIN for ?showtemplate=1 (Ingo Schommer)
+ * 2013-02-13 [53feb3a](https://github.com/silverstripe/sapphire/commit/53feb3a) Add possibility to combine media-targeting stylesheets. (Mateusz Uzdowski)
+ * 2013-02-12 [f931b8d](https://github.com/silverstripe/sapphire/commit/f931b8d) Data corruption on Versioned due to lazy loading (Julian Seidenberg)
+ * 2013-02-05 [18c9a95](https://github.com/silverstripe/sapphire/commit/18c9a95) Removed 'BadLoginURL' session var from MemberLoginForm (Ingo Schommer)
+ * 2013-01-27 [e8da9c9](https://github.com/silverstripe/sapphire/commit/e8da9c9) Use HTMLText as default for RSS Description (jonom)
+ * 2013-01-25 [4b54383](https://github.com/silverstripe/sapphire/commit/4b54383) request handling to be more orthogonal (Hamish Friedlander)
+ * 2013-01-24 [1ca15d0](https://github.com/silverstripe/sapphire/commit/1ca15d0) HTTP::urlRewriter with (string)$code deprecated in 3.1. Fixed regressions and CSS urls. (Damian Mooyman)
+ * 2013-01-23 [c69381c](https://github.com/silverstripe/sapphire/commit/c69381c) Remove Content-Length setting from HTTPResponse (fixes #8010) (Ingo Schommer)
+ * 2013-01-09 [f07ad30](https://github.com/silverstripe/sapphire/commit/f07ad30) Removed non-functional $join argument from DataObject::get() and other APIs (Ingo Schommer)
+ * 2012-12-19 [d487a42](https://github.com/silverstripe/sapphire/commit/d487a42) Default to Upload::$uploads_dir in UploadField (Nathan J. Brauer)
+ * 2012-12-19 [2e1a508](https://github.com/silverstripe/sapphire/commit/2e1a508) Remove dev/tests/startsession etc, use new "testsession" module (Ingo Schommer)
+ * 2012-11-29 [f49f1ff](https://github.com/silverstripe/sapphire/commit/f49f1ff) Rename Transliterator to SS_Transliterator to remove conflict with Intl extension (Simon Welsh)
+ * 2012-11-09 [22095da](https://github.com/silverstripe/sapphire/commit/22095da) Hash autologin tokens before storing in the database. (Mateusz Uzdowski)
+ * 2011-03-16 [d8bfc0b](https://github.com/silverstripe/sapphire/commit/d8bfc0b) Added Security::set_login_url() so that you can define an alternative log-in page if you have made one yourself. (Sam Minnee)
+ * 2011-03-16 [f546979](https://github.com/silverstripe/sapphire/commit/f546979) Add a PermissionFailureException that can be thrown to trigger a log-in. (Sam Minnee)
+
+### Features and Enhancements
+
+ * 2013-02-14 [2335c07](https://github.com/silverstripe/sapphire/commit/2335c07) Make shortcode parser more clever about placement (Hamish Friedlander)
+ * 2013-02-12 [54237d5](https://github.com/silverstripe/sapphire/commit/54237d5) Return $this on setters in DataObject (Zauberfisch)
+ * 2013-02-05 [f0621cd](https://github.com/silverstripe/sapphire/commit/f0621cd) Added ability to query size of Varchar (Daniel Hensby)
+ * 2013-02-05 [1acb416](https://github.com/silverstripe/sapphire/commit/1acb416) Don't load CMS preview iframe if not visible (fixes #8247) (Ingo Schommer)
+ * 2013-02-04 [00097a5](https://github.com/silverstripe/silverstripe-cms/commit/00097a5) Clickable URL preview in CMS (Ingo Schommer)
+ * 2013-02-01 [119d8aa](https://github.com/silverstripe/silverstripe-cms/commit/119d8aa) Do not display SilverStripeNavigator_CMSLink when in a LeftAndMain extension not just CMSMain extensions (UndefinedOffset)
+ * 2013-02-01 [0cb6b46](https://github.com/silverstripe/sapphire/commit/0cb6b46) Storing page preview states (fixes #8092) (Kirk Mayo)
+ * 2013-01-15 [ca84ddc](https://github.com/silverstripe/sapphire/commit/ca84ddc) Preview size and default mode configurability (Ingo Schommer)
+ * 2013-01-15 [16efd74](https://github.com/silverstripe/sapphire/commit/16efd74) Add grid field save handler. (Andrew Short)
+ * 2013-01-14 [76aeec7](https://github.com/silverstripe/silverstripe-cms/commit/76aeec7) SiteTree-&gt;PreviewLink() for fine grained URL control (Ingo Schommer)
+ * 2013-01-11 [5b450f7](https://github.com/silverstripe/sapphire/commit/5b450f7) Added replaceExistingFile setting for UploadField. (Sam Minnee)
+ * 2013-01-11 [cc7318f](https://github.com/silverstripe/sapphire/commit/cc7318f) Added canAttachExisting config option for UploadField. (Sam Minnee)
+ * 2013-01-10 [5e6f5f9](https://github.com/silverstripe/sapphire/commit/5e6f5f9) Allow configuration of send_all_emails_to, ccs_all_emails_to, and bcc_all_emails_to via the config system. (Sam Minnee)
+ * 2013-01-09 [43601d6](https://github.com/silverstripe/sapphire/commit/43601d6) Global default config for UploadField (Ingo Schommer)
+ * 2013-01-09 [67c5db3](https://github.com/silverstripe/sapphire/commit/67c5db3) Global default config for UploadField (Ingo Schommer)
+ * 2013-01-09 [2dfd427](https://github.com/silverstripe/sapphire/commit/2dfd427) Restrict upload abilities in UploadField (Ingo Schommer)
+ * 2013-01-09 [9310b8d](https://github.com/silverstripe/sapphire/commit/9310b8d) Restrict upload abilities in UploadField (Ingo Schommer)
+ * 2013-01-07 [abbee41](https://github.com/silverstripe/sapphire/commit/abbee41) Add ReadonlyField::setIncludeHiddenField() (Sam Minnee)
+ * 2012-12-19 [561e629](https://github.com/silverstripe/sapphire/commit/561e629) Show the allowed extensions as a toggle tip as per trac 7993 (Kirk Mayo)
+ * 2012-12-17 [f9504ee](https://github.com/silverstripe/silverstripe-cms/commit/f9504ee) Writing caching metadata as HTML comments in FilesystemPublisher (through StaticPublisher::$include_caching_metadata) (ischommer) (Andrew O'Neil)
+ * 2012-12-13 [8066376](https://github.com/silverstripe/sapphire/commit/8066376) LeftAndMain breadcrumbs to use MenuTitle (Loz Calver)
+ * 2012-10-17 [7f605cf](https://github.com/silverstripe/sapphire/commit/7f605cf) Disable items in DropdownField and GroupedDropdownField (micschk)
+ * 2012-10-16 [c4dde90](https://github.com/silverstripe/sapphire/commit/c4dde90) Allow hashes to be passed as ArrayList items; the will be turned into ArrayData objects. (Sam Minnee)
+ * 2011-09-29 [2916f20](https://github.com/silverstripe/sapphire/commit/2916f20) Improve HTTP caching logic to automatically disable caching for requests that use the session. (Hamish Friedlander)
+ * 2011-03-02 [c3a3ff4](https://github.com/silverstripe/sapphire/commit/c3a3ff4) Added Email::send_all_emails_from() setting. (Sam Minnee)
+
+### Bugfixes
+
+ * 2013-02-18 [baf894d](https://github.com/silverstripe/sapphire/commit/baf894d) CDATA sections in HTML5 are invalid so remove from test (Hamish Friedlander)
+ * 2013-02-18 [1f4c817](https://github.com/silverstripe/sapphire/commit/1f4c817) new ShortcodeParser handling of empty strings and escapes (Hamish Friedlander)
+ * 2013-02-17 [ede3813](https://github.com/silverstripe/sapphire/commit/ede3813) Secure composer files from web access (fixes #8011) (Ingo Schommer)
+ * 2013-02-17 [e21bd49](https://github.com/silverstripe/sapphire/commit/e21bd49) TimeField respects user choice (fixes #8260) (Ingo Schommer)
+ * 2013-02-14 [d3629be](https://github.com/silverstripe/sapphire/commit/d3629be) Pass named include argument as objects. (ajshort)
+ * 2013-02-13 [ff19f3b](https://github.com/silverstripe/sapphire/commit/ff19f3b) Fixed the injection of named services. (ajshort)
+ * 2013-02-12 [d52d5f7](https://github.com/silverstripe/sapphire/commit/d52d5f7) Adjust Session::setFormMessage to fit with underlying API. (Mateusz Uzdowski)
+ * 2013-02-07 [79eacb2](https://github.com/silverstripe/sapphire/commit/79eacb2) Group-&gt;canEdit() correct non-admin checks (fixes #8250) (Ingo Schommer)
+ * 2013-02-07 [2e77e87](https://github.com/silverstripe/sapphire/commit/2e77e87) fix for broken layout in insert media dialog - Trac #8232 (Jeremy Bridson)
+ * 2013-02-05 [8dae8a3](https://github.com/silverstripe/silverstripe-cms/commit/8dae8a3) Fixed limiting of URLs on RebuildStaticCacheTask (Ingo Schommer)
+ * 2013-02-05 [23eeb99](https://github.com/silverstripe/silverstripe-cms/commit/23eeb99) Clear Requirements before in-memory HTTP request for ErrorPage (Ingo Schommer)
+ * 2013-02-04 [b4c9c18](https://github.com/silverstripe/silverstripe-cms/commit/b4c9c18) Prevent conflict when using multiple SiteTreeURLSegmentField's in CMS edit form (Ryan Wachtl)
+ * 2013-02-04 [857d8bb](https://github.com/silverstripe/sapphire/commit/857d8bb) Don't escape values on TreeDropdownField readonly views (Ingo Schommer)
+ * 2013-02-04 [97fbfd3](https://github.com/silverstripe/silverstripe-cms/commit/97fbfd3) Respect escaping rules on readonly fields in CMS history view (Ingo Schommer)
+ * 2013-02-04 [e56a78b](https://github.com/silverstripe/silverstripe-cms/commit/e56a78b) updateCMSFields not accepting var by reference (Michael Andrewartha)
+ * 2013-02-04 [866bb07](https://github.com/silverstripe/sapphire/commit/866bb07) validate doesn't take var by reference (Michael Andrewartha)
+ * 2013-02-04 [1960df8](https://github.com/silverstripe/sapphire/commit/1960df8) Strict error warnings on DataExtension (Michael Andrewartha)
+ * 2013-02-04 [82099f6](https://github.com/silverstripe/sapphire/commit/82099f6) fixed pagination for "upload from CMS" grid field pagination open/8085 (Jeremy Bridson)
+ * 2013-02-04 [0fade6c](https://github.com/silverstripe/sapphire/commit/0fade6c) fixed styling of asset upload page and dialog in the asset admin and media insert via WYSIWYG editor open/8231. (Jeremy Bridson)
+ * 2013-02-01 [aa3eb98](https://github.com/silverstripe/sapphire/commit/aa3eb98) Assiging width to caption instead of container (Hamish Friedlander)
+ * 2013-01-31 [1bb1090](https://github.com/silverstripe/sapphire/commit/1bb1090) Node updates in IE without non-object error (Ingo Schommer)
+ * 2013-01-31 [4681673](https://github.com/silverstripe/sapphire/commit/4681673) TinyMCE context menu displaying default dialogs instead of our one (Hamish Friedlander)
+ * 2013-01-31 [6f93774](https://github.com/silverstripe/sapphire/commit/6f93774) Not being able to remove, add or edit the caption on an image properly (Hamish Friedlander)
+ * 2013-01-30 [eb7fed9](https://github.com/silverstripe/sapphire/commit/eb7fed9) Prevent defocus on first change in CMS HTMLEditorField (fixes #8217) (Ingo Schommer)
+ * 2013-01-30 [38e930d](https://github.com/silverstripe/sapphire/commit/38e930d) Blocking of preview screen (regression) (Ingo Schommer)
+ * 2013-01-30 [3111ad1](https://github.com/silverstripe/sapphire/commit/3111ad1) Remove extraneous &lt;/div&gt; breaking IE8 image embedding (os#8218) (Mateusz Uzdowski)
+ * 2013-01-30 [9f822d1](https://github.com/silverstripe/sapphire/commit/9f822d1) Not calling updateFromNode on re-opening an image (Hamish Friedlander)
+ * 2013-01-30 [c9f728f](https://github.com/silverstripe/sapphire/commit/c9f728f) Only check the remember token if a user exists (Simon Welsh)
+ * 2013-01-29 [6c78bf9](https://github.com/silverstripe/sapphire/commit/6c78bf9) Flush editors on form submission (os#8222) (Mateusz Uzdowski)
+ * 2013-01-25 [649de6e](https://github.com/silverstripe/silverstripe-cms/commit/649de6e) Reinstated CMS "History" Preview (fixes ##8089) (Ingo Schommer)
+ * 2013-01-25 [3457f43](https://github.com/silverstripe/sapphire/commit/3457f43) Respect CMS preview active state (related to #8089) (Ingo Schommer)
+ * 2013-01-24 [e1e6483](https://github.com/silverstripe/sapphire/commit/e1e6483) Replaced extendedSQL/buildSQL with DataList as per ticket 8183 (Kirk Mayo)
+ * 2013-01-24 [81cd0e6](https://github.com/silverstripe/silverstripe-cms/commit/81cd0e6) Replaced extendedSQL with DataList as per ticket 8183 (Kirk Mayo)
+ * 2013-01-24 [f574979](https://github.com/silverstripe/sapphire/commit/f574979) Exception handling and email notification mechanism now correctly considers the stacktrace as provided by the exceptionHandler function, instead of attempting to perform a debug_backtrace further down the reporting chain (which ends up generating an unnecessarily nested stacktrace). Debug was cleaned up so that errorHandler and exceptionHandler both act consistently. As a result, the LogErrorEmailFormatter class could be simplified. (Damian Mooyman)
+ * 2013-01-23 [437914d](https://github.com/silverstripe/sapphire/commit/437914d) PHPUnit latest not working with composer installed builds (Hamish Friedlander)
+ * 2013-01-23 [45eb0f9](https://github.com/silverstripe/sapphire/commit/45eb0f9) PHPUnit latest not working with composer installed builds (Hamish Friedlander)
+ * 2013-01-21 [5d37d55](https://github.com/silverstripe/sapphire/commit/5d37d55) Form session message clearing regression (Ingo Schommer)
+ * 2013-01-21 [1571d35](https://github.com/silverstripe/silverstripe-cms/commit/1571d35) Only use $.button in onunmatch if init'ed (fixes #8181) (Kirk Mayo)
+ * 2013-01-18 [0c9b216](https://github.com/silverstripe/sapphire/commit/0c9b216) Escape the -f argument passed to mail() (Sam Minnee)
+ * 2013-01-17 [e74ec57](https://github.com/silverstripe/sapphire/commit/e74ec57) Permission checkbox display on members (fixes #8193) (Ingo Schommer)
+ * 2013-01-15 [a70df3e](https://github.com/silverstripe/sapphire/commit/a70df3e) PaginatedList deprecated method was calling non-existent method (Jeremy Thomerson)
+ * 2013-01-15 [014f541](https://github.com/silverstripe/sapphire/commit/014f541) Regression in Form-&gt;clearMessage() (fixes #8186) (Ingo Schommer)
+ * 2013-01-15 [64d3a3d](https://github.com/silverstripe/sapphire/commit/64d3a3d) Don't double unescape URLs in history.js (fixes #8170) (Ingo Schommer)
+ * 2013-01-15 [420c639](https://github.com/silverstripe/sapphire/commit/420c639) Properly show link for showing and hiding class spec in model admin (jean)
+ * 2013-01-15 [f06ba70](https://github.com/silverstripe/sapphire/commit/f06ba70) Undefined `$allowed_actions` overrides parent definitions, stricter handling of $allowed_actions on Extension (Ingo Schommer)
+ * 2013-01-15 [a93f884](https://github.com/silverstripe/sapphire/commit/a93f884) fixed broken styling of iframe in IE for member and group import (Jeremy Bridson)
+ * 2013-01-11 [e020c7b](https://github.com/silverstripe/sapphire/commit/e020c7b) doSave() and doDelete() should use translated singular name (uniun)
+ * 2013-01-11 [f8758ba](https://github.com/silverstripe/sapphire/commit/f8758ba) Fixed margins so that margin is displayed between preview images and their title. (Sam Minnee)
+ * 2013-01-11 [2fdd9a3](https://github.com/silverstripe/sapphire/commit/2fdd9a3) Allow images attached to UploadFields to be unlinked without File::canEdit() or File::canDelete() permission. (Sam Minnee)
+ * 2013-01-11 [f4efaee](https://github.com/silverstripe/sapphire/commit/f4efaee) Fix DataObject::get_one() when the classname is passed with improper casing. (Sam Minnee)
+ * 2013-01-09 [5f8115f](https://github.com/silverstripe/sapphire/commit/5f8115f) Hard fallback to en_US.js in Requirements (Ingo Schommer)
+ * 2013-01-09 [ffc6d6f](https://github.com/silverstripe/silverstripe-cms/commit/ffc6d6f) Disable CMS preview for RedirectorPage (fixes #7127) (Ingo Schommer)
+ * 2013-01-08 [f674af0](https://github.com/silverstripe/silverstripe-cms/commit/f674af0) dependentPages grid field not showing necessary columns and their values. (Normann Lou)
+ * 2013-01-07 [383ae8f](https://github.com/silverstripe/silverstripe-cms/commit/383ae8f) SiteTree_Information.ss was not making use if i18n translations (Kirk Mayo)
+ * 2013-01-06 [30096ee](https://github.com/silverstripe/sapphire/commit/30096ee) Keep Member.PasswordEncryption setting on empty passwords (Ingo Schommer)
+ * 2013-01-04 [f8bbc0a](https://github.com/silverstripe/sapphire/commit/f8bbc0a) Escape HTML in DropdownField and ListboxField (Ingo Schommer)
+ * 2013-01-04 [604ede3](https://github.com/silverstripe/sapphire/commit/604ede3) Escape HTML in CMS status messages (Ingo Schommer)
+ * 2013-01-04 [7bb0bbf](https://github.com/silverstripe/sapphire/commit/7bb0bbf) Fixed XSS in admin/security and "My Profile" forms (Ingo Schommer)
+ * 2013-01-02 [63dbb1c](https://github.com/silverstripe/sapphire/commit/63dbb1c) removed null FormField value. fixes #8088 (g4b0)
+ * 2012-12-21 [f0f83b2](https://github.com/silverstripe/sapphire/commit/f0f83b2) Graceful handling of sprintf with too few params in i18n::_t() (Ingo Schommer)
+ * 2012-12-20 [7a6ce01](https://github.com/silverstripe/sapphire/commit/7a6ce01) Skip pagination on UnsavedRelationList in GFPaginator (Ingo Schommer)
+ * 2012-12-20 [e53280c](https://github.com/silverstripe/sapphire/commit/e53280c) SQLQuery::aggregate() with limit, groupBy and orderBy (fixes #8148) (g4b0)
+ * 2012-12-19 [22efd38](https://github.com/silverstripe/sapphire/commit/22efd38) Calling DataObject::relField() on a object with an empty relation list (Stig Lindqvist)
+ * 2012-12-18 [4388433](https://github.com/silverstripe/sapphire/commit/4388433) Right click on LeftAndMain menu caused CMS preview window to open (Loz Calver)
+ * 2012-12-18 [6aba24b](https://github.com/silverstripe/sapphire/commit/6aba24b) removeRequiredField() should use array_splice() instead of unset() (uniun)
+ * 2012-12-18 [d5a1c3d](https://github.com/silverstripe/sapphire/commit/d5a1c3d) SS has problems handling + in URLs. Filter them out. (Mateusz Uzdowski)
+ * 2012-12-18 [94be5c6](https://github.com/silverstripe/sapphire/commit/94be5c6) Handle namespaced classes in Object::parse_class_spec() (Simon Welsh)
+ * 2012-12-17 [8779e9b](https://github.com/silverstripe/sapphire/commit/8779e9b) Fixed changetracking for radio and checkbox field types (Ingo Schommer)
+ * 2012-12-18 [b01b91f](https://github.com/silverstripe/sapphire/commit/b01b91f) When selecting stage_unique from Versioned the augmentSQL function would permanantly alter the DataQuery while doing a recursive augmentSQL. This fix correctly maintains the correct Versioned.mode so that subsequent calls to this function exhibit the same expected behaviour. (Damian Mooyman)
+ * 2012-12-17 [6aa16e1](https://github.com/silverstripe/sapphire/commit/6aa16e1) Test case for versioned now correctly checks IDs returned from Versioned::get_including_deleted BUG Issue with deleted records not being queried properly. API DataQuery::expressionForField no longer requires a second parameter. Rather the query object is inferred from the DataQuery itself. This should improve consistency of use of this function. (Damian Mooyman)
+ * 2012-12-14 [55b611d](https://github.com/silverstripe/sapphire/commit/55b611d) Hardcoded project name in include_by_locale() (uniun)
+ * 2012-12-13 [0ee7bbf](https://github.com/silverstripe/sapphire/commit/0ee7bbf) Removed !important attribute of #Remember margin (Justin Martin)
+ * 2012-12-11 [f431b35](https://github.com/silverstripe/sapphire/commit/f431b35) Confirmed Password Field now copies attributes to child fields. (Justin Martin)
+ * 2012-12-06 [1a4eaaa](https://github.com/silverstripe/sapphire/commit/1a4eaaa) Ensure  has length before using string index access. (Simon Elvery)
+ * 2012-11-21 [41aec54](https://github.com/silverstripe/silverstripe-cms/commit/41aec54) Consistently use FormResponse in CMS JavaScript (fixes #8036) (Ingo Schommer)
+ * 2012-02-09 [c048a01](https://github.com/silverstripe/sapphire/commit/c048a01) Avoid infinite redirection when logging out and when showing a custom login page after displaying the draft version of a page. (jean)
+ * 2011-12-12 [1e1df8c](https://github.com/silverstripe/sapphire/commit/1e1df8c) Improved detection of empty HTMLText fields. (Sam Minnee)
+ * 2011-09-30 [f41a7d8](https://github.com/silverstripe/sapphire/commit/f41a7d8) Fix issue with not being able to log out on Chrome when caching enabled because of Chrome bug (Hamish Friedlander)
+ * 2011-09-01 [9a2ba48](https://github.com/silverstripe/sapphire/commit/9a2ba48) Made CSRF-error wording friendlier. (Sam Minnee)
+ * 2011-08-31 [729bcc9](https://github.com/silverstripe/sapphire/commit/729bcc9) Don't clear form messages unless forTemplate() is actually called. BUGFIX: Clear session-stored form data as well as form error message. (Sam Minnee)
+ * 2011-08-18 [5f9348b](https://github.com/silverstripe/sapphire/commit/5f9348b) Ensure that Security views respect redirections triggered by Page_Controller::init() (Sam Minnee)
+ * 2011-07-07 [b114aa2](https://github.com/silverstripe/sapphire/commit/b114aa2) Added X-Forwarded-Protocol and User-Agent to Vary header. (Sam Minnee)
+ * 2011-05-26 [55f3ec1](https://github.com/silverstripe/sapphire/commit/55f3ec1) Added error message fields to default search form (Jean-Fabien)
+ * 2011-05-23 [7026a48](https://github.com/silverstripe/sapphire/commit/7026a48) for date manipulation use the SS_Datetime::now, otherwise it does not respect the mock date. (Mateusz Uzdowski)
+ * 2011-05-21 [b7a1db7](https://github.com/silverstripe/sapphire/commit/b7a1db7) Set up the test mailer before loading the fixture, in case fixture-creation causes emails to be generated. (Sam Minnee)
+ * 2011-04-29 [47e037e](https://github.com/silverstripe/sapphire/commit/47e037e) Removed notice-level error after forms w/ required fields are made readonly. (Sam Minnee)
+ * 2011-04-20 [33a1fc7](https://github.com/silverstripe/sapphire/commit/33a1fc7) Fixed operation of inlined images in Mailer, when no inlined images actually attached. (Carlos Barberis)
+ * 2011-04-18 [f8206d1](https://github.com/silverstripe/sapphire/commit/f8206d1) Prevent notice-level error in Session code when non-array is turned into an array. (Sam Minnee)
+ * 2011-03-15 [6fcbad1](https://github.com/silverstripe/sapphire/commit/6fcbad1) Updated SilverStripe error handler so that log_errors still works. (Sam Minnee)
+ * 2011-03-11 [82988d4](https://github.com/silverstripe/sapphire/commit/82988d4) Better error message when 401 response is corrupted. (Sam Minnee)
+
+### Other
+
+ * 2013-02-18 [37b8034](https://github.com/silverstripe/sapphire/commit/37b8034) Fixed changelog (Ingo Schommer)
+ * 2013-02-18 [ad9f26a](https://github.com/silverstripe/sapphire/commit/ad9f26a) Updated changelog (Ingo Schommer)
+ * 2013-02-18 [eafafb3](https://github.com/silverstripe/sapphire/commit/eafafb3) Fixed screen.css (wrong compilation) (Ingo Schommer)
+ * 2013-02-18 [e809e07](https://github.com/silverstripe/silverstripe-cms/commit/e809e07) Updated translations (Ingo Schommer)
+ * 2013-02-18 [d3d0b21](https://github.com/silverstripe/sapphire/commit/d3d0b21) Updated translations (Ingo Schommer)
+ * 2013-02-18 [6298713](https://github.com/silverstripe/sapphire/commit/6298713) Updated changelog (Ingo Schommer)
+ * 2013-02-17 [889e39c](https://github.com/silverstripe/sapphire/commit/889e39c) Support running namespaced build tasks. (ajshort)
+ * 2013-02-15 [5d3ed12](https://github.com/silverstripe/sapphire/commit/5d3ed12) Nginx docs for denying composer file access (fixes #8011) (Ingo Schommer)
+ * 2013-02-13 [923ad88](https://github.com/silverstripe/sapphire/commit/923ad88) Layout regression in "add pages" (Ingo Schommer)
+ * 2013-02-11 [8ea805e](https://github.com/silverstripe/sapphire/commit/8ea805e) Long drop area title overlaps upload icon (uniun)
+ * 2013-02-11 [a4096ec](https://github.com/silverstripe/sapphire/commit/a4096ec) Add a self method to the SSViewer scope. (ajshort)
+ * 2013-02-08 [7ff8d35](https://github.com/silverstripe/sapphire/commit/7ff8d35) Force preview window to refresh on every save (Robert Curry)
+ * 2013-02-07 [537b0c6](https://github.com/silverstripe/silverstripe-cms/commit/537b0c6) Define $allowed_actions consistently (Ingo Schommer)
+ * 2013-02-07 [f2a9a26](https://github.com/silverstripe/sapphire/commit/f2a9a26) Fixed error in documentation (g4b0)
+ * 2013-02-08 [5e6813c](https://github.com/silverstripe/sapphire/commit/5e6813c) Use the injector for creating tasks. (ajshort)
+ * 2013-02-07 [1a43ad5](https://github.com/silverstripe/sapphire/commit/1a43ad5) Removed widths on DatetimeField children (Ingo Schommer)
+ * 2013-02-07 [048f6b1](https://github.com/silverstripe/sapphire/commit/048f6b1) Removed DatetimeField-&gt;setDescription() proxying (Ingo Schommer)
+ * 2013-02-07 [cc1a582](https://github.com/silverstripe/sapphire/commit/cc1a582) Fix deprecated use of has_extension (Robert Curry)
+ * 2013-02-06 [a0e965b](https://github.com/silverstripe/silverstripe-cms/commit/a0e965b) Revert "FIX: updateCMSFields not accepting var by reference" (Ingo Schommer)
+ * 2013-02-06 [a1beda1](https://github.com/silverstripe/sapphire/commit/a1beda1) Removed explicit pass-by-ref in DataExtension-&gt;validate() (Ingo Schommer)
+ * 2013-02-06 [bb223bb](https://github.com/silverstripe/sapphire/commit/bb223bb) Update admin/javascript/lang/de_DE.js (senglmann)
+ * 2013-02-05 [8c3f87b](https://github.com/silverstripe/silverstripe-cms/commit/8c3f87b) Results returned from FSP-&gt;publishPages() (Ingo Schommer)
+ * 2013-02-05 [b19a82b](https://github.com/silverstripe/silverstripe-cms/commit/b19a82b) SiteTree on*() callbacks now consistently invoke on subclasses as well (Ingo Schommer)
+ * 2013-02-05 [d289016](https://github.com/silverstripe/sapphire/commit/d289016) DataObject on*() callbacks now consistently invoke on subclasses as well (Ingo Schommer)
+ * 2013-02-05 [e249799](https://github.com/silverstripe/sapphire/commit/e249799) Incorrect Contant-Type header for RSS feeds (uniun)
+ * 2013-02-05 [b350ded](https://github.com/silverstripe/sapphire/commit/b350ded) Fixed DatetimeField formatting (single row, smaller field) (Ingo Schommer)
+ * 2013-02-05 [6c22545](https://github.com/silverstripe/sapphire/commit/6c22545) DatetimeField-&gt;setDateField()/setTimeField() (Ingo Schommer)
+ * 2013-02-05 [d320247](https://github.com/silverstripe/sapphire/commit/d320247) Trigger delete confirmation popup when deleting a GridFieldDetailForm record (Sean Harvey)
+ * 2013-02-05 [ba825ce](https://github.com/silverstripe/sapphire/commit/ba825ce) Remove whitespace from LeftAndMain_Menu (Sean Harvey)
+ * 2013-02-05 [632e0e8](https://github.com/silverstripe/sapphire/commit/632e0e8) Simplify sentence on shortcodes (Sean Harvey)
+ * 2013-02-04 [fe74051](https://github.com/silverstripe/sapphire/commit/fe74051) Loading "OR" in admin/assets for Chrome (fixes #8245) (Ingo Schommer)
+ * 2013-02-05 [d741aa9](https://github.com/silverstripe/sapphire/commit/d741aa9) Move the shortcode docs to documentation, add examples. (Mateusz Uzdowski)
+ * 2013-02-04 [accbd7f](https://github.com/silverstripe/sapphire/commit/accbd7f) Revert "FIX: Strict error warnings on DataExtension" This reverts commit 1960df8bc30ecb0467a33275810fd121a0125733. (Ingo Schommer)
+ * 2013-02-04 [0e6912c](https://github.com/silverstripe/sapphire/commit/0e6912c) Re-added 'auto' sizing for CMS preview (Ingo Schommer)
+ * 2013-02-04 [1c045b5](https://github.com/silverstripe/sapphire/commit/1c045b5) Smaller styling for minor actions in CMS (Ingo Schommer)
+ * 2013-02-04 [aa81333](https://github.com/silverstripe/sapphire/commit/aa81333) adjusted position of "OR" on the asset upload field and removed right margin from "choose files to upload…" button on the insert media dialog - open/8231 (Jeremy Bridson)
+ * 2013-02-01 [b381e99](https://github.com/silverstripe/sapphire/commit/b381e99) Include "media" attr for module customCSS() (fixes #8219) (Ingo Schommer)
+ * 2013-01-31 [920fd71](https://github.com/silverstripe/sapphire/commit/920fd71) Adding default curl options (Daniel Hensby)
+ * 2013-02-01 [fd71a3d](https://github.com/silverstripe/sapphire/commit/fd71a3d) Consistently exposed ManyManyList information through getters. (ajshort)
+ * 2013-01-30 [f003359](https://github.com/silverstripe/sapphire/commit/f003359) RestfulService_Response now gets response headers (Daniel Hensby)
+ * 2013-01-30 [7c18973](https://github.com/silverstripe/sapphire/commit/7c18973) Better cache key generation (Daniel Hensby)
+ * 2013-01-30 [77476de](https://github.com/silverstripe/sapphire/commit/77476de) Change to how environment file is found (Daniel Hensby)
+ * 2013-01-30 [74a4493](https://github.com/silverstripe/silverstripe-cms/commit/74a4493) Excluded Postgres from Travis (breaks build due to internal errors) (Ingo Schommer)
+ * 2013-01-30 [b25063b](https://github.com/silverstripe/silverstripe-cms/commit/b25063b) Extracted ErrorPage default data to getter (Ingo Schommer)
+ * 2013-01-30 [3dab996](https://github.com/silverstripe/sapphire/commit/3dab996) Excluded Postgres from Travis (breaks build due to internal errors) (Ingo Schommer)
+ * 2013-01-30 [7f4c173](https://github.com/silverstripe/sapphire/commit/7f4c173) Fixed indentation in Mailer (Ingo Schommer)
+ * 2013-01-30 [7327f12](https://github.com/silverstripe/sapphire/commit/7327f12) Re-added wrapImagesInline and wrapImagesInline_rewriter to Mailer class (Ingo Schommer)
+ * 2013-01-29 [416178b](https://github.com/silverstripe/silverstripe-cms/commit/416178b) Reduced code duplication in ErrorPage (no functional changes) (Ingo Schommer)
+ * 2013-01-29 [b15b983](https://github.com/silverstripe/silverstripe-cms/commit/b15b983) Using new "Security.login_url" configuration value (Ingo Schommer)
+ * 2013-01-29 [048ba5b](https://github.com/silverstripe/sapphire/commit/048ba5b) Formatting fix (drzax)
+ * 2013-01-29 [bec5ae1](https://github.com/silverstripe/sapphire/commit/bec5ae1) Include code to block yaml files in installer generated .htaccess (Hamish Friedlander)
+ * 2013-01-29 [acfc0be](https://github.com/silverstripe/sapphire/commit/acfc0be) Document that yaml files shouldnt be served directly (Hamish Friedlander)
+ * 2013-01-28 [d51e0bc](https://github.com/silverstripe/sapphire/commit/d51e0bc) Improved docs on $allowed_actions (Ingo Schommer)
+ * 2013-01-25 [ebe41cd](https://github.com/silverstripe/sapphire/commit/ebe41cd) CSS fixes for Batchactions. (uniun)
+ * 2013-01-25 [f4f2862](https://github.com/silverstripe/sapphire/commit/f4f2862) Fix up /dev/build which should really have ever worked, but used to (Hamish Friedlander)
+ * 2013-01-24 [3439e30](https://github.com/silverstripe/sapphire/commit/3439e30) Corrects indentation and line length (Simon Welsh)
+ * 2013-01-24 [1f1b115](https://github.com/silverstripe/sapphire/commit/1f1b115) Fixing code formatting (Sean Harvey)
+ * 2013-01-24 [657c14f](https://github.com/silverstripe/sapphire/commit/657c14f) Added test cases for exception error logging (Damian Mooyman)
+ * 2013-01-24 [3aa2cdc](https://github.com/silverstripe/sapphire/commit/3aa2cdc) Fixing code formatting in rich-text-editing docs (Sean Harvey)
+ * 2013-01-24 [9ac3cde](https://github.com/silverstripe/sapphire/commit/9ac3cde) Fix typo in templates/Controller.ss (Nicolaas)
+ * 2013-01-24 [141538f](https://github.com/silverstripe/sapphire/commit/141538f) Add docs on how to customise the TinyMCE editor. (Mateusz U)
+ * 2013-01-22 [317977a](https://github.com/silverstripe/silverstripe-cms/commit/317977a) More useful default cols on "Pages" list (fixes #8199) (Ingo Schommer)
+ * 2013-01-22 [4892c11](https://github.com/silverstripe/sapphire/commit/4892c11) Clarified docs on isDev usage in dev/build (Ingo Schommer)
+ * 2013-01-22 [f833226](https://github.com/silverstripe/sapphire/commit/f833226) Updated issue reporting guidelines (Ingo Schommer)
+ * 2013-01-21 [6c7e3af](https://github.com/silverstripe/sapphire/commit/6c7e3af) Updated translations (Ingo Schommer)
+ * 2013-01-21 [f7c8778](https://github.com/silverstripe/sapphire/commit/f7c8778) Breadcrumb/back nav in ModelAdmin now retains search params (Ingo Schommer)
+ * 2013-01-21 [d0585e4](https://github.com/silverstripe/silverstripe-cms/commit/d0585e4) Updated translations (Ingo Schommer)
+ * 2013-01-21 [8717dec](https://github.com/silverstripe/sapphire/commit/8717dec) HTMLEditorField undefined $dimensionsField (fixes #7494) (Ingo Schommer)
+ * 2013-01-21 [89176e8](https://github.com/silverstripe/sapphire/commit/89176e8) Unescaped breadcrumbs for inline groups display (fixes #7936) (Ingo Schommer)
+ * 2013-01-21 [e151704](https://github.com/silverstripe/sapphire/commit/e151704) Application Name fix (Tony Air)
+ * 2013-01-21 [d12ae82](https://github.com/silverstripe/sapphire/commit/d12ae82) Bug fix for open/8181 which stops the HTML source editor window saving/publishing (Kirk Mayo)
+ * 2013-01-20 [3d921e7](https://github.com/silverstripe/sapphire/commit/3d921e7) Update docs/en/reference/form-field-types.md (Will Rossiter)
+ * 2013-01-19 [7523fe4](https://github.com/silverstripe/sapphire/commit/7523fe4) Update admin/code/ModelAdmin.php (Nicolaas)
+ * 2013-01-18 [be78098](https://github.com/silverstripe/sapphire/commit/be78098) Arbitrary placement of _ss_environment.php in parent folders (Daniel Hensby)
+ * 2013-01-18 [7f4541e](https://github.com/silverstripe/sapphire/commit/7f4541e) Update docs/en/changelogs/3.0.0.md (Nicolaas)
+ * 2013-01-17 [cfc976b](https://github.com/silverstripe/silverstripe-cms/commit/cfc976b) Grammar error (unclecheese)
+ * 2013-01-17 [8a9acaa](https://github.com/silverstripe/silverstripe-cms/commit/8a9acaa) Fixed "add page" type icons (fixes #8190) (Ingo Schommer)
+ * 2013-01-15 [e9ba54d](https://github.com/silverstripe/sapphire/commit/e9ba54d) Impossible to unselect TreeDropdownField (uniun)
+ * 2013-01-15 [2e6e0de](https://github.com/silverstripe/sapphire/commit/2e6e0de) Clarified DataList-&gt;limit() docs (Ingo Schommer)
+ * 2013-01-15 [27d2f75](https://github.com/silverstripe/sapphire/commit/27d2f75) Added test for DataList filters with array and modifiers (see #8162) (Ingo Schommer)
+ * 2013-01-14 [80feb8c](https://github.com/silverstripe/sapphire/commit/80feb8c) Respect displayFields in GridFieldPrintButton (Ingo Schommer)
+ * 2013-01-14 [93bee94](https://github.com/silverstripe/silverstripe-cms/commit/93bee94) Don't duplicate SS_Report title in GridField (Ingo Schommer)
+ * 2013-01-14 [703c10a](https://github.com/silverstripe/sapphire/commit/703c10a) Restored inlined styling of .fieldgroup (same UI as in 2.x) (Ingo Schommer)
+ * 2013-01-14 [0a00fea](https://github.com/silverstripe/sapphire/commit/0a00fea) Removed .fieldgroup styles specific to one UI use case (Ingo Schommer)
+ * 2013-01-11 [9e82d8e](https://github.com/silverstripe/sapphire/commit/9e82d8e) Fixed line lengths (Ingo Schommer)
+ * 2013-01-11 [212c4f1](https://github.com/silverstripe/sapphire/commit/212c4f1) Fixed UploadField regression from 4da1af9c3 (Ingo Schommer)
+ * 2013-01-11 [4da1af9](https://github.com/silverstripe/sapphire/commit/4da1af9) Show label-less input#file field in UploadField with canUpload=false (Ingo Schommer)
+ * 2013-01-11 [7306d02](https://github.com/silverstripe/sapphire/commit/7306d02) Show label-less input#file field in UploadField with canUpload=false (Ingo Schommer)
+ * 2013-01-10 [b918487](https://github.com/silverstripe/sapphire/commit/b918487) Fixed preview overlay showing by default (Ingo Schommer)
+ * 2013-01-10 [f30277c](https://github.com/silverstripe/sapphire/commit/f30277c) Split out getLinkAttributes() in .htmleditor JavaScript for more flexibility (Ingo Schommer)
+ * 2013-01-10 [f922321](https://github.com/silverstripe/sapphire/commit/f922321) ManyManyList-&gt;getExtraFields() (Ingo Schommer)
+ * 2013-01-09 [e8bfc24](https://github.com/silverstripe/sapphire/commit/e8bfc24) Setting SapphireTest::is_running_test() in PHPUnit bootstrap (Ingo Schommer)
+ * 2013-01-09 [76e233d](https://github.com/silverstripe/sapphire/commit/76e233d) Only show preview switch if states are available (Ingo Schommer)
+ * 2013-01-09 [80ee913](https://github.com/silverstripe/sapphire/commit/80ee913) Correct dimensions for preview overlay (Ingo Schommer)
+ * 2013-01-09 [f6ab5a4](https://github.com/silverstripe/sapphire/commit/f6ab5a4) Update docs/en/topics/i18n.md (drzax)
+ * 2013-01-08 [5bd8619](https://github.com/silverstripe/sapphire/commit/5bd8619) Add pointer to expand/collapse tree icons (Ingo Schommer)
+ * 2013-01-08 [f564592](https://github.com/silverstripe/sapphire/commit/f564592) Fix tree arrows in TreeDropdownField (Ingo Schommer)
+ * 2013-01-08 [abfb3c7](https://github.com/silverstripe/sapphire/commit/abfb3c7) Default TreeDropdownField to TreeTitle (Ingo Schommer)
+ * 2013-01-08 [61cc033](https://github.com/silverstripe/sapphire/commit/61cc033) Fluent interface for TreeDropdownField (Ingo Schommer)
+ * 2013-01-08 [001e58c](https://github.com/silverstripe/sapphire/commit/001e58c) Update docs/en/tutorials/1-building-a-basic-site.md (James Cocker)
+ * 2013-01-08 [a8904e3](https://github.com/silverstripe/sapphire/commit/a8904e3) Removed incorrect line from contact form docs. (Will Rossiter)
+ * 2013-01-06 [44c4108](https://github.com/silverstripe/sapphire/commit/44c4108) Copying request params before Core.php exec in PHPUnit bootstrap (Ingo Schommer)
+ * 2013-01-05 [9dcace9](https://github.com/silverstripe/sapphire/commit/9dcace9) upgrading 'Setting up an environment for contributing to SilverStripe' to heading 1 (Nicolaas)
+ * 2013-01-04 [3033529](https://github.com/silverstripe/sapphire/commit/3033529) 3.0.4 changelog update (Ingo Schommer)
+ * 2013-01-04 [5d9819b](https://github.com/silverstripe/sapphire/commit/5d9819b) Clearer docs on using composer for contributions (Ingo Schommer)
+ * 2013-01-03 [d872202](https://github.com/silverstripe/sapphire/commit/d872202) Support for X-Reload header (Ingo Schommer)
+ * 2013-01-02 [9dafc83](https://github.com/silverstripe/sapphire/commit/9dafc83) Fixed DateField phpdocs (Ingo Schommer)
+ * 2012-12-27 [a32451f](https://github.com/silverstripe/sapphire/commit/a32451f) adding extension hook in GridFieldDetailForm.php (Nicolaas)
+ * 2012-12-26 [3fca288](https://github.com/silverstripe/sapphire/commit/3fca288) Update forms/TextareaField.php (Nicolaas)
+ * 2012-12-21 [3fd1769](https://github.com/silverstripe/sapphire/commit/3fd1769) Added docs about which branch to choose (Ingo Schommer)
+ * 2012-12-21 [661a4a2](https://github.com/silverstripe/sapphire/commit/661a4a2) Removed direct sprintf() usage from _t() calls (Ingo Schommer)
+ * 2012-12-21 [cb96255](https://github.com/silverstripe/silverstripe-cms/commit/cb96255) Removed direct sprintf() usage from _t() calls (Ingo Schommer)
+ * 2012-12-21 [68eb367](https://github.com/silverstripe/sapphire/commit/68eb367) Remove unncessary variable from TreeDropdownField (Sean Harvey)
+ * 2012-12-20 [d918c26](https://github.com/silverstripe/sapphire/commit/d918c26) Allow recursive includes in i18nTextCollector (fixes #8133) (Ingo Schommer)
+ * 2012-12-20 [aa3b358](https://github.com/silverstripe/sapphire/commit/aa3b358) Adding test for SortColumn to SQLQueryTest (Sean Harvey)
+ * 2012-12-20 [e20f15d](https://github.com/silverstripe/sapphire/commit/e20f15d) Remove /e option due to preg_replace_callback use (Simon Welsh)
+ * 2012-12-20 [c56a80d](https://github.com/silverstripe/sapphire/commit/c56a80d) Use preg_replace_callback over preg_replace with e modifier (Simon Welsh)
+ * 2012-12-19 [86940aa](https://github.com/silverstripe/sapphire/commit/86940aa) Made hyphen escaping clearer in FileNameFilter and URLSegmentFilter (Ingo Schommer)
+ * 2012-12-18 [3a555d2](https://github.com/silverstripe/sapphire/commit/3a555d2) Set 'active' correctly for accordion widget (Adam Judd)
+ * 2012-12-19 [775567d](https://github.com/silverstripe/sapphire/commit/775567d) Allow &lt;button type='submit'&gt; for the benifit of IE&lt;=7 (Simon Elvery)
+ * 2012-12-18 [07fb756](https://github.com/silverstripe/sapphire/commit/07fb756) Fix edge case in which uninitialized buttons are being destroyed. (unclecheese)
+ * 2012-12-18 [9b3aebd](https://github.com/silverstripe/sapphire/commit/9b3aebd) Allow HTML in FormField-&gt;setDescription() (Ingo Schommer)
+ * 2012-12-18 [e53257b](https://github.com/silverstripe/silverstripe-cms/commit/e53257b) Relaxing composer dependencies (Ingo Schommer)
+ * 2012-12-18 [f72a024](https://github.com/silverstripe/sapphire/commit/f72a024) Updated changelog notes (Ingo Schommer)
+ * 2012-12-18 [618a3d0](https://github.com/silverstripe/sapphire/commit/618a3d0) Requirements acces to files with query strings (fixes #7735) (Ingo Schommer)
+ * 2012-12-17 [6cb7710](https://github.com/silverstripe/silverstripe-cms/commit/6cb7710) Remove "changed" style from buttons if fields are reset (Ingo Schommer)
+ * 2012-12-17 [894d487](https://github.com/silverstripe/silverstripe-cms/commit/894d487) String casting in SimpleXML tests for older phpunit versions (Ingo Schommer)
+ * 2012-12-17 [8f239d6](https://github.com/silverstripe/sapphire/commit/8f239d6) SimpleXML string casting in tests for older PHPUnit (Ingo Schommer)
+ * 2012-12-17 [9ffd252](https://github.com/silverstripe/sapphire/commit/9ffd252) Don't complain about pre-replaced YAML fixture relations (Ingo Schommer)
+ * 2012-12-17 [dc43a6b](https://github.com/silverstripe/sapphire/commit/dc43a6b) Wider sidebar to accommodate "add" and "edit" buttons (Ingo Schommer)
+ * 2012-12-17 [0dd6ded](https://github.com/silverstripe/silverstripe-cms/commit/0dd6ded) Moving "edit tree" button next to "add new" (fixes #8119) (Ingo Schommer)
+ * 2012-12-17 [432ff75](https://github.com/silverstripe/sapphire/commit/432ff75) Wider side panel to fit "add" and "edit" button (Ingo Schommer)
+ * 2012-12-17 [77212c0](https://github.com/silverstripe/sapphire/commit/77212c0) CMS Titles does not support UTF-8 (uniun)
+ * 2012-12-14 [4b182d3](https://github.com/silverstripe/sapphire/commit/4b182d3) Update documentation of nginx configuration (Fred Condo)
+ * 2012-12-14 [78d21b5](https://github.com/silverstripe/sapphire/commit/78d21b5) Update documentation of nginx configuration (Fred Condo)
+ * 2012-12-14 [bdc1719](https://github.com/silverstripe/sapphire/commit/bdc1719) tinymce language portuguese is not working (João Martins)
+ * 2012-12-14 [c23df51](https://github.com/silverstripe/sapphire/commit/c23df51) Improve class naming and docs for DataList::applyFilterContext() (Sean Harvey)
+ * 2012-12-13 [51c6a87](https://github.com/silverstripe/sapphire/commit/51c6a87) Fix for ie8 styles for preview switch and modes (Paul Clarke)
+ * 2012-12-12 [af6ecce](https://github.com/silverstripe/sapphire/commit/af6ecce) Fixing typo in Requirements allowing access to files requested with query strings (Matt Lewis)
+ * 2012-12-04 [4c525fe](https://github.com/silverstripe/silverstripe-cms/commit/4c525fe) Fixed composer.json dependencies (Ingo Schommer)
+ * 2012-12-04 [3fad49e](https://github.com/silverstripe/sapphire/commit/3fad49e) 2.4.9 changelog (Ingo Schommer)
+ * 2012-12-04 [3be9499](https://github.com/silverstripe/sapphire/commit/3be9499) Fixed HTML syntax in config-form.html (Ingo Schommer)
+ * 2012-12-04 [d1e65b5](https://github.com/silverstripe/sapphire/commit/d1e65b5) Support for composer-created themes dir structure (Ingo Schommer)
+ * 2012-12-04 [f86bd97](https://github.com/silverstripe/sapphire/commit/f86bd97) Fixed DateTest timezone settings (Ingo Schommer)
+ * 2012-12-04 [75e58c9](https://github.com/silverstripe/silverstripe-cms/commit/75e58c9) More graceful handling of missing GET data in ModelAdmin (Ingo Schommer)
+ * 2012-12-04 [449cce9](https://github.com/silverstripe/sapphire/commit/449cce9) Fixing .htaccess to ignore rewriting PHP files directly (Sean Harvey)
+ * 2012-11-28 [326036a](https://github.com/silverstripe/sapphire/commit/326036a) Excluded or removed tests relying on actual webserver routing (Ingo Schommer)
+ * 2012-11-21 [6eb597a](https://github.com/silverstripe/silverstripe-cms/commit/6eb597a) Fixed travis.yml paths (Ingo Schommer)
+ * 2012-11-09 [7db928b](https://github.com/silverstripe/sapphire/commit/7db928b) Added cms to travis requirements (Ingo Schommer)
+ * 2012-11-09 [3f24b0f](https://github.com/silverstripe/silverstripe-cms/commit/3f24b0f) Added README with build status (Ingo Schommer)
+ * 2012-11-09 [0a63f44](https://github.com/silverstripe/sapphire/commit/0a63f44) Added README with build status (Ingo Schommer)
+ * 2012-11-09 [65793e2](https://github.com/silverstripe/silverstripe-cms/commit/65793e2) Added travis support (Ingo Schommer)
+ * 2012-11-09 [21791e4](https://github.com/silverstripe/sapphire/commit/21791e4) Added travis support (Ingo Schommer)
+ * 2012-11-01 [59680b5](https://github.com/silverstripe/sapphire/commit/59680b5) Added composer.json (Ingo Schommer)
+ * 2012-11-01 [7abb6ec](https://github.com/silverstripe/silverstripe-cms/commit/7abb6ec) Added composer.json (Ingo Schommer)
+ * 2012-11-01 [fd80c4f](https://github.com/silverstripe/sapphire/commit/fd80c4f) Issue #7818: Making sure UploadField can find the form/SecurityID on direct page load/refresh (Nathan Cox)
+ * 2011-08-30 [b43bf68](https://github.com/silverstripe/sapphire/commit/b43bf68) Minor fixes to FunctionalTest (Sam Minnee)
+ * 2011-08-18 [b6fd276](https://github.com/silverstripe/sapphire/commit/b6fd276) Don't throw redirection warning if redirection to the same place. (Sam Minnee)
+ * 2011-04-01 [f72c77e](https://github.com/silverstripe/sapphire/commit/f72c77e) Fixed a glitch that causes warnings in cli-script execution. (Sam Minnee)

From 88867cdd2335ec88bea42a0601e052a45e67fa7c Mon Sep 17 00:00:00 2001
From: Ingo Schommer <ingo@silverstripe.com>
Date: Mon, 18 Feb 2013 14:01:15 +0100
Subject: [PATCH 02/16] API Deprecated ScheduledTask and subclasses

Base CliController or BuildTask instead, with custom cron job intervals.
---
 docs/en/changelogs/3.1.0.md |  5 ++++-
 tasks/DailyTask.php         |  2 ++
 tasks/HourlyTask.php        |  2 ++
 tasks/MonthlyTask.php       |  2 ++
 tasks/QuarterHourlyTask.php |  2 ++
 tasks/ScheduledTask.php     | 13 +++++++++++++
 tasks/WeeklyTask.php        |  2 ++
 tasks/YearlyTask.php        |  2 ++
 8 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/docs/en/changelogs/3.1.0.md b/docs/en/changelogs/3.1.0.md
index dcc3c3240..ae59a70f0 100644
--- a/docs/en/changelogs/3.1.0.md
+++ b/docs/en/changelogs/3.1.0.md
@@ -218,4 +218,7 @@ through the CMS controllers, providing a simple level of security.
    - `DataList#find`
    - `DataList#byIDs`
    - `DataList#reverse`
- * `DataList#dataQuery` has been changed to return a clone of the query, and so can't be used to modify the list's query directly. Use `DataList#alterDataQuery` instead to modify dataQuery in a safe manner.
\ No newline at end of file
+ * `DataList#dataQuery` has been changed to return a clone of the query, and so can't be used to modify the list's query directly. Use `DataList#alterDataQuery` instead to modify dataQuery in a safe manner.
+ * `ScheduledTask`, `QuarterHourlyTask`, `HourlyTask`, `DailyTask`, `MonthlyTask`, `WeeklyTask` and
+	 `YearlyTask` are deprecated, please extend from `BuildTask` or `CliController`,
+	 and invoke them in self-defined frequencies through Unix cronjobs etc.
\ No newline at end of file
diff --git a/tasks/DailyTask.php b/tasks/DailyTask.php
index 393aadbe5..a4a966544 100644
--- a/tasks/DailyTask.php
+++ b/tasks/DailyTask.php
@@ -5,6 +5,8 @@
  * Please note: Subclasses of this task aren't extecuted automatically,
  * they need to be triggered by an external automation tool like unix cron.
  * See {@link ScheduledTask} for details.
+ *
+ * @deprecated 3.1
  * 
  * @todo Improve documentation
  * @package framework
diff --git a/tasks/HourlyTask.php b/tasks/HourlyTask.php
index ed3c23910..19babb50f 100644
--- a/tasks/HourlyTask.php
+++ b/tasks/HourlyTask.php
@@ -5,6 +5,8 @@
  * Please note: Subclasses of this task aren't extecuted automatically,
  * they need to be triggered by an external automation tool like unix cron.
  * See {@link ScheduledTask} for details.
+ *
+ * @deprecated 3.1
  * 
  * @package framework
  * @subpackage cron
diff --git a/tasks/MonthlyTask.php b/tasks/MonthlyTask.php
index d319e776b..f47384aea 100644
--- a/tasks/MonthlyTask.php
+++ b/tasks/MonthlyTask.php
@@ -5,6 +5,8 @@
  * Please note: Subclasses of this task aren't extecuted automatically,
  * they need to be triggered by an external automation tool like unix cron.
  * See {@link ScheduledTask} for details.
+ *
+ * @deprecated 3.1
  * 
  * @package framework
  * @subpackage cron
diff --git a/tasks/QuarterHourlyTask.php b/tasks/QuarterHourlyTask.php
index 543898978..25fc08567 100644
--- a/tasks/QuarterHourlyTask.php
+++ b/tasks/QuarterHourlyTask.php
@@ -5,6 +5,8 @@
  * Please note: Subclasses of this task aren't extecuted automatically,
  * they need to be triggered by an external automation tool like unix cron.
  * See {@link ScheduledTask} for details.
+ *
+ * @deprecated 3.1
  * 
  * @package framework
  * @subpackage cron
diff --git a/tasks/ScheduledTask.php b/tasks/ScheduledTask.php
index f4f1af8b1..799494c5a 100644
--- a/tasks/ScheduledTask.php
+++ b/tasks/ScheduledTask.php
@@ -50,6 +50,8 @@
  * # WeelkyTask (every Monday at 6:25am)
  * 25 6 1 * *  www-data /webroot/framework/cli-script.php /WeeklyTask > /var/log/weeklytask.log
  * </code>
+ *
+ * @deprecated 3.1
  * 
  * @todo Improve documentation
  * @package framework
@@ -57,4 +59,15 @@
  */
 abstract class ScheduledTask extends CliController {
 	// this class exists as a logical extension
+
+	public function init() {
+		Deprecation::notice(
+			'3.1', 
+			'ScheduledTask, QuarterHourlyTask, HourlyTask, DailyTask, MonthlyTask, WeeklyTask and ' .
+			'YearlyTask are deprecated, please extend from BuildTask or CliController, ' .
+			'and invoke them in self-defined frequencies through Unix cronjobs etc.'
+		);
+
+		parent::init();
+	}
 }
diff --git a/tasks/WeeklyTask.php b/tasks/WeeklyTask.php
index 2d99d2ac2..08ff4d10a 100644
--- a/tasks/WeeklyTask.php
+++ b/tasks/WeeklyTask.php
@@ -5,6 +5,8 @@
  * Please note: Subclasses of this task aren't extecuted automatically,
  * they need to be triggered by an external automation tool like unix cron.
  * See {@link ScheduledTask} for details.
+ *
+ * @deprecated 3.1
  * 
  * @package framework
  * @subpackage cron
diff --git a/tasks/YearlyTask.php b/tasks/YearlyTask.php
index 392de1a5f..bc62739d2 100644
--- a/tasks/YearlyTask.php
+++ b/tasks/YearlyTask.php
@@ -5,6 +5,8 @@
  * Please note: Subclasses of this task aren't extecuted automatically,
  * they need to be triggered by an external automation tool like unix cron.
  * See {@link ScheduledTask} for details.
+ *
+ * @deprecated 3.1
  * 
  * @package framework
  * @subpackage cron

From 14dcc82e76f37aa733f4f35e16bfcb20fb7cbb68 Mon Sep 17 00:00:00 2001
From: Ingo Schommer <ingo@silverstripe.com>
Date: Mon, 18 Feb 2013 15:30:36 +0100
Subject: [PATCH 03/16] BUG Find Form actions in CompositeFields for access
 checks

This bug was introduced with the new nested CMS actions
around December 2012, but wasn't noticed until now
because checkAccessAction() would wrongly return TRUE
before the dataFieldByName() check was reached.
---
 forms/Form.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/forms/Form.php b/forms/Form.php
index db1a695c3..bbe06d981 100644
--- a/forms/Form.php
+++ b/forms/Form.php
@@ -289,7 +289,7 @@ class Form extends RequestHandler {
 			$this->controller->hasMethod($funcName)
 			&& !$this->controller->checkAccessAction($funcName)
 			// If a button exists, allow it on the controller
-			&& !$this->actions->fieldByName('action_' . $funcName)
+			&& !$this->actions->dataFieldByName('action_' . $funcName)
 		) {
 			return $this->httpError(
 				403, 

From a1114b8fcb36419863bc3577e6c3c90c98aba950 Mon Sep 17 00:00:00 2001
From: Graeme Smith <gs78@me.com>
Date: Mon, 18 Feb 2013 15:01:48 +0000
Subject: [PATCH 04/16] MINOR: Correct exception message in constructor

---
 forms/Form.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/forms/Form.php b/forms/Form.php
index bbe06d981..56e05d86b 100644
--- a/forms/Form.php
+++ b/forms/Form.php
@@ -161,7 +161,7 @@ class Form extends RequestHandler {
 			throw new InvalidArgumentException('$fields must be a valid FieldList instance');
 		}
 		if(!$actions instanceof FieldList) {
-			throw new InvalidArgumentException('$fields must be a valid FieldList instance');
+			throw new InvalidArgumentException('$actions must be a valid FieldList instance');
 		}
 		if($validator && !$validator instanceof Validator) {
 			throw new InvalidArgumentException('$validator must be a Valdidator instance');

From 396af557df200c078d91c4649e465a87ef3413ce Mon Sep 17 00:00:00 2001
From: roed <ruud.arentsen@gmail.com>
Date: Tue, 19 Feb 2013 09:20:29 +0100
Subject: [PATCH 05/16] fixed error property $ of object is not a function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

changed $ to jQuery, because without it the system would generate the following error:

Uncaught TypeError: Property '$' of object [object Window] is not a function 
---
 admin/javascript/LeftAndMain.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/admin/javascript/LeftAndMain.js b/admin/javascript/LeftAndMain.js
index 9c8bc9cb7..4a139c430 100644
--- a/admin/javascript/LeftAndMain.js
+++ b/admin/javascript/LeftAndMain.js
@@ -1051,7 +1051,7 @@ jQuery.noConflict();
 }(jQuery));
 
 var statusMessage = function(text, type) {
-	text = $('<div/>').text(text).html(); // Escape HTML entities in text
+	text = jQuery('<div/>').text(text).html(); // Escape HTML entities in text
 	jQuery.noticeAdd({text: text, type: type});
 };
 

From 5bbf94d2f406333874ee7ae116e4032661674415 Mon Sep 17 00:00:00 2001
From: Hamish Friedlander <hamish@silverstripe.com>
Date: Wed, 20 Feb 2013 10:27:17 +1300
Subject: [PATCH 06/16] FIX HTML5 parser not tracking context correctly

---
 thirdparty/html5lib/HTML5/TreeBuilder.php | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/thirdparty/html5lib/HTML5/TreeBuilder.php b/thirdparty/html5lib/HTML5/TreeBuilder.php
index 2f5244f9f..bee04b4fe 100644
--- a/thirdparty/html5lib/HTML5/TreeBuilder.php
+++ b/thirdparty/html5lib/HTML5/TreeBuilder.php
@@ -36,6 +36,7 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 class HTML5_TreeBuilder {
     public $stack = array();
+    public $context;
     public $content_model;
 
     private $mode;
@@ -3392,7 +3393,7 @@ class HTML5_TreeBuilder {
         }
     }
 
-    private function resetInsertionMode($context = null) {
+    private function resetInsertionMode() {
         /* 1. Let last be false. */
         $last = false;
         $leng = count($this->stack);
@@ -3406,7 +3407,7 @@ class HTML5_TreeBuilder {
              * case) */
             if($this->stack[0]->isSameNode($node)) {
                 $last = true;
-                $node = $context;
+                $node = $this->context;
             }
 
             /* 4. If node is a select element, then switch the insertion mode to
@@ -3642,10 +3643,10 @@ class HTML5_TreeBuilder {
     public function setupContext($context = null) {
         $this->fragment = true;
         if ($context) {
-            $context = $this->dom->createElementNS(self::NS_HTML, $context);
+            $this->context = $this->dom->createElementNS(self::NS_HTML, $context);
             /* 4.1. Set the HTML parser's tokenization  stage's content model
              * flag according to the context element, as follows: */
-            switch ($context->tagName) {
+            switch ($this->context->tagName) {
             case 'title': case 'textarea':
                 $this->content_model = HTML5_Tokenizer::RCDATA;
                 break;
@@ -3670,12 +3671,12 @@ class HTML5_TreeBuilder {
              * contains just the single element root. */
             $this->stack = array($root);
             /* 4.5 Reset the parser's insertion mode appropriately. */
-            $this->resetInsertionMode($context);
+            $this->resetInsertionMode();
             /* 4.6 Set the parser's form element pointer  to the nearest node 
              * to the context element that is a form element (going straight up 
              * the ancestor chain, and including the element itself, if it is a 
              * form element), or, if there is no such form element, to null. */
-            $node = $context;
+            $node = $this->context;
             do {
                 if ($node->tagName === 'form') {
                     $this->form_pointer = $node;

From cbef44b8d633fa6151914258b14cc836a6cd2bff Mon Sep 17 00:00:00 2001
From: Hamish Friedlander <hamish@silverstripe.com>
Date: Wed, 20 Feb 2013 10:35:06 +1300
Subject: [PATCH 07/16] FIX Make ShortcodeParser#parse passthrough not error on
 invalid HTML

---
 parsers/ShortcodeParser.php | 36 ++++++++++++++++++++++++++++++------
 1 file changed, 30 insertions(+), 6 deletions(-)

diff --git a/parsers/ShortcodeParser.php b/parsers/ShortcodeParser.php
index fb28fa7b3..6d7e07bd0 100644
--- a/parsers/ShortcodeParser.php
+++ b/parsers/ShortcodeParser.php
@@ -456,6 +456,31 @@ class ShortcodeParser {
 		$this->removeNode($node);
 	}
 
+	protected function loadHTML($html) {
+		require_once(THIRDPARTY_PATH.'/html5lib/HTML5/Parser.php');
+
+		// Convert any errors to exceptions
+		set_error_handler(
+			function($no, $str){
+				throw new Exception("HTML Parse Error: ".$str);
+			},
+			error_reporting()
+		);
+		
+		// Use HTML5lib to parse the HTML fragment
+		try {
+			$bases = HTML5_Parser::parseFragment(trim($html), 'div');
+		}
+		catch (Exception $e) {
+			$bases = null;
+		}
+		
+		// Disable our error handler (restoring to previous value)
+		restore_error_handler();
+		
+		return $bases;
+	}
+	
 	/**
 	 * Parse a string, and replace any registered shortcodes within it with the result of the mapped callback.
 	 *
@@ -474,9 +499,8 @@ class ShortcodeParser {
 		list($content, $tags) = $this->replaceElementTagsWithMarkers($content);
 
 		// Now parse the result into a DOM
-		require_once(THIRDPARTY_PATH.'/html5lib/HTML5/Parser.php');
-		$bases = HTML5_Parser::parseFragment(trim($content), 'div');
-
+		$bases = $this->loadHTML($content);
+		
 		// If we couldn't parse the HTML, error out
 		if (!$bases || !$bases->length) {
 			if(self::$error_behavior == self::ERROR) {
@@ -488,8 +512,8 @@ class ShortcodeParser {
 		}
 
 		$res = '';
-		$html = $bases->item(0)->parentNode;
-		$doc = $html->ownerDocument;
+		$container = $bases->item(0)->parentNode;
+		$doc = $container->ownerDocument;
 
 		$xp = new DOMXPath($doc);
 
@@ -526,7 +550,7 @@ class ShortcodeParser {
 			$this->replaceMarkerWithContent($shortcode, $tag);
 		}
 		
-		foreach($html->childNodes as $child) $res .= $doc->saveHTML($child);
+		foreach($container->childNodes as $child) $res .= $doc->saveHTML($child);
 
 		return $res;
 	}

From 76fdb2a2d6c2437af8bb3bafeb09a11b9a29d3a4 Mon Sep 17 00:00:00 2001
From: Hamish Friedlander <hamish@silverstripe.com>
Date: Wed, 20 Feb 2013 10:56:52 +1300
Subject: [PATCH 08/16] FIX ShortcodeParser#parse in < PHP 5.3.6 where saveHTML
 doesnt take arg

---
 parsers/ShortcodeParser.php | 27 +++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/parsers/ShortcodeParser.php b/parsers/ShortcodeParser.php
index 6d7e07bd0..c14035839 100644
--- a/parsers/ShortcodeParser.php
+++ b/parsers/ShortcodeParser.php
@@ -481,6 +481,25 @@ class ShortcodeParser {
 		return $bases;
 	}
 	
+	protected function saveHTML($doc) {
+		if (version_compare(PHP_VERSION, '5.3.6', '>=')){
+			$res = '';
+			foreach($doc->firstChild->childNodes as $child) $res .= $doc->saveHTML($child);
+		}
+		else {
+			$res = preg_replace(
+				array(
+					'/^(.*?)<html>/is',
+					'/<\/html>(.*?)$/is',
+				),
+				'',
+				$doc->saveHTML()
+			);
+		}
+
+		return $res;
+	}
+
 	/**
 	 * Parse a string, and replace any registered shortcodes within it with the result of the mapped callback.
 	 *
@@ -511,9 +530,7 @@ class ShortcodeParser {
 			}
 		}
 
-		$res = '';
-		$container = $bases->item(0)->parentNode;
-		$doc = $container->ownerDocument;
+		$doc = $bases->item(0)->ownerDocument;
 
 		$xp = new DOMXPath($doc);
 
@@ -550,9 +567,7 @@ class ShortcodeParser {
 			$this->replaceMarkerWithContent($shortcode, $tag);
 		}
 		
-		foreach($container->childNodes as $child) $res .= $doc->saveHTML($child);
-
-		return $res;
+		return $this->saveHTML($doc);
 	}
 	
 	

From 1ee01c39d43c3933aff8a9e2795a1dcb1b7cc5bb Mon Sep 17 00:00:00 2001
From: Hamish Friedlander <hamish@silverstripe.com>
Date: Fri, 22 Feb 2013 10:30:51 +1300
Subject: [PATCH 09/16] FIX ShortcodeParser producing bad output after escaped
 tag

Also tightens up matching of shortcodes so we dont match on invalid shortcodes
---
 parsers/ShortcodeParser.php           | 89 +++++++++++++++++----------
 tests/parsers/ShortcodeParserTest.php | 37 ++++++++++-
 2 files changed, 91 insertions(+), 35 deletions(-)

diff --git a/parsers/ShortcodeParser.php b/parsers/ShortcodeParser.php
index c14035839..79ea1a52d 100644
--- a/parsers/ShortcodeParser.php
+++ b/parsers/ShortcodeParser.php
@@ -144,15 +144,8 @@ class ShortcodeParser {
 		'figure', 'footer', 'form', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'header', 'hgroup', 'ol', 'output', 'p',
 		'pre', 'section', 'table', 'ul'
 	);
-
-	private static $tagrx = '/
-		<(?<element>(?:"[^"]*"[\'"]*|\'[^\']*\'[\'"]*|[^\'">])+)>    |   # HTML Tag - skip attribute scoped tags
-		\[   (?<escaped>\[.*?\]) \]                                  |   # Escaped block
-		\[   (?<open>\w+) (?<attrs>.*?) (?<selfclosed>\/?) \]        |   # Opening tag
-		\[\/ (?<close>\w+) \]                                            # Closing tag
-/x';
-
-	private static $attrrx = '/
+	
+	private static $attrrx = '
 		([^\s\/\'"=,]+)       # Name  
 		\s* = \s*
 		(?:
@@ -160,8 +153,35 @@ class ShortcodeParser {
 			(?:"([^"]+)")    | # Value surrounded by "
 			(\w+)              # Bare value
 		)
-/x';
+';
+	
+	private static function attrrx() {
+		return '/'.self::$attrrx.'/xS';
+	}
 
+	private static $tagrx = '
+		# HTML Tag
+		<(?<element>(?:"[^"]*"[\'"]*|\'[^\']*\'[\'"]*|[^\'">])+)>
+		 
+		| # Opening tag
+		(?<oesc>\[?) 
+		\[ 
+			(?<open>\w+) 
+			[\s,]*
+			(?<attrs> (?: %s [\s,]*)* ) 
+		\/?\] 
+		(?<cesc1>\]?)
+		 
+		| # Closing tag
+		\[\/ 
+			(?<close>\w+) 
+		\] 
+		(?<cesc2>\]?)  
+';
+
+	private static function tagrx() {
+		return '/'.sprintf(self::$tagrx, self::$attrrx).'/xS';
+	}
 
 	const WARN = 'warn';
 	const STRIP = 'strip';
@@ -181,21 +201,11 @@ class ShortcodeParser {
 	 * @return array - The list of tags found. When using an open/close pair, only one item will be in the array,
 	 * with "content" set to the text between the tags
 	 */
-	protected function extractTags(&$content) {
+	protected function extractTags($content) {
 		$tags = array();
-		$escapes = array();
 
-		if(preg_match_all(self::$tagrx, $content, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
+		if(preg_match_all(self::tagrx(), $content, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
 			foreach($matches as $match) {
-				// Record escaped tags
-				if (!empty($match['escaped'][0])) {
-					$escapes[] = array(
-						's' => $match[0][1],
-						'e' => $match[0][1] + strlen($match[0][0]),
-						'content' => $match['escaped']
-					);
-				}
-				
 				// Ignore any elements
 				if (empty($match['open'][0]) && empty($match['close'][0])) continue;
 				
@@ -203,7 +213,7 @@ class ShortcodeParser {
 				$attrs = array();
 				
 				if (!empty($match['attrs'][0])) {
-					preg_match_all(self::$attrrx, $match['attrs'][0], $attrmatches, PREG_SET_ORDER);
+					preg_match_all(self::attrrx(), $match['attrs'][0], $attrmatches, PREG_SET_ORDER);
 
 					foreach ($attrmatches as $attr) {
 						list($whole, $name, $value) = array_values(array_filter($attr));
@@ -219,14 +229,15 @@ class ShortcodeParser {
 					'open' =>  @$match['open'][0],
 					'close' => @$match['close'][0],
 					'attrs' => $attrs,
-					'content' => ''
+					'content' => '',
+					'escaped' => !empty($match['oesc'][0]) || !empty($match['cesc1'][0]) || !empty($match['cesc2'][0])
 				);
 			}
 		}
 
 		$i = count($tags);
 		while($i--) {
-			if($tags[$i]['close']) {
+			if(!empty($tags[$i]['close'])) {
 				// If the tag just before this one isn't the related opening tag, throw an error
 				$err = null;
 				
@@ -244,21 +255,29 @@ class ShortcodeParser {
 					if(self::$error_behavior == self::ERROR) user_error($err, E_USER_ERRROR);	
 				} 
 				else {
+					if ($tags[$i]['escaped']) {
+						if (!$tags[$i-1]['escaped']) {
+							$tags[$i]['e'] -= 1;
+							$tags[$i]['escaped'] = false;
+						}
+					}
+					else {
+						if ($tags[$i-1]['escaped']) {
+							$tags[$i-1]['s'] += 1;
+							$tags[$i-1]['escaped'] = false;
+						}
+					}
+					
 					// Otherwise, grab content between tags, save in opening tag & delete the closing one
 					$tags[$i-1]['text'] = substr($content, $tags[$i-1]['s'], $tags[$i]['e'] - $tags[$i-1]['s']);
 					$tags[$i-1]['content'] = substr($content, $tags[$i-1]['e'], $tags[$i]['s'] - $tags[$i-1]['e']);
 					$tags[$i-1]['e'] = $tags[$i]['e'];
+					
 					unset($tags[$i]);
 				}
 			}
 		}
 		
-		$i = count($escapes);
-		while($i--) {
-			$escape = $escapes[$i];
-			$content = substr_replace($content, $escape['content'], $escape['s'], $escape['e'] - $escape['s']);
-		}
-
 		return array_values($tags);
 	}
 
@@ -281,7 +300,13 @@ class ShortcodeParser {
 			if ($li === null) $tail = substr($content, $tags[$i]['e']);
 			else $tail = substr($content, $tags[$i]['e'], $li - $tags[$i]['e']);
 
-			$str = $generator($i, $tags[$i]). $tail . $str;
+			if ($tags[$i]['escaped']) {
+				$str = substr($content, $tags[$i]['s']+1, $tags[$i]['e'] - $tags[$i]['s'] - 2) . $tail . $str;
+			}
+			else {
+				$str = $generator($i, $tags[$i]) . $tail . $str;
+			}
+			
 			$li = $tags[$i]['s'];
 		}
 
diff --git a/tests/parsers/ShortcodeParserTest.php b/tests/parsers/ShortcodeParserTest.php
index 1d7a07848..3f571b484 100644
--- a/tests/parsers/ShortcodeParserTest.php
+++ b/tests/parsers/ShortcodeParserTest.php
@@ -100,9 +100,40 @@ class ShortcodeParserTest extends SapphireTest {
 	}
 	
 	public function testShortcodeEscaping() {
-		$this->assertEquals('[test_shortcode]', $this->parser->parse('[[test_shortcode]]'));
-		$this->assertEquals('[test_shortcode]content[/test_shortcode]',
-			$this->parser->parse('[[test_shortcode]content[/test_shortcode]]'));
+		$this->assertEquals(
+			'[test_shortcode]', 
+			$this->parser->parse('[[test_shortcode]]')
+		);
+
+		$this->assertEquals(
+			'[test_shortcode /]',
+			$this->parser->parse('[[test_shortcode /]]')
+		);
+		
+		$this->assertEquals(
+			'[test_shortcode]content[/test_shortcode]',
+			$this->parser->parse('[[test_shortcode]content[/test_shortcode]]'
+		));
+		
+		$this->assertEquals(
+			'[test_shortcode]content',
+			$this->parser->parse('[[test_shortcode]][test_shortcode]content[/test_shortcode]')
+		);
+
+		$this->assertEquals(
+			'[test_shortcode]content[/test_shortcode]content2',
+			$this->parser->parse('[[test_shortcode]content[/test_shortcode]][test_shortcode]content2[/test_shortcode]'
+		));
+		
+		$this->assertEquals(
+			'[[Doesnt strip double [ character if not a shortcode',
+			$this->parser->parse('[[Doesnt strip double [ character if not a [test_shortcode]shortcode[/test_shortcode]'
+		));
+		
+		$this->assertEquals(
+			'[[Doesnt shortcode get confused by double ]] characters',
+			$this->parser->parse('[[Doesnt [test_shortcode]shortcode[/test_shortcode] get confused by double ]] characters'
+		));
 	}
 
 	public function testUnquotedArguments() {

From 7afcd6441808a06635cde8ffec47f55a08373304 Mon Sep 17 00:00:00 2001
From: Hamish Friedlander <hamish@silverstripe.com>
Date: Fri, 22 Feb 2013 11:34:15 +1300
Subject: [PATCH 10/16] FIX Make ShortcodeParser obey error_behavior in
 attribute scope

---
 parsers/ShortcodeParser.php           | 16 +++++++++++++++-
 tests/parsers/ShortcodeParserTest.php | 13 +++++++++++++
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/parsers/ShortcodeParser.php b/parsers/ShortcodeParser.php
index 79ea1a52d..6123f9162 100644
--- a/parsers/ShortcodeParser.php
+++ b/parsers/ShortcodeParser.php
@@ -332,7 +332,21 @@ class ShortcodeParser {
 
 			if($tags) {
 				$node->nodeValue = $this->replaceTagsWithText($node->nodeValue, $tags, function($idx, $tag) use ($parser){
-					return $parser->callShortcode($tag['open'], $tag['attrs'], $tag['content']);
+					$content = $parser->callShortcode($tag['open'], $tag['attrs'], $tag['content']);
+
+					if ($content === false) {
+						if(ShortcodeParser::$error_behavior == ShortcodeParser::ERROR) {
+							user_error('Unknown shortcode tag '.$tag['open'], E_USER_ERRROR);
+						}
+						else if(ShortcodeParser::$error_behavior == ShortcodeParser::STRIP) {
+							return '';
+						}
+						else {
+							return $tag['text'];
+						}
+					}
+
+					return $content;
 				});
 			}
 		}
diff --git a/tests/parsers/ShortcodeParserTest.php b/tests/parsers/ShortcodeParserTest.php
index 3f571b484..d90b870bc 100644
--- a/tests/parsers/ShortcodeParserTest.php
+++ b/tests/parsers/ShortcodeParserTest.php
@@ -19,18 +19,26 @@ class ShortcodeParserTest extends SapphireTest {
 	 */
 	public function testNotRegisteredShortcode() {
 		ShortcodeParser::$error_behavior = ShortcodeParser::STRIP;
+
 		$this->assertEquals(
 			'',
 			$this->parser->parse('[not_shortcode]')
 		);
 
+		$this->assertEquals(
+			'<img class="">',
+			$this->parser->parse('<img class="[not_shortcode]">')
+		);
+
 		ShortcodeParser::$error_behavior = ShortcodeParser::WARN;
+
 		$this->assertEquals(
 			'<strong class="warning">[not_shortcode]</strong>',
 			$this->parser->parse('[not_shortcode]')
 		);
 		
 		ShortcodeParser::$error_behavior = ShortcodeParser::LEAVE;
+
 		$this->assertEquals('[not_shortcode]',
 			$this->parser->parse('[not_shortcode]'));
 		$this->assertEquals('[not_shortcode /]',
@@ -41,6 +49,11 @@ class ShortcodeParserTest extends SapphireTest {
 			$this->parser->parse('[not_shortcode]a[/not_shortcode]'));
 		$this->assertEquals('[/not_shortcode]',
 			$this->parser->parse('[/not_shortcode]'));
+
+		$this->assertEquals(
+			'<img class="[not_shortcode]">',
+			$this->parser->parse('<img class="[not_shortcode]">')
+		);
 	}
 	
 	public function testSimpleTag() {

From de641dd5447635741920a3ef56f4739e472bbc39 Mon Sep 17 00:00:00 2001
From: Jeremy Bridson <jeremy@silverstripe.com>
Date: Fri, 22 Feb 2013 12:58:29 +1300
Subject: [PATCH 11/16] ENHANCEMENT: updated the reference index on
 doc.silverstripe.com 3.0 - There were lots of broken and missing links

---
 docs/en/reference/index.md | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/docs/en/reference/index.md b/docs/en/reference/index.md
index 2975c8ba8..d26f18895 100644
--- a/docs/en/reference/index.md
+++ b/docs/en/reference/index.md
@@ -2,18 +2,18 @@
 
 Reference articles complement our auto-generated [API docs](http://api.silverstripe.org) in providing deeper introduction into a specific API. 
 
-* [Advanced templates](advanced-templates): Advanced SilverStripe template syntax
 * [BBCode](bbcode): Extensible shortcode syntax
-* [Built-in page controls](built-in-page-controls): Explains the template syntax and available variables/placeholders
+* [CMS Architecture](cms-architecture): A quick run down to get you started with creating your own data management interface
 * [ComplexTableField](complextablefield): Manage records and their relations inside the CMS
 * [Database Structure](database-structure): Conventions and best practices for database tables and fields
-* [DataObject](dataobject): Base class for database records
 * [DataExtension](dataextension): A "mixin" system allowing to extend core classes
+* [DataObject](dataobject): Base class for database records
 * [Director](director): Routes URLs and handles HTTP requests
 * [Execution Pipeline](execution-pipeline): Detailed look on the way an HTTP request takes through the system
 * [Form Field Types](form-field-types): Highlevel overview of field classes
+* [GridField](grid-field): The GridField is a flexible form field for creating tables of data.
 * [Image](image): Represents an image object in templates and PHP code
-* [LeftAndMain](leftandmain): Base class for the CMS interface
+* [Injector](injector): The [api:Injector] class is the central manager of inter-class dependencies in the SilverStripe Framework
 * [Member](member): The "user" object forms the base for our security/permission moel
 * [ModelAdmin](modeladmin): Manage arbitrary data in a simple CRUD (create/read/update/delete) interface
 * [Partial Caching](partial-caching): Cache complex parts of templates for better performance
@@ -29,5 +29,8 @@ Reference articles complement our auto-generated [API docs](http://api.silverstr
 * [StaticPublisher](staticpublisher): Export a page tree as static HTML for better performance and portability
 * [TableField](tablefield): Add and edit records with inline edits in this form field
 * [TableListField](tablelistfield): View and delete records in the CMS
+* [Templates Formal Syntax](templates-formal-syntax): Maximum level of detail of how the template engine works
+* [Templates Upgrading Guide](templates-upgrading-guide): Differences between SilverStripe 2 and SilverStripe 3 template language
+* [Templates](templates): Introduction to SilverStripe templates
 * [Typography](typography): CSS file to enable WYSIWYG previews in the CMS
 * [urlvariabletools](urlvariabletools): Debug and maintenance switches
\ No newline at end of file

From bd73142bcf2e8088377e382a02793ebbc05af105 Mon Sep 17 00:00:00 2001
From: Fred Condo <fcondo+github@quinn.com>
Date: Fri, 22 Feb 2013 17:39:01 -0800
Subject: [PATCH 12/16] BUG: Correct semantic error regarding cURL options in
 RestfulService

cURL options are numeric, and array_merge is destructive of numeric
keys. Replace array_merge calls with array union operator, with defaults
on right-hand side so that passed options override defaults.
---
 api/RestfulService.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/RestfulService.php b/api/RestfulService.php
index c789d4c84..f1365c93a 100644
--- a/api/RestfulService.php
+++ b/api/RestfulService.php
@@ -140,7 +140,7 @@ class RestfulService extends ViewableData {
 			$method,
 			$data,
 			array_merge((array)$this->customHeaders, (array)$headers),
-			array_merge(self::$default_curl_options,$curlOptions),
+			$curlOptions + self::$default_curl_options,
 			$this->getBasicAuthString()
 		));
 		
@@ -196,7 +196,7 @@ class RestfulService extends ViewableData {
 		$timeout   = 5;
 		$sapphireInfo = new SapphireInfo(); 
 		$useragent = 'SilverStripe/' . $sapphireInfo->Version();
-		$curlOptions = array_merge(self::$default_curl_options, $curlOptions);
+		$curlOptions = $curlOptions + self::$default_curl_options;
 
 		curl_setopt($ch, CURLOPT_URL, $url);
 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

From d3b3ab806d883fa627264dd1b2daa3321ee27894 Mon Sep 17 00:00:00 2001
From: Fred Condo <fcondo+github@quinn.com>
Date: Fri, 22 Feb 2013 17:41:55 -0800
Subject: [PATCH 13/16] BUG: Fetch curl_error in RestfulService

$curlError was used only once and never defined. Replace $curlError with
a call to curl_error($ch).
---
 api/RestfulService.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/RestfulService.php b/api/RestfulService.php
index c789d4c84..224f6e880 100644
--- a/api/RestfulService.php
+++ b/api/RestfulService.php
@@ -299,7 +299,7 @@ class RestfulService extends ViewableData {
 		//get the status code
 		$statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
 		//normalise the status code
-		if($curlError !== '' || $statusCode == 0) $statusCode = 500;
+		if(curl_error($ch) !== '' || $statusCode == 0) $statusCode = 500;
 		//calculate the length of the header and extract it
 		$headerLength = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
 		$rawHeaders = substr($rawResponse, 0, $headerLength);

From b2dfa7705607e156124c0ab4216d1b1df7e5a6a4 Mon Sep 17 00:00:00 2001
From: Sam Minnee <sam@silverstripe.com>
Date: Mon, 25 Feb 2013 16:27:44 +1300
Subject: [PATCH 14/16] FIX: Ensure that Director::test() doesn't return a
 string

---
 control/Director.php | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/control/Director.php b/control/Director.php
index 42cfadb73..0d3739da1 100644
--- a/control/Director.php
+++ b/control/Director.php
@@ -224,6 +224,17 @@ class Director implements TemplateGlobalProvider {
 		if($headers) foreach($headers as $k => $v) $request->addHeader($k, $v);
 		// TODO: Pass in the DataModel
 		$result = Director::handleRequest($request, $session, DataModel::inst());
+
+		// Ensure that the result is an SS_HTTPResponse object
+		if(is_string($result)) {
+			if(substr($result,0,9) == 'redirect:') {
+				$response = new SS_HTTPResponse();
+				$response->redirect(substr($result, 9));
+				$result = $response;
+			} else {
+				$result = new SS_HTTPResponse($result);
+			}
+		}
 		
 		// Restore the superglobals
 		$_REQUEST = $existingRequestVars; 

From 88b3901a69747df0598fe0e9c06fc6ca5a725fae Mon Sep 17 00:00:00 2001
From: Sam Minnee <sam@silverstripe.com>
Date: Mon, 25 Feb 2013 16:33:55 +1300
Subject: [PATCH 15/16] Check for object type before calling method, prevent
 fatal error in failing test.

---
 tests/control/ControllerTest.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/control/ControllerTest.php b/tests/control/ControllerTest.php
index 8ffb8a082..a84079f2d 100644
--- a/tests/control/ControllerTest.php
+++ b/tests/control/ControllerTest.php
@@ -38,6 +38,7 @@ class ControllerTest extends FunctionalTest {
 	
 	public function testUndefinedActions() {
 		$response = Director::test('ControllerTest_AccessUnsecuredSubController/undefinedaction');
+		$this->assertInstanceOf('SS_HTTPResponse', $response);
 		$this->assertEquals(404, $response->getStatusCode(), 'Undefined actions return a not found response.');
 	}
 	

From efb4760244a3480ce64518ef3e2a4cd8ee73040b Mon Sep 17 00:00:00 2001
From: Sam Minnee <sam@silverstripe.com>
Date: Mon, 25 Feb 2013 16:44:54 +1300
Subject: [PATCH 16/16] Fixed invalid classname in test

---
 tests/control/ControllerTest.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/control/ControllerTest.php b/tests/control/ControllerTest.php
index a84079f2d..fb4572d86 100644
--- a/tests/control/ControllerTest.php
+++ b/tests/control/ControllerTest.php
@@ -37,7 +37,7 @@ class ControllerTest extends FunctionalTest {
 	}
 	
 	public function testUndefinedActions() {
-		$response = Director::test('ControllerTest_AccessUnsecuredSubController/undefinedaction');
+		$response = $this->get('ControllerTest_IndexSecuredController/undefinedaction');
 		$this->assertInstanceOf('SS_HTTPResponse', $response);
 		$this->assertEquals(404, $response->getStatusCode(), 'Undefined actions return a not found response.');
 	}