mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Merge remote-tracking branch 'origin/3.2' into 3.3
This commit is contained in:
commit
5d240feaec
@ -7,7 +7,7 @@ It is also a bit harder to install additional PHP modules required by SilverStri
|
||||
[MAMP](http://www.mamp.info/en/) is a simple way to get a complete webserver
|
||||
environment going on your OSX machine, without removing or altering any system-level configuration.
|
||||
|
||||
Check out the [MAC OSX with Homebrew](other_installation_options/Mac_OSX_Homebrew)
|
||||
Check out the [MAC OSX with Homebrew](/getting_started/installation/other_installation_options/mac_osx_homebrew)
|
||||
for an alternative, more configurable installation process.
|
||||
|
||||
## Requirements
|
||||
@ -46,4 +46,4 @@ Finally, we're ready to install SilverStripe through composer:
|
||||
After finishing, the installation wizard should be available at `http://localhost:8888/silverstripe`.
|
||||
The MAMP default database credentials are user `root` and password `root`.
|
||||
|
||||
We have a separate in-depth tutorial for [Composer Installation and Usage](composer).
|
||||
We have a separate in-depth tutorial for [Composer Installation and Usage](/getting_started/composer).
|
||||
|
@ -6,7 +6,7 @@ OSX comes bundled with PHP, but you're stuck with the version and modules it shi
|
||||
If you run projects on different PHP versions, or care about additional PHP module support
|
||||
and other dependencies such as MariaDB, we recommend an installation through [Homebrew](http://brew.sh/).
|
||||
|
||||
Check out the [MAC OSX with MAMP](../Mac_OSX) for an alternative installation process
|
||||
Check out the [MAC OSX with MAMP](/getting_started/installation/mac_osx) for an alternative installation process
|
||||
which packages up the whole environment into a convenient application.
|
||||
|
||||
## Requirements
|
||||
@ -115,4 +115,4 @@ Finally, we're ready to install SilverStripe through composer:
|
||||
After finishing, the installation wizard should be available at `http://localhost/silverstripe`.
|
||||
The Homebrew MariaDB default database credentials are user `root` and password `root`.
|
||||
|
||||
We have a separate in-depth tutorial for [Composer Installation and Usage](composer).
|
||||
We have a separate in-depth tutorial for [Composer Installation and Usage](/getting_started/composer).
|
||||
|
@ -0,0 +1,221 @@
|
||||
# Install SilverStripe using Vagrant
|
||||
This guide steps through installing a virtual machine on your chosen virtual platform.
|
||||
|
||||
This guide will work for:
|
||||
- Virtualbox
|
||||
- Parallels
|
||||
|
||||
This guide may work for:
|
||||
- VMWare
|
||||
|
||||
Vagrant has all server settings stored in a Vagrantfile which is a text file containing the commands and settings needed to setup a webserver. This is ideal for version control, which helps distribution and sharing between team members.
|
||||
|
||||
## Requirements
|
||||
This can be used with many modern computers, this can be done on Windows, Mac or Linux operating systems. We recommend a relatively strong computer that can handle a virtual machine in the background.
|
||||
- Minimum memory would be 4GB of RAM
|
||||
- Roughly 20GB Harddrive space (depends on which box you choose to use)
|
||||
- Software to install beforehand:
|
||||
- [Vagrant](http://www.vagrantup.com/downloads)
|
||||
- [Virtualbox](https://www.virtualbox.org/wiki/Downloads)
|
||||
- Installing SilverStripe by [Composer](https://getcomposer.org/download/) or download the [ZIP file](https://www.silverstripe.org/download/).
|
||||
|
||||
*Important*: It is strongly advised to have a fast and wired internet connection when running initial the setup, as there is a lot of downloading required.
|
||||
Vagrant downloads and sets up an entire operating system.
|
||||
|
||||
## Setting it up
|
||||
Most of this requires using only the command line and text editor or IDE.
|
||||
|
||||
Create a folder where your vagrant will be in and browse to the folder in the command line:
|
||||
```bash
|
||||
mkdir virtuallythere
|
||||
cd virtuallythere
|
||||
```
|
||||
|
||||
### Creating the Vagrantfile
|
||||
Create/Browse to the folder you’ll be developing in:
|
||||
```bash
|
||||
vagrant init
|
||||
```
|
||||
|
||||
In its current state, you could start the vagrant machine and it will run, but you won't be able to do much with it yet.
|
||||
|
||||
### Setting the box
|
||||
Open the `Vagrantfile` that was created in your vagrant folder with your preferred text editor.
|
||||
|
||||
Look for the line which describes the box you are going to use:
|
||||
```ruby
|
||||
config.vm.box = "base"
|
||||
```
|
||||
|
||||
This defines what pre-built Operating System the vagrant machine will be using. We'll be changing `base` to something closer to what we’d like, perhaps similar to your production server, you can find a range of boxes [listed here](https://atlas.hashicorp.com/search)
|
||||
|
||||
We've chosen to use `RHEL7.0`, but you can easily change it to suit your needs.
|
||||
```ruby
|
||||
config.vm.box = "box-cutter/centos70"
|
||||
```
|
||||
|
||||
*Important*: Because this is redhat, the shell commands used later on will be using `yum install` instead of `apt-get install` for Debian based boxes.
|
||||
|
||||
### The private network and hostname
|
||||
Now we’ll add the vagrant machine to our computer’s private network, this will mean no one outside this computer will be able to access it without some special setup.
|
||||
So this will be your own development environment!
|
||||
|
||||
To do that, look for this line:
|
||||
```ruby
|
||||
# config.vm.network "private_network", ip: "192.168.33.10"
|
||||
```
|
||||
|
||||
First we’ll need to uncomment it, so delete only the `#` at the start of the line, then add a hostname IP address of your choice to use.
|
||||
```ruby
|
||||
config.vm.hostname = "virtuallythere.dev"
|
||||
config.vm.network "privatenetwork", ip: "10.1.2.50"
|
||||
```
|
||||
### Syncing files
|
||||
Next we’ll sync our website folder to the virtual machine, so it has the files needed to run SilverStripe. There are many different ways to do this, depending on your own preferences and possibly different boxes.
|
||||
|
||||
To keep things simple, we’re going to sync our vagrant folder to the virtual machine, so everything in your vagrant folder will be visible to the virtual machine.
|
||||
|
||||
Find this line:
|
||||
```ruby
|
||||
config.vm.synced_folder "../data", "/vagrant_data"
|
||||
```
|
||||
|
||||
Then change to match this:
|
||||
```ruby
|
||||
config.vm.synced_folder ".", "/vagrant"
|
||||
```
|
||||
|
||||
### Setting resources
|
||||
This step is optional, but it is recommended to configure the virtual machine resources allocated to it, so it doesn’t take more resources than it should, something like this should be enough to start with:
|
||||
```ruby
|
||||
config.vm.provider "virtualbox" do |vb|
|
||||
vb.memory = "1024"
|
||||
vb.name = "virtuallythere"
|
||||
end
|
||||
```
|
||||
|
||||
*Important*: This is for Virtualbox again, change “virtualbox” to the virtual platform that you are using, you might need to make sure the setting `vb.memory` is supported by the platform you’re using because it may be different.
|
||||
|
||||
### Script to setup server
|
||||
Now we need to setup our environment using shell scripts, this will install software that you need for your server to be working and usable. You could even customise the setup to be closer like your production server.
|
||||
|
||||
For now find these lines:
|
||||
```ruby
|
||||
# config.vm.provision "shell", inline: <<-SHELL
|
||||
# sudo apt-get update
|
||||
# sudo apt-get install -y apache2
|
||||
# SHELL
|
||||
```
|
||||
And modify it to call a shell script in your vagrant folder:
|
||||
```ruby
|
||||
config.vm.provision "shell", path: "setup.sh"
|
||||
```
|
||||
|
||||
*Important*: We’re using shell script because we’re using a Linux server, please use the scripting language that your server environment supports.
|
||||
|
||||
Now to create the `setup.sh` file. This script will setup `php+modules`, `mariadb/mysql` and `apache`, the ones I had listed is the minimal required to get SilverStripe started and working out of the box.
|
||||
```bash
|
||||
yum update -y --disableplugin=fastestmirror
|
||||
systemctl restart sshd
|
||||
|
||||
yum install -y httpd httpd-devel mod_ssl
|
||||
yum -y install php php-common php-mysql php-pdo php-mcrypt* php-gd php-xml php-mbstring
|
||||
echo "Include /vagrant/apache/*.conf" >> /etc/httpd/conf/httpd.conf
|
||||
echo "date.timezone = Pacific/Auckland" >> /etc/php.ini
|
||||
systemctl start httpd.service
|
||||
systemctl enable httpd.service
|
||||
|
||||
yum install -y mariadb-server mariadb
|
||||
systemctl start mariadb.service
|
||||
systemctl enable mariadb.service
|
||||
```
|
||||
|
||||
*Important*: Again, as noted above, this uses RHEL so `yum install` is used, please remember to change to `apt-get install` or other packaging tool as necessary.
|
||||
|
||||
Save `setup.sh` in the same folder as your Vagrantfile.
|
||||
|
||||
### Setting up Apache
|
||||
If you inspect the script I’ve included above, you’ll notice this line:
|
||||
```bash
|
||||
echo "Include /vagrant/apache/*.conf" >> /etc/httpd/conf/httpd.conf
|
||||
```
|
||||
This will allow us to customise our apache, particularly the VirtualHost part
|
||||
|
||||
Earlier in the post, I had defined a hostname:
|
||||
```ruby
|
||||
config.vm.hostname = "virtuallythere.dev"
|
||||
```
|
||||
We’ll need to create a conf file for this hostname in a apache folder, create the folder first:
|
||||
```bash
|
||||
mkdir apache
|
||||
```
|
||||
|
||||
We'll save a `vagrant.conf` file in the newly created apache folder, and inside we’ll define the VirtualHost:
|
||||
```apache
|
||||
ServerRoot "/etc/httpd"
|
||||
|
||||
<Directory />
|
||||
AllowOverride none
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
DocumentRoot "/vagrant/public"
|
||||
|
||||
<Directory "/vagrant/public">
|
||||
Options Indexes FollowSymLinks
|
||||
AllowOverride All
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
<VirtualHost *:80>
|
||||
ServerName virtuallythere.dev
|
||||
ServerAlias www.virtuallythere.dev
|
||||
DocumentRoot /vagrant/public
|
||||
LogLevel warn
|
||||
ServerSignature Off
|
||||
|
||||
<Directory /vagrant/public>
|
||||
Options +FollowSymLinks
|
||||
Options -ExecCGI -Includes -Indexes
|
||||
AllowOverride all
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
# SilverStripe specific
|
||||
<LocationMatch assets/>
|
||||
php_flag engine off
|
||||
</LocationMatch>
|
||||
</VirtualHost>
|
||||
```
|
||||
|
||||
### Download SilverStripe
|
||||
Last step is to download SilverStripe for the virtual machine to use, if you have an existing SilverStripe installation you could also move everything to this folder instead of downloading a new installation to the public folder.
|
||||
As mentioned above, you could install SilverStripe by [Composer](https://getcomposer.org/download/) or download the [ZIP file](https://www.silverstripe.org/download/).
|
||||
|
||||
### We’re ready for launch
|
||||
That’s all! When that’s done, run:
|
||||
```bash
|
||||
vagrant up
|
||||
```
|
||||
|
||||
|
||||
If you've been following this guide, you can browse to http://virtuallythere.dev/install if you are using a new installation, or go to http://virtuallythere.dev if you are using an existing SilverStripe installation. If you've modified the hostname, follow the new hostname you've chosen.
|
||||
|
||||
### Last step
|
||||
Version control this and share it with your teammates!
|
||||
|
||||
All they need is listed in the Requirements at the top, and the files you’ve just created:
|
||||
- Vagrantfile
|
||||
- setup.sh
|
||||
- apache/virtuallythere.conf
|
||||
- public/ _(with SilverStripe files here)_
|
||||
|
||||
## Advanced tasks
|
||||
Once you get started with Vagrant, it’s very easy to improve and tweak things further if you needed. With version control, if you've made a mistake, you can easily rollback to the last working version.
|
||||
|
||||
Some examples of things you could do:
|
||||
- You could have multiple hostnames for the same virtual machine by using the plugin [vagrant-hostsupdater](https://github.com/cogitatio/vagrant-hostsupdater).
|
||||
- Have [multiple machines](https://docs.vagrantup.com/v2/multi-machine/) running, if you wanted to test communications between two servers
|
||||
- Perhaps you have access to API server code you could host locally for development.
|
||||
- [Vagrant Push](https://docs.vagrantup.com/v2/push/index.html) could be used to deploy to a Testing server.
|
||||
|
@ -51,7 +51,7 @@ IIS 7.x comes with Windows. However, it needs to be installed. Follow these step
|
||||
|
||||
**NOTE**: These instructions are slightly different for Windows Vista and Windows 7. Instead of a Server Manager popup, you'll just get a list of features to enable. Do the same as above except click the **Internet Information Services** checkbox when the Windows Features popup appears and then expand this node and select **CGI** under World Wide Web Services > Application Development Features.
|
||||
|
||||
Once the installation is finished, browse to http://localhost in your browser. If an image pops up, then IIS has been installed correctly.
|
||||
Once the installation is finished, browse to `http://localhost` in your browser. If an image pops up, then IIS has been installed correctly.
|
||||
|
||||
## IIS URL Rewrite Module
|
||||
|
||||
@ -191,7 +191,7 @@ After gettng the code installed, make sure you set the folder permissions proper
|
||||
|
||||
## Start SilverStripe installer
|
||||
|
||||
Open a browser and point it to http://localhost/ss
|
||||
Open a browser and point it to `http://localhost/ss`
|
||||
|
||||
If an installation screen shows up, congratulations! We're very close now.
|
||||
|
||||
@ -260,7 +260,7 @@ To find out who the current user is, try echoing the result of get_current_user(
|
||||
|
||||
**Q: When I try to access my SilverStripe site for the first time, I get a 404 error**
|
||||
|
||||
**A:** Try accessing dev/build?username=admin&password=password at the end of the URL you requested. For example, http://localhost/ss/dev/build?username=admin&password=password. This will ensure the database is built properly
|
||||
**A:** Try accessing dev/build?username=admin&password=password at the end of the URL you requested. For example, `http://localhost/ss/dev/build?username=admin&password=password`. This will ensure the database is built properly
|
||||
|
||||
**Q: How do I make IIS expose errors instead of giving a generic 500 or 404 page?**
|
||||
|
||||
@ -268,7 +268,7 @@ To find out who the current user is, try echoing the result of get_current_user(
|
||||
|
||||
Also, make sure that display_errors, display_startup_errors and html_errors in are set to On in php.ini.
|
||||
|
||||
**Q: I get a 500 server error when trying to access the SilverStripe site. e.g. http://localhost/ss**
|
||||
**Q: I get a 500 server error when trying to access the SilverStripe site. e.g. `http://localhost/ss`**
|
||||
|
||||
**A:** One of the reasons why this could be happening is the web.config file inside the ss directory has XML that is not well formed. Make sure there are NO spaces before the starting <?xml> tag, and make sure that everything is tabbed out correctly.
|
||||
|
||||
|
@ -73,7 +73,7 @@ every page on the site, if that's easier.
|
||||
|
||||
Please make sure all code inside `*.php` files is wrapped in classes. Due to the way `[api:ManifestBuilder]`
|
||||
includes all files with this extension, any **procedural code will be executed on every call**. The most common error here
|
||||
is putting a test.php/phpinfo.php file in the document root. See [datamodel](/developer_guides/data_model_and_orm) and [controllers](/developer_guides/controllers)
|
||||
is putting a test.php/phpinfo.php file in the document root. See [datamodel](/developer_guides/model/data_model_and_orm) and [controllers](/developer_guides/controllers)
|
||||
for ways how to structure your code.
|
||||
|
||||
Also, please check that you have PHP enabled on the webserver, and you're running PHP 5.1 or later.
|
||||
|
@ -7,7 +7,7 @@ Check out our operating system specific guides for [Linux](linux_unix),
|
||||
## Installation Steps
|
||||
|
||||
* Make sure the webserver has MySQL and PHP support (check our [server requirements](../server_requirements)).
|
||||
* Either [download the installer package](http://silverstripe.org/download), or [install through Composer](../composer).
|
||||
* Either [download the installer package](http://silverstripe.org/download), or [install through Composer](/getting_started/composer).
|
||||
* If using with the installer download, extract it into your webroot.
|
||||
* Visit your domain or IP address in your web browser.
|
||||
* You will be presented with an installation wizard asking for database and login credentials.
|
||||
@ -20,5 +20,5 @@ If the above steps don't work for any reason have a read of the [Common Problems
|
||||
<div class="notice" markdown="1">
|
||||
SilverStripe ships with default rewriting rules specific to your web server. Apart from
|
||||
routing requests to the framework, they also prevent access to sensitive files in the webroot,
|
||||
for example YAML configuration files. Please refer to the [security](/topics/security) documentation for details.
|
||||
for example YAML configuration files. Please refer to the [secure coding](/developer_guides/security/secure_coding/#filesystem) documentation for details.
|
||||
</div>
|
||||
|
@ -449,7 +449,7 @@ Use [ANSI SQL](http://en.wikipedia.org/wiki/SQL#Standardization) format where po
|
||||
|
||||
### Secure Development
|
||||
|
||||
See [security](/topics/security) for conventions related to handing security permissions.
|
||||
See [security](/developer_guides/security) for conventions related to handing security permissions.
|
||||
|
||||
## License
|
||||
|
||||
|
@ -51,7 +51,7 @@ When designing your site you should only need to modify the *mysite*, *themes* a
|
||||
|
||||
![](../_images/tutorial1_cms-basic.jpg)
|
||||
|
||||
The CMS is the area in which you can manage your site content. You can access the cms at http://localhost/your_site_name/admin (or http://yourdomain.com/admin if you are using your own domain name). You
|
||||
The CMS is the area in which you can manage your site content. You can access the cms at `http://localhost/your_site_name/admin` (or `http://yourdomain.com/admin` if you are using your own domain name). You
|
||||
will be presented with a login screen. Login using the details you provided at installation. After logging in you
|
||||
should see the CMS interface with a list of the pages currently on your website (the site tree). Here you can add, delete and reorganize pages. If you need to delete, publish, or unpublish a page, first check "multi-selection" at the top. You will then be able to perform actions on any checked files using the "Actions" dropdown. Clicking on a page will open it in the page editing interface pictured below (we've entered some test content).
|
||||
|
||||
@ -85,7 +85,7 @@ The page type specifies the templates used to render the page, the fields that a
|
||||
**SilverStripe's friendly URLs**
|
||||
|
||||
While you are on the draft or live SilverStripe site, you may notice the URLs point to files that don't exist, e.g.
|
||||
http://localhost/contact or http://yourdomainname.com/about-us etc. SilverStripe uses the URL field on the Meta-Data tab of the Edit Page -> Content section to look up the appropriate
|
||||
`http://localhost/contact` or `http://yourdomainname.com/about-us` etc. SilverStripe uses the URL field on the Meta-Data tab of the Edit Page -> Content section to look up the appropriate
|
||||
page in the database.
|
||||
|
||||
Note that if you have sub-pages, changing the Top level URL field for a page will affect the URL for all sub-pages. For example, if we changed the URL field "/about-us/" to "/about-silverstripe/" then the sub-pages URLs would now be "/about-silverstripe/URL-of-subpage/" rather than "/about-us/URL-of-subpage/".
|
||||
@ -151,7 +151,7 @@ or placed between SilverStripe template tags:
|
||||
**Flushing the cache**
|
||||
|
||||
Whenever we edit a template file, we need to append *?flush=1* onto the end of the URL, e.g.
|
||||
http://localhost/your_site_name/?flush=1. SilverStripe stores template files in a cache for quicker load times. Whenever there are
|
||||
`http://localhost/your_site_name/?flush=1`. SilverStripe stores template files in a cache for quicker load times. Whenever there are
|
||||
changes to the template, we must flush the cache in order for the changes to take effect.
|
||||
|
||||
## The Navigation System
|
||||
@ -344,7 +344,7 @@ Create a new file *HomePage.php* in *mysite/code*. Copy the following code into
|
||||
|
||||
|
||||
Every page type also has a database table corresponding to it. Every time we modify the database, we need to rebuild it.
|
||||
We can do this by going to [http://localhost/your_site_name/dev/build](http://localhost/your_site_name/dev/build) (replace *localhost/your_site_name* with your own domain name if applicable).
|
||||
We can do this by going to `http://localhost/your_site_name/dev/build`.
|
||||
|
||||
It may take a moment, so be patient. This adds tables and fields needed by your site, and modifies any structures that have changed. It
|
||||
does this non-destructively - it will never delete your data.
|
||||
|
@ -12,7 +12,7 @@ information.
|
||||
|
||||
All data tables in SilverStripe are defined as subclasses of [api:DataObject]. The [api:DataObject] class represents a
|
||||
single row in a database table, following the ["Active Record"](http://en.wikipedia.org/wiki/Active_record_pattern)
|
||||
design pattern. Database Columns are defined as [Data Types](data_types_and_casting) in the static `$db` variable
|
||||
design pattern. Database Columns are defined as [Data Types](/developer_guides/model/data_types_and_casting) in the static `$db` variable
|
||||
along with any [relationships](relations) defined as `$has_one`, `$has_many`, `$many_many` properties on the class.
|
||||
|
||||
Let's look at a simple example:
|
||||
@ -512,7 +512,7 @@ whenever a new object is created.
|
||||
|
||||
<div class="notice" markdown='1'>
|
||||
Note: Alternatively you can set defaults directly in the database-schema (rather than the object-model). See
|
||||
[Data Types and Casting](data_types_and_casting) for details.
|
||||
[Data Types and Casting](/developer_guides/model/data_types_and_casting) for details.
|
||||
</div>
|
||||
|
||||
## Subclasses
|
||||
@ -579,7 +579,7 @@ To retrieve a news article, SilverStripe joins the [api:SiteTree], [api:Page] an
|
||||
|
||||
## Related Documentation
|
||||
|
||||
* [Data Types and Casting](../data_types_and_casting)
|
||||
* [Data Types and Casting](/developer_guides/model/data_types_and_casting)
|
||||
|
||||
## API Documentation
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
The [api:SS_List] class is designed to return a flat list of records.
|
||||
These lists can get quite long, and hard to present on a single list.
|
||||
[Pagination](/templates/how_tos/pagination) is one way to solve this problem,
|
||||
[Pagination](/developer_guides/templates/how_tos/pagination) is one way to solve this problem,
|
||||
by splitting up the list into multiple pages.
|
||||
|
||||
In this howto, we present an alternative to pagination:
|
||||
@ -144,5 +144,5 @@ The final step is the render this into the template using the [api:GroupedList->
|
||||
|
||||
## Related
|
||||
|
||||
* [Howto: "Pagination"](/templates/how_tos/pagination)
|
||||
|
||||
* [Howto: "Pagination"](/developer_guides/templates/how_tos/pagination)
|
||||
|
||||
|
@ -30,37 +30,37 @@ as close to rendering as possible (e.g. in `[api:FormField]`.
|
||||
|
||||
class MyCustomController extends Controller {
|
||||
|
||||
public function init() {
|
||||
parent::init();
|
||||
public function init() {
|
||||
parent::init();
|
||||
|
||||
Requirements::javascript("cms/javascript/LeftAndMain.js");
|
||||
Requirements::css("cms/css/TreeSelector.css");
|
||||
}
|
||||
}
|
||||
Requirements::javascript("cms/javascript/LeftAndMain.js");
|
||||
Requirements::css("cms/css/TreeSelector.css");
|
||||
}
|
||||
}
|
||||
|
||||
### CSS Files
|
||||
|
||||
:::php
|
||||
Requirements::css($path, $media);
|
||||
Requirements::css($path, $media);
|
||||
|
||||
If you're using the CSS method a second argument can be used. This argument defines the 'media' attribute of the
|
||||
`<link>` element, so you can define 'screen' or 'print' for example.
|
||||
|
||||
:::php
|
||||
Requirements::css("cms/css/TreeSelector.css", "screen,projection");
|
||||
Requirements::css("cms/css/TreeSelector.css", "screen,projection");
|
||||
|
||||
### Javascript Files
|
||||
|
||||
:::php
|
||||
Requirements::javascript($path);
|
||||
Requirements::javascript($path);
|
||||
|
||||
A variant on the inclusion of custom javascript is the inclusion of *templated* javascript. Here, you keep your
|
||||
JavaScript in a separate file and instead load, via search and replace, several PHP-generated variables into that code.
|
||||
|
||||
:::php
|
||||
$vars = array(
|
||||
"EditorCSS" => "cms/css/editor.css",
|
||||
);
|
||||
$vars = array(
|
||||
"EditorCSS" => "cms/css/editor.css",
|
||||
);
|
||||
|
||||
Requirements::javascriptTemplate("cms/javascript/editor.template.js", $vars);
|
||||
|
||||
|
@ -7,7 +7,7 @@ Editing and formatting content is the bread and butter of every content manageme
|
||||
has a tight integration with our preferred editor library, [TinyMCE](http://tinymce.com).
|
||||
|
||||
On top of the base functionality, we use our own insertion dialogs to ensure you can effectively select and upload
|
||||
files. In addition to the markup managed by TinyMCE, we use [shortcodes](../../extending/shortcodes) to store
|
||||
files. In addition to the markup managed by TinyMCE, we use [shortcodes](/developer_guides/extending/shortcodes) to store
|
||||
information about inserted images or media elements.
|
||||
|
||||
The framework comes with a `[api:HTMLEditorField]` form field class which encapsulates most of the required
|
||||
@ -197,7 +197,7 @@ The `[api:HtmlEditorField]` API also handles inserting images and media files in
|
||||
used both for referencing files on the webserver filesystem (through the `[api:File]` and `[api:Image]` APIs), as well
|
||||
as hotlinking files from the web.
|
||||
|
||||
We use [shortcodes](../../configuration/shortcodes) to store information about inserted images or media elements. The
|
||||
We use [shortcodes](/developer_guides/extending/shortcodes) to store information about inserted images or media elements. The
|
||||
[api:ShortcodeParser] API post-processes the HTML content on rendering, and replaces the shortcodes accordingly. It also
|
||||
takes care of care of placing the shortcode replacements relative to its surrounding markup (e.g. left/right alignment).
|
||||
|
||||
|
@ -17,7 +17,7 @@ GridField can only be used with `$list` data sets that are of the type `SS_List`
|
||||
|
||||
<div class="notice" markdown="1">
|
||||
[api:GridField] powers the automated data UI of [api:ModelAdmin]. For more information about `ModelAdmin` see the
|
||||
[Customizing the CMS](../../customizing_the_cms) guide.
|
||||
[Customizing the CMS](/developer_guides/customising_the_admin_interface) guide.
|
||||
</div>
|
||||
|
||||
Each `GridField` is built from a number of components grouped into the [api:GridFieldConfig]. Without any components,
|
||||
|
@ -1,6 +1,6 @@
|
||||
# How to add a custom action to a GridField row
|
||||
|
||||
In a [GridField](../field_types/gridfield) instance each table row can have a
|
||||
In a [GridField](/developer_guides/forms/field_types/gridfield) instance each table row can have a
|
||||
number of actions located the end of the row such as edit or delete actions.
|
||||
Each action is represented as a instance of a specific class
|
||||
(e.g [api:GridFieldEditButton]) which has been added to the `GridFieldConfig`
|
||||
@ -79,7 +79,7 @@ below:
|
||||
|
||||
While we're working on the code, to add this new action to the `GridField`, add
|
||||
a new instance of the class to the [api:GridFieldConfig] object. The `GridField`
|
||||
[Reference](../field_types/gridfield) documentation has more information about
|
||||
[Reference](/developer_guides/forms/field_types/gridfield) documentation has more information about
|
||||
manipulating the `GridFieldConfig` instance if required.
|
||||
|
||||
:::php
|
||||
@ -93,7 +93,7 @@ manipulating the `GridFieldConfig` instance if required.
|
||||
$gridField->getConfig()->addComponent(new GridFieldCustomAction());
|
||||
|
||||
For documentation on adding a Component to a `GridField` created by `ModelAdmin`
|
||||
please view the [ModelAdmin Reference](/reference/modeladmin#gridfield-customization) section `GridField Customization`
|
||||
please view the [GridField Customization](/developer_guides/forms/how_tos/create_a_gridfield_actionprovider) section.
|
||||
|
||||
Now let's go back and dive through the `GridFieldCustomAction` class in more
|
||||
detail.
|
||||
|
@ -116,6 +116,46 @@ limited than using `phpunit` directly, particularly around formatting test outpu
|
||||
sake dev/tests/all SkipTests=MySkippedTest
|
||||
# Skip some tests
|
||||
|
||||
## Making Tests Run Fast
|
||||
A major impedement to testing is that by default tests are extremely slow to run. There are two things that can be done to speed them up:
|
||||
|
||||
### Disable xDebug
|
||||
Unless executing a coverage report there is no need to have xDebug enabled.
|
||||
|
||||
:::bash
|
||||
# Disable xdebug
|
||||
sudo php5dismod xdebug
|
||||
|
||||
# Run tests
|
||||
phpunit framework/tests/
|
||||
|
||||
# Enable xdebug
|
||||
sudo php5enmod xdebug
|
||||
|
||||
### Use SQLite In Memory
|
||||
SQLIte can be configured to fun in memory as opposed to disk and this makes testing an order of magnitude faster. To effect this change add the following to mysite/_config.php - this enables an optional flag to switch between MySQL and SQLite. Note also that the package silverstripe/sqlite3 will need installed, version will vary depending on which version of SilverStripe is being tested.
|
||||
|
||||
:::php
|
||||
if(Director::isDev()) {
|
||||
if(isset($_GET['db']) && ($db = $_GET['db'])) {
|
||||
global $databaseConfig;
|
||||
if($db == 'sqlite3') {
|
||||
$databaseConfig['type'] = 'SQLite3Database';
|
||||
$databaseConfig['path'] = ':memory:';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
To use SQLite append '' db=sqlite3 after the phpunit command.
|
||||
|
||||
:::bash
|
||||
phpunit framework/tests '' db=sqlite3
|
||||
|
||||
### Speed Comparison
|
||||
Testing against a medium sized module with 93 tests:
|
||||
* SQLite - 16.15s
|
||||
* MySQL - 314s
|
||||
This means using SQLite will run tests over 20 times faster.
|
||||
|
||||
## Test Databases and Fixtures
|
||||
|
||||
|
@ -45,8 +45,8 @@ Append the option and corresponding value to your URL in your browser's address
|
||||
|
||||
## Security Redirects
|
||||
|
||||
You can set an URL to redirect back to after a [Security](/topics/security) action. See the section on [URL
|
||||
Redirections](security#redirect_back_to_another_page_after_login) for more information and examples.
|
||||
You can set an URL to redirect back to after a [Security](/developer_guides/security) action. See the section on [URL
|
||||
Redirections](/developer_guides/controllers/redirection) for more information and examples.
|
||||
|
||||
| URL Variable | | Values | | Description |
|
||||
| ------------ | | ------ | | ----------- |
|
||||
|
@ -17,7 +17,7 @@ Flushing the various manifests is performed through a GET
|
||||
parameter (`flush=1`). Since this action requires more server resources than normal requests,
|
||||
executing the action is limited to the following cases when performed via a web request:
|
||||
|
||||
* The [environment](../getting_started/environment_management) is in "dev mode"
|
||||
* The [environment](/getting_started/environment_management) is in "dev mode"
|
||||
* A user is logged in with ADMIN permissions
|
||||
* An error occurs during startup
|
||||
|
||||
|
@ -6,7 +6,7 @@ site you have to figure this stuff out, and it's not entirely obvious.
|
||||
## Ways to restrict access
|
||||
|
||||
There are a number of ways to restrict access in SilverStripe. In the security tab in the CMS you can create groups
|
||||
that have access to certain parts. The options can be found on the [permissions](/reference/permission) documentation.
|
||||
that have access to certain parts. The options can be found on the [permissions](/developer_guides/security/permissions) documentation.
|
||||
|
||||
Once you have groups, you can set access for each page for a particular group. This can be:
|
||||
* anyone;
|
||||
|
@ -63,7 +63,7 @@ Making this work well is a subtle business and should be discussed with a few de
|
||||
|
||||
* On an individual data record, $page->can("View", $member = null) and be called. If a member isn't passed, the
|
||||
currently logged in member is assumed.
|
||||
* On a request, $request->hasPermission("View", $member = null) can be called. See [datamodel](/topics/datamodel) for
|
||||
* On a request, $request->hasPermission("View", $member = null) can be called. See [datamodel](/developer_guides/model/permissions) for
|
||||
information on request objects.
|
||||
|
||||
## Special cases
|
||||
|
@ -3,7 +3,7 @@
|
||||
## Introduction
|
||||
|
||||
This page details notes on how to ensure that we develop secure SilverStripe applications.
|
||||
See our "[Release Process](/misc/release-process#security-releases) on how to report security issues.
|
||||
See our "[Release Process](/contributing/release_process#security-releases) on how to report security issues.
|
||||
|
||||
## SQL Injection
|
||||
|
||||
@ -186,7 +186,7 @@ XSS attack against an admin to perform any administrative action.
|
||||
If you can't trust your editors, SilverStripe must be configured to filter the content so that any javascript is
|
||||
stripped out
|
||||
|
||||
To enable filtering, set the HtmlEditorField::$sanitise_server_side [configuration](/topics/configuration) property to
|
||||
To enable filtering, set the HtmlEditorField::$sanitise_server_side [configuration](/developer_guides/configuration/configuration) property to
|
||||
true, e.g.
|
||||
|
||||
HtmlEditorField::config()->sanitise_server_side = true
|
||||
@ -209,12 +209,12 @@ The `SiteTree.ExtraMeta` property uses this to limit allowed input.
|
||||
It is not currently possible to allow editors to provide javascript content and yet still protect other users
|
||||
from any malicious code within that javascript.
|
||||
|
||||
We recommend configuring [shortcodes](/reference/shortcodes) that can be used by editors in place of using javascript directly.
|
||||
We recommend configuring [shortcodes](/developer_guides/extending/shortcodes) that can be used by editors in place of using javascript directly.
|
||||
|
||||
### Escaping model properties
|
||||
|
||||
`[api:SSViewer]` (the SilverStripe template engine) automatically takes care of escaping HTML tags from specific
|
||||
object-properties by [casting](/topics/datamodel#casting) its string value into a `[api:DBField]` object.
|
||||
object-properties by [casting](/developer_guides/model/data_types_and_casting) its string value into a `[api:DBField]` object.
|
||||
|
||||
PHP:
|
||||
|
||||
@ -241,7 +241,7 @@ outputting through SSViewer.
|
||||
|
||||
### Overriding default escaping in templates
|
||||
|
||||
You can force escaping on a casted value/object by using an [escape type](/topics/datamodel) method in your template, e.g.
|
||||
You can force escaping on a casted value/object by using an [escape type](/developer_guides/model/data_types_and_casting) method in your template, e.g.
|
||||
"XML" or "ATT".
|
||||
|
||||
Template (see above):
|
||||
@ -323,7 +323,7 @@ Template:
|
||||
|
||||
Whenever you insert a variable into an HTML attribute within a template, use $VarName.ATT, no not $VarName.
|
||||
|
||||
You can also use the built-in casting in PHP by using the *obj()* wrapper, see [datamodel](/topics/datamodel) .
|
||||
You can also use the built-in casting in PHP by using the *obj()* wrapper, see [datamodel](/developer_guides/model/data_types_and_casting).
|
||||
|
||||
### Escaping URLs
|
||||
|
||||
@ -423,7 +423,7 @@ cast types can be found here:
|
||||
* `(object)` - cast to object
|
||||
|
||||
Note that there is also a 'SilverStripe' way of casting fields on a class, this is a different type of casting to the
|
||||
standard PHP way. See [casting](/topics/datamodel#casting).
|
||||
standard PHP way. See [casting](/developer_guides/model/data_types_and_casting).
|
||||
|
||||
|
||||
|
||||
|
@ -11,7 +11,7 @@ The default output of a [api:SearchContext] is either a [api:SQLQuery] object fo
|
||||
[api:DataObject] instance.
|
||||
|
||||
<div class="notice" markdown="1">
|
||||
[api:SearchContext] is mainly used by [ModelAdmin](../customising_the_admin_interface/modeladmin).
|
||||
[api:SearchContext] is mainly used by [ModelAdmin](/developer_guides/customising_the_admin_interface/modeladmin).
|
||||
</div>
|
||||
|
||||
## Usage
|
||||
@ -209,8 +209,8 @@ See `[api:SearchFilter]` API Documentation
|
||||
|
||||
## Related Documentation
|
||||
|
||||
* [ModelAdmin](../customising_the_cms/modeladmin)
|
||||
* [Tutorial: Site Search](/tutorials/site_search)
|
||||
* [ModelAdmin](/developer_guides/customising_the_admin_interface/modeladmin)
|
||||
* [Site Search](/tutorials/site_search)
|
||||
|
||||
## API Documentation
|
||||
|
||||
|
@ -232,7 +232,7 @@ If you want to run the text collector for just one module you can use the 'modul
|
||||
`http://localhost/dev/tasks/i18nTextCollectorTask/?module=cms`
|
||||
|
||||
<div class="hint" markdown='1'>
|
||||
You'll need to install PHPUnit to run the text collector (see [testing-guide](/topics/testing)).
|
||||
You'll need to install PHPUnit to run the text collector (see [testing-guide](/developer_guides/testing)).
|
||||
</div>
|
||||
|
||||
## Module Priority
|
||||
|
@ -13,7 +13,7 @@ feel familiar to you. This is just a quick run down to get you started
|
||||
with some special conventions.
|
||||
|
||||
For a more practical-oriented approach to CMS customizations, refer to the
|
||||
[Howto: Extend the CMS Interface](how_tos/extend_cms_interface) which builds
|
||||
[Howto: Extend the CMS Interface](/developer_guides/customising_the_admin_interface/how_tos/extend_cms_interface) which builds
|
||||
|
||||
|
||||
## Markup and Style Conventions
|
||||
@ -89,7 +89,7 @@ The various panels and UI components within them are loosely coupled to the layo
|
||||
attribute. The layout is triggered on the top element and cascades into children, with a `redraw` method defined on
|
||||
each panel and UI component that needs to update itself as a result of layouting.
|
||||
|
||||
Refer to [Layout reference](cms_layout) for further information.
|
||||
Refer to [Layout reference](/developer_guides/customising_the_admin_interface/cms_layout) for further information.
|
||||
|
||||
## Forms
|
||||
|
||||
@ -148,7 +148,7 @@ correctly configured form.
|
||||
[jQuery.entwine](https://github.com/hafriedlander/jquery.entwine) is a thirdparty library
|
||||
which allows us to attach behaviour to DOM elements in a flexible and structured mannger.
|
||||
It replaces the `behaviour.js` library used in previous versions of the CMS interface.
|
||||
See [JavaScript Development](javascript_development) for more information on how to use it.
|
||||
See [JavaScript Development](/developer_guides/customising_the_admin_interface/javascript_development) for more information on how to use it.
|
||||
In the CMS interface, all entwine rules should be placed in the "ss" entwine namespace.
|
||||
If you want to call methods defined within these rules outside of entwine logic,
|
||||
you have to use this namespace, e.g. `$('.cms-menu').entwine('ss').collapse()`.
|
||||
@ -380,7 +380,7 @@ To avoid repetition, we've written some helpers for various use cases:
|
||||
|
||||
* Load into a PJAX panel: `<a href="..." class="cms-panel-link" data-pjax-target="Content">`
|
||||
* Load URL as an iframe into a popup/dialog: `<a href="..." class="ss-ui-dialog-link">`
|
||||
* GridField click to redirect to external link: `<a href="..." class="cms-panel-link action external-link">
|
||||
* GridField click to redirect to external link: `<a href="..." class="cms-panel-link action external-link">`
|
||||
|
||||
## Buttons
|
||||
|
||||
@ -433,7 +433,7 @@ The CMS tree for viewing hierarchical structures (mostly pages) is powered
|
||||
by the [jstree](http://jstree.com) library. It is configured through
|
||||
`framework/admin/javascript/LeftAndMain.Tree.js`, as well as some
|
||||
HTML5 metadata generated on its container (see the `data-hints` attribute).
|
||||
For more information, see the [Howto: Customize the CMS tree](../how_tos/customize_cms_tree).
|
||||
For more information, see the [Howto: Customise the CMS tree](/developer_guides/customising_the_admin_interface/how_tos/customise_cms_tree).
|
||||
|
||||
Note that a similar tree logic is also used for the
|
||||
form fields to select one or more entries from those hierarchies
|
||||
@ -441,7 +441,7 @@ form fields to select one or more entries from those hierarchies
|
||||
|
||||
## Tabs
|
||||
|
||||
We're using [jQuery UI tabs](http://jqueryui.com/), but in a customized fashion.
|
||||
We're using [jQuery UI tabs](http://jqueryui.com/), but in a customised fashion.
|
||||
HTML with tabs can be created either directly through HTML templates in the CMS,
|
||||
or indirectly through a `[api:TabSet]` form field. Since tabsets are useable
|
||||
outside of the CMS as well, the baseline application of tabs happens via
|
||||
@ -538,8 +538,8 @@ through the `PjaxResponseNegotiator` class (see above).
|
||||
|
||||
## Related
|
||||
|
||||
* [Howto: Extend the CMS Interface](how_tos/extend_cms_interface)
|
||||
* [Howto: Customize the CMS tree](how_tos/customize_cms_tree)
|
||||
* [Howto: Extend the CMS Interface](/developer_guides/customising_the_admin_interface/how_tos/extend_cms_interface)
|
||||
* [Howto: Customise the CMS tree](/developer_guides/customising_the_admin_interface/how_tos/customise_cms_tree)
|
||||
* [ModelAdmin API](api:ModelAdmin)
|
||||
* [Reference: Layout](cms_layout)
|
||||
* [Reference: Layout](/developer_guides/customising_the_admin_interface/cms_layout)
|
||||
* [Rich Text Editing](/developer_guides/forms/field_types/htmleditorfield)
|
||||
|
@ -49,4 +49,4 @@ by setting an additional `RightTitle`.
|
||||
->setRightTitle('<a class="cms-description-trigger">My custom icon</a>');
|
||||
|
||||
Note: For more advanced help text we recommend using
|
||||
[Custom form field templates](../form_templates);
|
||||
[Custom form field templates](/developer_guides/forms/form_templates);
|
||||
|
@ -43,7 +43,7 @@ In order to localize the menu title in different languages, use the
|
||||
the i18n text collection.
|
||||
|
||||
For more information on language and translations, please refer to the
|
||||
[i18n](../../ii8n) docs.
|
||||
[i18n](/developer_guides/i18n) docs.
|
||||
|
||||
## Adding an external link to the menu
|
||||
|
||||
@ -85,7 +85,7 @@ button configuration.
|
||||
|
||||
To have the link appear, make sure you add the extension to the `LeftAndMain`
|
||||
class. For more information about configuring extensions see the
|
||||
[extensions reference](../extending/extensions).
|
||||
[extensions reference](/developer_guides/extending/extensions).
|
||||
|
||||
:::php
|
||||
LeftAndMain::add_extension('CustomLeftAndMain')
|
||||
|
@ -11,7 +11,7 @@ into the main CMS menu. A page can be bookmarked by a CMS author through a
|
||||
simple checkbox.
|
||||
|
||||
For a deeper introduction to the inner workings of the CMS, please refer to our
|
||||
guide on [CMS Architecture](../reference/cms-architecture).
|
||||
guide on [CMS Architecture](/developer_guides/customising_the_admin_interface/cms_architecture).
|
||||
|
||||
## Overload a CMS template ##
|
||||
|
||||
|
@ -63,6 +63,17 @@ including form and page comment information. None of this is vital but `clear_al
|
||||
:::php
|
||||
Session::clear_all();
|
||||
|
||||
## Secure Session Cookie
|
||||
|
||||
In certain circumstances, you may want to use a different `session_name` cookie when using the `https` protocol for security purposes. To do this, you may set the `cookie_secure` parameter to `true` on your `config.yml`
|
||||
|
||||
:::yml
|
||||
Session:
|
||||
cookie_secure: true
|
||||
|
||||
This uses the session_name `SECSESSID` for `https` connections instead of the default `PHPSESSID`. Doing so adds an extra layer of security to your session cookie since you no longer share `http` and `https` sessions.
|
||||
|
||||
|
||||
## API Documentation
|
||||
|
||||
* [api:Session]
|
||||
* [api:Session]
|
||||
|
@ -44,7 +44,7 @@ Never update a website on the live server without trying it on a development cop
|
||||
|
||||
How easy will it be to update my project? It's a fair question, and sometimes a difficult one to answer.
|
||||
|
||||
* "Micro" releases (x.y.z) are explicitly backwards compatible, "minor" and "major" releases can deprecate features and change APIs (see our [/misc/release-process](../contributing/release_process) for details)
|
||||
* "Micro" releases (x.y.z) are explicitly backwards compatible, "minor" and "major" releases can deprecate features and change APIs (see our [release process](/contributing/release_process) for details)
|
||||
* If you've made custom branches of SilverStripe core, or any thirdparty module, it's going to be harder to upgrade.
|
||||
* The more custom features you have, the harder it will be to upgrade. You will have to re-test all of those features, and adapt to API changes in core.
|
||||
* Customizations of a well defined type - such as custom page types or custom blog widgets - are going to be easier to upgrade than customisations that modify deep system internals like rewriting SQL queries.
|
||||
|
@ -7,7 +7,7 @@
|
||||
**Don't use Translatable for multilingual database content. Don't upgrade to 2.3.0 if you're already using
|
||||
Translatable.**
|
||||
|
||||
The [Translatable extension](/topics/translation) is currently marked as
|
||||
The [Translatable extension](/developer_guides/i18n) is currently marked as
|
||||
unstable for the initial 2.3 release. **If your site uses more than one language for page content, don't upgrade to this
|
||||
release.** We're working on bugfixes which will be contained in a minor 2.3.x release soon. Check our [releaseannouncements](http://groups.google.com/group/silverstripe-announce) for updates on Translatable bugfixes.
|
||||
|
||||
@ -33,7 +33,7 @@ calling `dev/build`. See [#2847](http://open.silverstripe.com/ticket/2847)
|
||||
|
||||
### Newsletter moved into new module
|
||||
|
||||
Newsletter functionality has been moved into its own module called **[newsletter](modules/newsletter)**. If you were
|
||||
Newsletter functionality has been moved into its own module called **[newsletter](http://addons.silverstripe.org/add-ons/silverstripe/newsletter)**. If you were
|
||||
previously using this as a feature out of the box with SilverStripe, then you will need to download the userforms module
|
||||
to continue using it.
|
||||
|
||||
@ -51,14 +51,12 @@ The auth_openid module has been removed from default installation. Please insta
|
||||
|
||||
### GenericDataAdmin and RelatedDataEditor moved into new module
|
||||
|
||||
GenericDataAdmin functionality has been moved into its own module called
|
||||
|
||||
**[genericdataadmin](modules/genericdataadmin)**. If you were previously using this as a feature out of the box with
|
||||
GenericDataAdmin functionality has been moved into its own module. If you were previously using this as a feature out of the box with
|
||||
SilverStripe, then you will need to download this module to continue using it.
|
||||
|
||||
### User Defined Form moved into new module
|
||||
|
||||
User Defined Form has been moved into its own module called **[userforms](modules/userforms)**. If you were previously
|
||||
User Defined Form has been moved into its own module called **[userforms](http://addons.silverstripe.org/add-ons/silverstripe/userforms)**. If you were previously
|
||||
using this as a feature out of the box with SilverStripe, then you will need to download the userforms module to
|
||||
continue using it.
|
||||
|
||||
@ -196,8 +194,8 @@ also that the DOCTYPE altering, which was a frequent cause of pain, only execute
|
||||
|
||||
* Removed deprecated File::loadallcontent(), use Upload class
|
||||
* Image->URL returns relative instead of absolute URL. Use Image->AbsoluteURL instead.
|
||||
* Moved DataReport and SQLReport into the ecommerce module. If you're using these classes, please download the
|
||||
[ecommerce module](modules/ecommerce).
|
||||
* Moved DataReport and SQLReport into the ecommerce module. If you're using these classes, please see the
|
||||
[ecommerce modules](http://addons.silverstripe.org/add-ons?search=ecommerce&type=&compatibility%5B%5D=3.1).
|
||||
|
||||
### Default mysite/_config.php
|
||||
|
||||
@ -2131,4 +2129,4 @@ See http://open.silverstripe.com/changeset/69688
|
||||
* ![rev:59897] r52080, r52101, r52102 (merged from branches/roa)
|
||||
* ![rev:59890] r52079 (merged from branches/roa)
|
||||
* ![rev:59876] Merged [rev:46959]: ComplexTableField.ss now includes server-generated values in summary row cells.
|
||||
* ![rev:59875] Merged [rev:46289]: Spaces in SCRIPT_FILENAME are now replaced with underscores.
|
||||
* ![rev:59875] Merged [rev:46289]: Spaces in SCRIPT_FILENAME are now replaced with underscores.
|
||||
|
@ -31,9 +31,9 @@ Here's an example of how the default Blackcandy theme was changed:
|
||||
|
||||
The datamodel for the Translatable extension was changed from multiple language tables to multiple rows for each
|
||||
translated record in the original table. We've also introduced the concept of "Translation groups", which means not
|
||||
every translated record has to exist in a "master language". Please review our updated documentation on how to [enable Translatable](/topics/translation).
|
||||
every translated record has to exist in a "master language". Please review our updated documentation on how to [enable Translatable](/developer_guides/i18n).
|
||||
|
||||
If you are upgrading an existing database with existing translations, you'll need to run our [Migration Script](/topics/translation#migrating_from_2.1_datamodel) before using the
|
||||
If you are upgrading an existing database with existing translations, you'll need migrate these before using the
|
||||
database.
|
||||
|
||||
For in-depth discussion of the schema changes and translation groups, please refer to our developer mailinglist:
|
||||
|
@ -243,7 +243,7 @@ No conversion of existing database schemas or content should be necessary.
|
||||
|
||||
### MySQL 5.0+ or newer required
|
||||
|
||||
See [server-requirements](/installation/server-requirements).
|
||||
See [server-requirements](/getting_started/server_requirements).
|
||||
|
||||
### BASE_PATH constant
|
||||
|
||||
@ -858,4 +858,4 @@ from the EditableFormField table.
|
||||
* [rev:98944] testing framework needs to be reset to a clean state after each test: now also nested urls and redirection state will be reverted
|
||||
* [rev:98897] Fixed strpos() check in BASE_URL check
|
||||
* [rev:98895] Installer now opens if mod_rewrite is disabled. Using index.php instead of rewriting the URL didn't quite work with the new BASE_URL, so we need to take this case into account as well
|
||||
* [rev:98869]
|
||||
* [rev:98869]
|
||||
|
@ -28,7 +28,7 @@ TRUE.
|
||||
|
||||
### Security: Installation in "live mode" by default
|
||||
|
||||
SilverStripe used to allow setting the [environment type](/topics/environment-management) ("dev mode", "test mode" or "live
|
||||
SilverStripe used to allow setting the [environment type](/getting_started/environment_management) ("dev mode", "test mode" or "live
|
||||
mode") from within the installer, through *Director::set_dev_servers()*, *Director::set_test_servers()* and
|
||||
*Director::set_live_servers()*.
|
||||
|
||||
@ -37,7 +37,7 @@ domain information in HTTP requests. This can lead to "live" environments being
|
||||
administrative actions like *dev/build* without access control.
|
||||
Note: The CMS is still secured through login in "dev mode".
|
||||
|
||||
We recommend setting environment types through a [_ss_environment.php](/topics/environment-management) file instead:
|
||||
We recommend setting environment types through a [_ss_environment.php](/getting_started/environment_management) file instead:
|
||||
|
||||
:::php
|
||||
<?php
|
||||
@ -88,7 +88,7 @@ this task:
|
||||
### Date/Time format handling in CMS
|
||||
|
||||
Classes like DateField, TimeField and DatetimeField are now aware of member-specific formats which can be set in
|
||||
*admin/myprofile* (linked on the lower right footer in the CMS interface). See [i18n](/topics/i18n) for more details.
|
||||
*admin/myprofile* (linked on the lower right footer in the CMS interface). See [i18n](/developer_guides/i18n) for more details.
|
||||
|
||||
Example: Setting German date formats in *mysite/_config.php*:
|
||||
|
||||
@ -494,4 +494,4 @@ existing pages when their title is changed.
|
||||
* [rev:104667] Added explicit bash handler to sake
|
||||
* [rev:104442] Multi-use redemption page created
|
||||
|
||||
<code>./sscreatechangelog --version 2.4.1 --branch branches/2.4 --stopbranch tags/2.4.0</code>
|
||||
<code>./sscreatechangelog --version 2.4.1 --branch branches/2.4 --stopbranch tags/2.4.0</code>
|
||||
|
@ -253,7 +253,7 @@ actions accessible through URL routing. Methods that need automatic CSRF
|
||||
protection (most form actions) should NOT be included in $allowed_actions,
|
||||
their protection is handled through request handling in the form class itself.
|
||||
|
||||
See [security](/topics/security#limiting_url-access_to_controller_methods) documentation for more details.
|
||||
See [security](/developer_guides/controllers/access_control/#allowed-actions) documentation for more details.
|
||||
|
||||
#### Impact
|
||||
|
||||
@ -361,4 +361,4 @@ Ingo Schommer
|
||||
### Other
|
||||
|
||||
* [rev:114464] FIX: Revert last commit
|
||||
* [rev:114463] FIX: Revert last commit
|
||||
* [rev:114463] FIX: Revert last commit
|
||||
|
@ -34,7 +34,7 @@ on those fields, this wasn't correctly applied. The following methods are affect
|
||||
|
||||
If you have used any of these transformations with untrusted values
|
||||
(e.g. from a user-submitted form), please consider updating.
|
||||
More info about SilverStripe's casting logic is available in the "[security](../topics/security)" documentation.
|
||||
More info about SilverStripe's casting logic is available in the "[security](/developer_guides/security)" documentation.
|
||||
|
||||
### Security: Cross-site scripting (XSS) related to page titles in the CMS
|
||||
|
||||
@ -52,4 +52,4 @@ as well as the updated page title in the CMS tree after saving.
|
||||
* 2012-01-31 [252e187](https://github.com/silverstripe/sapphire/commit/252e187) SECURITY Escape links for SilverStripeNavigatorItem (Ingo Schommer)
|
||||
* 2012-01-31 [5fe7091](https://github.com/silverstripe/sapphire/commit/5fe7091) SECURITY Sanitize messages passed to generated JS calls in FormResponse::status_message(), e.g. to avoid XSS on 'Successfully published <page title>' messages (Ingo Schommer)
|
||||
* 2011-09-24 [d0af084](https://github.com/silverstripe/sapphire/commit/d0af084) Fixes tag syntax (should end with %>, not >%) (simonwelsh)
|
||||
* 2011-06-09 [aa74811](https://github.com/silverstripe/silverstripe-cms/commit/aa74811) CZ translation for tinymce_ssbuttons plugin (Ladislav Kubes)
|
||||
* 2011-06-09 [aa74811](https://github.com/silverstripe/silverstripe-cms/commit/aa74811) CZ translation for tinymce_ssbuttons plugin (Ladislav Kubes)
|
||||
|
@ -41,7 +41,7 @@ The detailed change logs are broken down by pre-release:
|
||||
### Common Upgrade Tasks
|
||||
|
||||
* Rename foder from `sapphire/`to `framework/`, replace own paths with `FRAMEWORK_DIR` (in PHP) or `$ModulePath(framework)` (in templates). Update paths in `.htaccess` or `web.config` ([more](/changelogs/3.0.0#sapphire-rename))
|
||||
* Replace `<% control %>` in your templates with `<% loop %>` and `<% with %>` ([more](/reference/templates-upgrading-guide#control))
|
||||
* Replace `<% control %>` in your templates with `<% loop %>` and `<% with %>` ([more](/developer_guides/templates))
|
||||
* Replace `DataObjectSet` with `DataList` or `ArrayList` ([more](/changelogs/3.0.0#deprecated-classes))
|
||||
* Rewrite `ComplexTableField` and `DataObjectManager` instances to `GridField` ([more](/changelogs/3.0.0#gridfield-replacement-for-tablelistfield-and-complextablefield-gridfield))
|
||||
* Rewrite `Director::redirect()` and `Director::redirectBack()` calls ([more](/changelogs/3.0.0#director-static-functions-deprecated-e-g-redirect-and-redirectback)
|
||||
@ -61,7 +61,7 @@ which points to the framework directory, and in the templates you can use `$Modu
|
||||
|
||||
### GridField: Replacement for TableListField and ComplexTableField [gridfield]###
|
||||
|
||||
We have a new component for managing lists of objects: The `[GridField](/reference/grid-field)`.
|
||||
We have a new component for managing lists of objects: The `[GridField](/developer_guides/forms/field_types/gridfield)`.
|
||||
It's a substantial rewrite of the features previously captured by `TableListField`,
|
||||
`ComplexTableField`, `HasManyComplexTableField` and `ManyManyComplexTableField`.
|
||||
|
||||
@ -97,7 +97,7 @@ Upgrade example: Relationship editing
|
||||
// after
|
||||
$field = new GridField('MyRelation', null, $myRecord->MyRelation(), GridFieldConfig_RelationEditor::create());
|
||||
|
||||
More information is available in the [GridField documentation](/reference/grid-field).
|
||||
More information is available in the [GridField documentation](/developer_guides/forms/field_types/gridfield).
|
||||
|
||||
### Object static functions replaced with new Config class {#new-config}
|
||||
Static functions for getting a static variable on the `Object` class have been deprecated,
|
||||
@ -215,7 +215,7 @@ for the presence of records, please call the count() method on the `DataList`:
|
||||
if(!DataObject::get('SiteTree', '"ParentID" = 5')->count()) echo "Page 5 has no children";
|
||||
|
||||
Beware that `DataList->remove()` will delete an entry from the database.
|
||||
See the ["datamodel" documentation](../topics/datamodel) for more details.
|
||||
See the ["datamodel" documentation](/developer_guides/model/data_model_and_orm) for more details.
|
||||
|
||||
### New ORM: Changes to manipulation of SQL queries {#new-orm-sql-queries}
|
||||
|
||||
@ -334,8 +334,7 @@ Now in SilverStripe 3.x, nested structures are arrays:
|
||||
### New template engine [templates]###
|
||||
|
||||
The template engine has been completely rewritten, and although it is generally backward compatible, there are new features
|
||||
and some features have been deprecated. See the [template upgrading guide](/reference/templates-upgrading-guide) and the
|
||||
[template reference](/reference/templates) for more information.
|
||||
and some features have been deprecated. See the [template reference](/developer_guides/templates) for more information.
|
||||
|
||||
### Removed view-specific accessors from ViewableData ####
|
||||
|
||||
@ -343,7 +342,7 @@ Several methods in ViewableData that were originally added to expose values to t
|
||||
in order to stop polluting the namespace. These were sometimes called by project-specific PHP code too, and that code
|
||||
will need re-working.
|
||||
|
||||
See the [template upgrading guide](/reference/templates-upgrading-guide) for a list of methods and their replacements.
|
||||
See the [template reference](/developer_guides/templates) for a list of method replacements.
|
||||
|
||||
### New user interface for CMS [ui]###
|
||||
|
||||
@ -354,9 +353,9 @@ the detailed changelog for this release. Many interface components have changed
|
||||
unfortunately there is no clear upgrade path for every interface detail.
|
||||
As a starting point, have a look at the new templates in `cms/templates`
|
||||
and `framework/admin/templates`, as well as the new [jQuery.entwine](https://github.com/hafriedlander/jquery.entwine)
|
||||
based JavaScript logic. Have a look at the new ["Extending the CMS" guide](../howto/extend-cms-interface),
|
||||
["CSS" guide](../topics/css), ["JavaScript" guide](../topics/javascript) and
|
||||
["CMS Architecture" guide](/reference/cms-architecture) to get you started.
|
||||
based JavaScript logic. Have a look at the new ["Extending the CMS" guide](/developer_guides/customising_the_admin_interface/how_tos/extend_cms_interface),
|
||||
["CSS" guide](/developer_guides/customising_the_admin_interface/typography), ["JavaScript" guide](/developer_guides/customising_the_admin_interface/javascript_development) and
|
||||
["CMS Architecture" guide](/developer_guides/customising_the_admin_interface/cms_architecture) to get you started.
|
||||
|
||||
### New tree library [tree]###
|
||||
|
||||
@ -436,9 +435,9 @@ ModelAdmin has been substanially rewritten to natively support the `[api:GridFie
|
||||
for more flexible data presentation (replacing `[api:ComplexTableField]`),
|
||||
and the `[api:DataList]` API for more expressive querying.
|
||||
|
||||
If you have overwritten any methods in the class, customized templates,
|
||||
If you have overwritten any methods in the class, customised templates,
|
||||
or implemented your own `$collection_controller_class`/`$record_controller_class` controllers,
|
||||
please refer to the new [ModelAdmin documentation](/reference/modeladmin)
|
||||
please refer to the new [ModelAdmin documentation](/developer_guides/customising_the_admin_interface/modeladmin)
|
||||
on details for how to achieve the same goals in the new class.
|
||||
|
||||
### Stylesheet preprocessing via SCSS and the "compass" module [scss]###
|
||||
|
@ -30,7 +30,7 @@ state of a database record.
|
||||
|
||||
Fix: Apply 3.0.4 update. In addition, we strongly recommend to define `$allowed_actions`
|
||||
on all controller classes to ensure the intentions are clearly communicated.
|
||||
Read more about `$allowed_actions` in our "[controller](/topics/controller/#access-control)"
|
||||
Read more about `$allowed_actions` in our "[controller](/developer_guides/controllers/access_control)"
|
||||
docs.
|
||||
|
||||
Reporter: Zann St Pierre
|
||||
@ -47,8 +47,8 @@ configuration values added in your own project, or a third party module.
|
||||
|
||||
Resolution: Update your `.htaccess` file (for Apache), or your `web.config` file (for IIS)
|
||||
with the new files from the project root, and reapply any customizations you've made.
|
||||
Follow the [general upgrade instructions](/installation/upgrading).
|
||||
The [nginx installation instructions](/installation/nginx)
|
||||
Follow the [general upgrade instructions](/upgrading).
|
||||
The [nginx installation instructions](/getting_started/installation/how_to/configure_nginx)
|
||||
have also been updated to reflect those changes.
|
||||
|
||||
### Security: Information exposure through web access on composer files
|
||||
@ -64,8 +64,8 @@ versions of SilverStripe.
|
||||
|
||||
Resolution: Update your `.htaccess` file (for Apache), or your `web.config` file (for IIS)
|
||||
with the new files from the project root, and reapply any customizations you've made.
|
||||
Follow the [general upgrade instructions](/installation/upgrading).
|
||||
The [nginx installation instructions](/installation/nginx)
|
||||
Follow the [general upgrade instructions](/upgrading).
|
||||
The [nginx installation instructions](/getting_started/installation/how_to/configure_nginx)
|
||||
have also been updated to reflect those changes.
|
||||
|
||||
|
||||
@ -239,4 +239,4 @@ now deny access to methods defined on the controller, unless this class also has
|
||||
* 2011-04-20 [33a1fc7](https://github.com/silverstripe/sapphire/commit/33a1fc7) Fixed operation of inlined images in Mailer, when no inlined images actually attached. (Carlos Barberis)
|
||||
* 2011-04-18 [f8206d1](https://github.com/silverstripe/sapphire/commit/f8206d1) Prevent notice-level error in Session code when non-array is turned into an array. (Sam Minnee)
|
||||
* 2011-03-15 [6fcbad1](https://github.com/silverstripe/sapphire/commit/6fcbad1) Updated SilverStripe error handler so that log_errors still works. (Sam Minnee)
|
||||
* 2011-03-11 [82988d4](https://github.com/silverstripe/sapphire/commit/82988d4) Better error message when 401 response is corrupted. (Sam Minnee)
|
||||
* 2011-03-11 [82988d4](https://github.com/silverstripe/sapphire/commit/82988d4) Better error message when 401 response is corrupted. (Sam Minnee)
|
||||
|
@ -34,7 +34,7 @@
|
||||
* Optional integration with ImageMagick as a new image manipulation backend
|
||||
* Support for PHP 5.4's built-in webserver
|
||||
* Support for [Composer](http://getcomposer.org) dependency manager (also works with 3.0)
|
||||
* Added support for filtering incoming HTML from TinyMCE (disabled by default, see [security](/topics/security))
|
||||
* Added support for filtering incoming HTML from TinyMCE (disabled by default, see [security](/developer_guides/security))
|
||||
* Behaviour testing support through [Behat](http://behat.org), with CMS test coverage
|
||||
(see the [SilverStripe Behat Extension]() for details)
|
||||
|
||||
@ -48,7 +48,7 @@ it can facilitate [denial-of-service attacks](https://en.wikipedia.org/wiki/Deni
|
||||
|
||||
To prevent this, main.php now checks and only allows the flush parameter in the following cases:
|
||||
|
||||
* The [environment](/topics/environment-management) is in "dev mode"
|
||||
* The [environment](/getting_started/environment_management) is in "dev mode"
|
||||
* A user is logged in with ADMIN permissions
|
||||
* An error occurs during startup
|
||||
|
||||
@ -233,7 +233,7 @@ needs to be explicitly denied through these configuration files (see the [3.0.5
|
||||
for details.
|
||||
</div>
|
||||
|
||||
For more information about how to use the config system, see the ["Configuration" topic](/topic/configuration).
|
||||
For more information about how to use the config system, see the ["Configuration" topic](/developer_guides/configuration).
|
||||
|
||||
### Deny URL access if `Controller::$allowed_actions` is undefined or empty array
|
||||
|
||||
@ -253,7 +253,7 @@ by setting the `RequestHandler.require_allowed_actions` config value to `false`
|
||||
This applies to anything extending `RequestHandler`, so please check your `Form` and `FormField`
|
||||
subclasses as well. Keep in mind, action methods as denoted through `FormAction` names should NOT
|
||||
be mentioned in `$allowed_actions` to avoid CSRF issues.
|
||||
Please review all rules governing allowed actions in the ["controller" topic](/topics/controller).
|
||||
Please review all rules governing allowed actions in the ["controller" topic](/developer_guides/controllers/access_control/#allowed-actions).
|
||||
|
||||
### Removed support for "*" rules in `Controller::$allowed_actions`
|
||||
|
||||
@ -272,7 +272,7 @@ you'll need to specificy each accessible action individually.
|
||||
}
|
||||
|
||||
Please review all rules governing allowed actions in the
|
||||
["controller" topic](/topics/controller).
|
||||
["controller" topic](/developer_guides/controllers/access_control/#allowed-actions).
|
||||
|
||||
### Removed support for overriding rules on parent classes through `Controller::$allowed_actions`
|
||||
|
||||
@ -295,7 +295,7 @@ which now have to be listed in the `$allowed_actions` specifically.
|
||||
It also restricts `Extension` classes applied to controllers, which now
|
||||
can only grant or deny access or methods they define themselves.
|
||||
|
||||
New approach with the [Config API](/topics/configuration)
|
||||
New approach with the [Config API](/developer_guides/configuration/configuration)
|
||||
|
||||
:::php
|
||||
class MySubController extends MyController {
|
||||
@ -309,7 +309,7 @@ New approach with the [Config API](/topics/configuration)
|
||||
}
|
||||
|
||||
Please review all rules governing allowed actions in the
|
||||
["controller" topic](/topics/controller).
|
||||
["controller" topic](/developer_guides/controllers/access_control/#allowed-actions).
|
||||
|
||||
### Grouped CMS Buttons
|
||||
|
||||
@ -377,7 +377,7 @@ Since `GridField` is used in `ModelAdmin`, this change will affect both classes.
|
||||
return Permission::check('CMS_ACCESS_CMSMain', 'any', $member);
|
||||
}
|
||||
|
||||
You can also implement [custom permission codes](/topics/permissions).
|
||||
You can also implement [custom permission codes](/developer_guides/security/permissions).
|
||||
For 3.1.0 stable, we aim to further simplify the permission definitions,
|
||||
in order to reduce the boilerplate code required to get a model editable in the CMS.
|
||||
|
||||
@ -493,7 +493,7 @@ you can enable those warnings and future-proof your code already.
|
||||
Hierarchy.node_threshold_leaf`. Set to `0` to show tree unrestricted.
|
||||
* `Object` now has `beforeExtending` and `afterExtending` to inject behaviour around method extension.
|
||||
`DataObject` also has `beforeUpdateCMSFields` to insert fields between automatic scaffolding and extension
|
||||
by `updateCMSFields`. See the [DataExtension Reference](/reference/dataextension) for more information.
|
||||
by `updateCMSFields`. See the [DataExtension Reference](/developer_guides/model/extending_dataobjects) for more information.
|
||||
* Magic quotes is now deprecated. Will trigger user_error on live sites, as well as an error on new installs
|
||||
* Support for Apache 1.x is removed.
|
||||
* Forms created in the CMS should now be instances of a new `CMSForm` class,
|
||||
|
@ -6,7 +6,7 @@ This release includes several security fixes to prevent HTTP Hostname injection,
|
||||
as well as a fix for flush or isDev querystring parameters
|
||||
to be set via unauthenticated requests.
|
||||
|
||||
Users upgrading from 3.1.12 or below should read the [security documentation](/security/secure_coding)
|
||||
Users upgrading from 3.1.12 or below should read the [security documentation](/developer_guides/security/secure_coding)
|
||||
on securing their site.
|
||||
|
||||
### Security
|
||||
|
@ -14,7 +14,7 @@ will be disabled. If multiple authenticators are used, only supported ones will
|
||||
In order to create a CMS supported version the `Authenticator::supports_cms` and `Authenticator::get_cms_login_form`
|
||||
methods should be overridden. See `[api:MemberAuthenticator]` for an example implementation.
|
||||
|
||||
Check the documentation at the [Authentication](/topics/authentication) topic.
|
||||
Check the documentation at the [Authentication](/developer_guides/security/authentication) topic.
|
||||
|
||||
### Default Admin
|
||||
|
||||
|
@ -597,8 +597,8 @@ After:
|
||||
$things = MyObject::get()->where(array('"MyObject"."Name" = ?' => $name));
|
||||
$list = DataList::create('Banner')->where(array(
|
||||
'"ParentID" IS NOT NULL',
|
||||
'"Title" = ?', $title
|
||||
);
|
||||
'"Title" = ?' => $title,
|
||||
));
|
||||
|
||||
|
||||
#### 3. Interaction with `DataList::sql()`, `DataQuery::sql()`, `SQLQuery::sql()`, or `SQLQuery::getJoins()` methods
|
||||
|
@ -27,14 +27,14 @@ DataList handles filtering in a more fluent way than using raw where calls. The
|
||||
|
||||
When this query is executed it will contain all members with firstname of Sam but not with lastname Magnusson sorted by age ascending
|
||||
|
||||
For more information see documentation at [/topics/datamodel](../../topics/datamodel).
|
||||
For more information see documentation at [datamodel](/developer_guides/model/searchfilters).
|
||||
|
||||
### Grid Field
|
||||
|
||||
GridField has changed since 3.0.0-alpha1 to be more flexible. Any previous implementation are broken
|
||||
and need to be changed according to the new API.
|
||||
|
||||
For implementation details see documentation at [/reference/grid-field](../../reference/grid-field).
|
||||
For implementation details see documentation at [grid-field](/developer_guides/forms/field_types/gridfield).
|
||||
|
||||
## Upgrading ##
|
||||
|
||||
@ -327,4 +327,4 @@ See [3.0.0 upgrading guide](../3.0.0) for further details.
|
||||
* 2011-12-18 [05d19d9](https://github.com/silverstripe/sapphire/commit/05d19d9) Revert "MINOR Use json_decode() instead of the Services_JSON class if the function exists." - it breaks assumptions around Convert::json2array() only converting the *first* level of an object structure into an array, which in turn fails CMSMainTest and LeftAndMainTest (as well as some UI functionality relying on it). In order to introduce this change we have to fix these issues in a backwards compatible manner. (Ingo Schommer)
|
||||
* 2011-12-15 [40f0fde](https://github.com/silverstripe/sapphire/commit/40f0fde) Adding in the 'RS' => "Republic of Serbia", into this list of Counties. Will continue to add more as I come across countries not added. (Colin Burns)
|
||||
* 2011-12-09 [a642a29](https://github.com/silverstripe/sapphire/commit/a642a29) DOC Update the documentation for the datamodel to describe the SS_List sort, filter and exclude methods (Stig Lindqvist)
|
||||
* 2011-11-14 [77f5ea7](https://github.com/silverstripe/sapphire/commit/77f5ea7) Fix for bug when destroying a session with a domain cookie. See http://www.silverstripe.org/general-questions/show/18539 for more details (joaosantos81)
|
||||
* 2011-11-14 [77f5ea7](https://github.com/silverstripe/sapphire/commit/77f5ea7) Fix for bug when destroying a session with a domain cookie. See http://www.silverstripe.org/general-questions/show/18539 for more details (joaosantos81)
|
||||
|
@ -15,7 +15,7 @@ it can facilitate [denial-of-service attacks](https://en.wikipedia.org/wiki/Deni
|
||||
|
||||
To prevent this, main.php now checks and only allows the flush parameter in the following cases:
|
||||
|
||||
* The [environment](/topics/environment-management) is in "dev mode"
|
||||
* The [environment](/getting_started/environment_management) is in "dev mode"
|
||||
* A user is logged in with ADMIN permissions
|
||||
* An error occurs during startup
|
||||
|
||||
|
@ -14,7 +14,7 @@ will be disabled. If multiple authenticators are used, only supported ones will
|
||||
In order to create a CMS supported version the `Authenticator::supports_cms` and `Authenticator::get_cms_login_form`
|
||||
methods should be overridden. See `[api:MemberAuthenticator]` for an example implementation.
|
||||
|
||||
Check the documentation at the [Authentication](/topics/authentication) topic.
|
||||
Check the documentation at the [Authentication](/developer_guides/security/authentication) topic.
|
||||
|
||||
### Default Admin
|
||||
|
||||
|
@ -152,7 +152,7 @@ After you have edited the file, GitHub will offer to create a pull request for y
|
||||
* Check and update documentation on [docs.silverstripe.org](http://docs.silverstripe.org). Check for any references to functionality deprecated or extended through your patch. Documentation changes should be included in the patch.
|
||||
* When introducing something "noteworthy" (new feature, API change), [update the release changelog](/changelogs) for the next release this commit will be included in.
|
||||
* If you get stuck, please post to the [forum](http://silverstripe.org/forum) or for deeper core problems, to the [core mailinglist](https://groups.google.com/forum/#!forum/silverstripe-dev)
|
||||
* When working with the CMS, please read the ["CMS Architecture Guide"](/developer_guides/customising_the_admin_interface/cms_architecture/) first
|
||||
* When working with the CMS, please read the ["CMS Architecture Guide"](/developer_guides/customising_the_admin_interface/cms_architecture) first
|
||||
|
||||
## Commit Messages
|
||||
|
||||
|
@ -35,6 +35,7 @@ As a core contributor it is necessary to have installed the following set of too
|
||||
- `pip install transifex-client`
|
||||
* [AWS CLI tools](https://aws.amazon.com/cli/):
|
||||
- `pip install awscli`
|
||||
* The `tar` and `zip` commands
|
||||
* A good _ss_environment.php setup in your localhost webroot.
|
||||
|
||||
Example `_ss_environment.php`:
|
||||
@ -72,6 +73,7 @@ the [core committers](core_committers), who will assist with setting up your cre
|
||||
* Admin permissions on [transifex](https://www.transifex.com/silverstripe/).
|
||||
* AWS write permissions on the `silverstripe-ssorg-releases` s3 bucket.
|
||||
* Permission on [silverstripe release announcement](https://groups.google.com/forum/#!forum/silverstripe-announce).
|
||||
* Moderator permissions in the #silverstripe [IRC channel]((http://www.silverstripe.org/community/contributing-to-silverstripe/irc-channel/))
|
||||
|
||||
### First time setup: Security releases
|
||||
|
||||
@ -90,7 +92,7 @@ When doing a security release, typically one or more (or sometimes all) of the b
|
||||
steps will need to be performed manually. As such, this guide should not be followed
|
||||
exactly the same for these.
|
||||
|
||||
Standard practice is to produce an RC for any patched modules on the security
|
||||
Standard practice is to produce a pre-release for any patched modules on the security
|
||||
forks for cms and framework (see [silverstripe-security](https://github.com/silverstripe-security)).
|
||||
|
||||
<div class="warning" markdown="1">
|
||||
@ -116,28 +118,50 @@ Producing a security fix follows this general process:
|
||||
* Push the current upstream target branches (e.g. 3.2) to the corresponding security fork
|
||||
to a new branch named for the target release (e.g. 3.2.4). Security fixes should be
|
||||
applied to this branch only. Once a fix (or fixes) have been applied to this branch, then
|
||||
an RC tag can be applied, and a private release can then be developed in order
|
||||
to test this RC.
|
||||
* Once RC testing is completed and the release is ready for stabilisation, then these fixes
|
||||
can then be pushed to the upstream module fork, and the release completed and published
|
||||
as per normal.
|
||||
a tag can be applied, and a private release can then be developed in order
|
||||
to test this release.
|
||||
* Once release testing is completed and the release is ready for stabilisation, then these fixes
|
||||
can then be pushed to the upstream module fork, and the release completed as per normal.
|
||||
Make sure to publish any draft security pages at the same time as the release is published (same day).
|
||||
* After the final release has been published, close related JIRA issues
|
||||
at [open source security jira](https://silverstripe.atlassian.net/secure/RapidBoard.jspa?rapidView=198&view=detail)
|
||||
|
||||
<div class="warning" markdown="1">
|
||||
Note: It's not considered acceptable to disclose any security vulnerability until a fix exists in
|
||||
a public stable, not an RC or dev-branch. Security warnings that do not require a stable release
|
||||
can be published as soon as a workaround or usable resolution exists.
|
||||
</div>
|
||||
|
||||
## Standard release process
|
||||
|
||||
The release process, at a high level, involves creating an RC, publishing it, and
|
||||
reviewing the need for either another RC or a final stable tag within a short period
|
||||
The release process, at a high level, involves creating a release, publishing it, and
|
||||
reviewing the need for either another pre-release or a final stable tag within a short period
|
||||
(normally within 3-5 business days).
|
||||
|
||||
During the RC cycle a temporary RC branch is created, and should only receive
|
||||
absolutely critical fixes during the RC cycle. Any changes to this branch should
|
||||
result in the requirement for a new RC, thus a higher level of scrutiny is typically
|
||||
During the pre-release cycle a temporary branch is created, and should only receive
|
||||
absolutely critical fixes during the cycle. Any changes to this branch should
|
||||
result in the requirement for a new release, thus a higher level of scrutiny is typically
|
||||
placed on any pull request to these branches.
|
||||
|
||||
When creating a new RC or stable, the following process is broken down into two
|
||||
When creating a new pre-release or stable, the following process is broken down into two
|
||||
main sets of commands:
|
||||
|
||||
### Stage 1: Release preparation:
|
||||
|
||||
If you are managing a release, it's best to first make sure that SilverStripe marketing
|
||||
are aware of any impending release. This is so that they can ensure that a relevant blog
|
||||
post will appear on [www.silverstripe.org/blog](http://www.silverstripe.org/blog/), and
|
||||
cross-posted to other relevant channels such as Twitter and Facebook.
|
||||
Sending an email to [marketing@silverstripe.com](mailto:marketing@silverstripe.com)
|
||||
with an overview of the release and a rough release timeline.
|
||||
|
||||
Check all tickets ([framework](https://github.com/silverstripe/silverstripe-framework/milestones),
|
||||
[cms](https://github.com/silverstripe/silverstripe-cms/milestones),
|
||||
[installer](https://github.com/silverstripe/silverstripe-installer/milestones)) assigned to that milestone are
|
||||
either closed or reassigned to another milestone.
|
||||
|
||||
Merge up from other older supported release branches (e.g. merge `3.1`->`3.2`, `3.2`->`3.3`, `3.3`->`3`, `3`->`master`).
|
||||
|
||||
This is the part of the release that prepares and tests everything locally, but
|
||||
doe not make any upstream changes (so it's safe to run without worrying about
|
||||
any mistakes migrating their way into the public sphere).
|
||||
@ -154,7 +178,7 @@ This command has the following parameters:
|
||||
newest 3.2.x version). You can normally leave this out for patch releases,
|
||||
and the code will normally be able to guess the right version, but you may
|
||||
as well declare it every time.
|
||||
* `--branch-auto` Will automatically create a new RC branch (e.g. 3.2.4) if
|
||||
* `--branch-auto` Will automatically create a new temporary release branch (e.g. 3.2.4) if
|
||||
one does not exist.
|
||||
|
||||
This can take between 5-15 minutes, and will invoke the following steps,
|
||||
@ -166,10 +190,10 @@ and needs to be manually advanced):
|
||||
will look at the available versions and branch-aliases of silverstripe/installer
|
||||
to determine the best version to install from. E.g. installing 4.0.0 will
|
||||
know to install dev-master, and installing 3.3.0 will install from 3.x-dev.
|
||||
If installing RC versions for stabilisation, it will use the correct RC
|
||||
branch.
|
||||
If installing pre-release versions for stabilisation, it will use the correct
|
||||
temporary release branch.
|
||||
* `release:branch` If release:create installed from a non-rc branch, it will
|
||||
create the new RC branch (via `--branch-auto`). You can also customise this branch
|
||||
create the new temporary release branch (via `--branch-auto`). You can also customise this branch
|
||||
with `--branch=<branchname>`, but it's best to use the standard.
|
||||
* `release:translate` All upstream transifex strings will be pulled into the
|
||||
local master strings, and then the [api:i18nTextCollector] task will be invoked
|
||||
@ -193,10 +217,23 @@ Once the release task has completed, it may be ideal to manually test the site o
|
||||
by running it locally (e.g. `http://localhost/release-3.3.4`) to do some smoke-testing
|
||||
and make sure that there are no obvious issues missed.
|
||||
|
||||
Since `cow` will only run the unit test suite, you'll need to check
|
||||
the build status of Behat end-to-end tests manually on travis-ci.org
|
||||
for the various modules (e.g. [framework](https://travis-ci.org/silverstripe/silverstripe-framework))
|
||||
and [cms](https://travis-ci.org/silverstripe/silverstripe-cms)).
|
||||
|
||||
It's also ideal to eyeball the git changes generated by the release tool, making sure
|
||||
that no translation strings were unintentionally lost, or that the changelog
|
||||
that no translation strings were unintentionally lost, no malicious changes were
|
||||
introduced in the (community contributed) translations, and that the changelog
|
||||
was generated correctly.
|
||||
|
||||
In particular, double check that all necessary information is included in the release notes,
|
||||
including:
|
||||
|
||||
* Upgrading notes
|
||||
* Security fixes included
|
||||
* Major changes
|
||||
|
||||
Once this has been done, then the release is ready to be published live.
|
||||
|
||||
### Stage 2: Release publication
|
||||
@ -214,7 +251,7 @@ As with the `cow release` command, this step is broken down into the following
|
||||
subtasks which are invoked in sequence:
|
||||
|
||||
* `release:tag` Each module will have the appropriate tag applied (except the theme).
|
||||
* `release:push` The RC branches and all tags are pushed up to origin on github.
|
||||
* `release:push` The temporary release branches and all tags are pushed up to origin on github.
|
||||
* `release:archive` This will generate a new tar.gz and zip archive, each for
|
||||
cms and framework-only installations. These will be copied to the root folder
|
||||
of the release directory, although the actual build will be created in temporary
|
||||
@ -231,11 +268,11 @@ Once all of these commands have completed there are a couple of final tasks left
|
||||
aren't strictly able to be automated:
|
||||
|
||||
* If this is a stable release, it will be necessary to perform a post-release merge
|
||||
on open source. This normally will require you to merge the RC branch into the
|
||||
on open source. This normally will require you to merge the temporary release branch into the
|
||||
source branch (e.g. merge 3.2.4 into 3.2), or sometimes create new branches if
|
||||
releasing a new minor version, and bumping up the branch-alias in composer.json.
|
||||
E.g. branching 3.3 from 3, and aliasing 3 as 3.4.x-dev. You can then delete
|
||||
the temporary RC branches. This will need to be done before updating the
|
||||
the temporary release branches. This will need to be done before updating the
|
||||
release documentation in stage 3.
|
||||
* Merging up the changes in this release to newer branches, following the
|
||||
SemVer pattern (e.g. 3.2.4 > 3.2 > 3.3 > 3 > master). The more often this is
|
||||
@ -251,6 +288,25 @@ aren't strictly able to be automated:
|
||||
* Make sure that the [releases page](https://github.com/silverstripe/silverstripe-installer/releases)
|
||||
on github shows the new tag.
|
||||
|
||||
*Updating non-patch versions*
|
||||
|
||||
If releasing a new major or minor version it may be necessary to update various SilverStripe portals. Normally a new
|
||||
minor version will require a new branch option to be made available on each site menu. These sites include:
|
||||
|
||||
* [docs.silverstripe.org](https://docs.silverstripe.org): Update on [github](https://github.com/silverstripe/doc.silverstripe.org)
|
||||
and deployed internally.
|
||||
* [api.silverstripe.org](https://api.silverstripe.org): Update on [github](https://github.com/silverstripe/api.silverstripe.org)
|
||||
and deployed internally.
|
||||
* [userhelp.silverstripe.org](https://userhelp.silverstripe.org/en/3.2): Update on
|
||||
[github](https://github.com/silverstripe/userhelp.silverstripe.org) and deployed internally.
|
||||
The content for this site is pulled from [silverstripe-userhelp-content](https://github.com/silverstripe/silverstripe-userhelp-content)
|
||||
* [demo.silverstripe.org](http://demo.silverstripe.org/): Update on
|
||||
[github](https://github.com/silverstripe/demo.silverstripe.org/) and deployed internally.
|
||||
|
||||
It's also a good idea to check that `Deprecation::notification_version('4.0.0');` in framework/_config.php points to
|
||||
the right major version. This should match the major version of the current release. E.g. all versions of 4.x
|
||||
should be set to `4.0.0`.
|
||||
|
||||
### Stage 3: Let the world know
|
||||
|
||||
Once a release has been published there are a few places where user documentation
|
||||
@ -258,7 +314,7 @@ will need to be regularly updated.
|
||||
|
||||
* Make sure that the [download page](http://www.silverstripe.org/download) on
|
||||
silverstripe.org has the release available. If it's a stable, it will appear
|
||||
at the top of the page. If an RC pre-release, it will be available under the
|
||||
at the top of the page. If it's a pre-release, it will be available under the
|
||||
[development builds](http://www.silverstripe.org/download#download-releases)
|
||||
section. If it's not available, you might need to check that the release was
|
||||
properly uploaded to aws s3, or that you aren't viewing a cached version of
|
||||
@ -277,7 +333,7 @@ will need to be regularly updated.
|
||||
* Create a release announcement forum sticky on the
|
||||
[releases and announcements](http://www.silverstripe.org/community/forums/releases-and-announcements/)
|
||||
forum category. Make this a global read-only sticky, and un-sticky any older release.
|
||||
* Update the IRC topic to include the new release version.
|
||||
* Update the #silverstripe [IRC](http://www.silverstripe.org/community/contributing-to-silverstripe/irc-channel/) topic to include the new release version.
|
||||
|
||||
### Stage 4: Web platform installer release
|
||||
|
||||
|
@ -272,6 +272,7 @@ class ConfirmedPasswordField extends FormField {
|
||||
} else {
|
||||
if($value || (!$value && $this->canBeEmpty)) {
|
||||
$this->value = $value;
|
||||
$this->confirmValue = $value;
|
||||
}
|
||||
}
|
||||
|
||||
@ -281,7 +282,7 @@ class ConfirmedPasswordField extends FormField {
|
||||
->setValue($this->value);
|
||||
|
||||
$this->children->fieldByName($this->getName() . '[_ConfirmPassword]')
|
||||
->setValue($this->value);
|
||||
->setValue($this->confirmValue);
|
||||
}
|
||||
|
||||
return $this;
|
||||
|
@ -103,6 +103,7 @@ class TreeMultiselectField extends TreeDropdownField {
|
||||
$titleArray = array();
|
||||
$idArray = array();
|
||||
$items = $this->getItems();
|
||||
$emptyTitle = _t('DropdownField.CHOOSE', '(Choose)', 'start value of a dropdown');
|
||||
|
||||
if($items && count($items)) {
|
||||
foreach($items as $item) {
|
||||
@ -115,7 +116,7 @@ class TreeMultiselectField extends TreeDropdownField {
|
||||
$title = implode(", ", $titleArray);
|
||||
$value = implode(",", $idArray);
|
||||
} else {
|
||||
$title = _t('DropdownField.CHOOSE', '(Choose)', 'start value of a dropdown');
|
||||
$title = $emptyTitle;
|
||||
}
|
||||
|
||||
$dataUrlTree = '';
|
||||
@ -129,6 +130,7 @@ class TreeMultiselectField extends TreeDropdownField {
|
||||
$properties,
|
||||
array(
|
||||
'Title' => $title,
|
||||
'EmptyTitle' => $emptyTitle,
|
||||
'Link' => $dataUrlTree,
|
||||
'Value' => $value
|
||||
)
|
||||
|
@ -667,12 +667,13 @@ ss.editorWrappers['default'] = ss.editorWrappers.tinyMCE;
|
||||
|
||||
resetFileField: function() {
|
||||
// If there's an attached item, remove it
|
||||
var fileField = this.find('#file'),
|
||||
var fileField = this.find('.ss-uploadfield[id$="file_Holder"]'),
|
||||
fileUpload = fileField.data('fileupload'),
|
||||
currentItem = fileField.find('.ss-uploadfield-item[data-fileid]');
|
||||
|
||||
if(currentItem.length) {
|
||||
fileUpload._trigger('destroy', null, {content: currentItem});
|
||||
fileUpload._trigger('destroy', null, {context: currentItem});
|
||||
fileField.find('.ss-uploadfield-addfile').removeClass('borderTop');
|
||||
}
|
||||
},
|
||||
|
||||
|
@ -138,7 +138,7 @@
|
||||
this[this.getPanel().is(':visible') ? 'closePanel' : 'openPanel']();
|
||||
},
|
||||
setTitle: function(title) {
|
||||
title = title || this.data('title') || strings.fieldTitle;
|
||||
title = title || this.data('empty-title') || strings.fieldTitle;
|
||||
|
||||
this.find('.treedropdownfield-title').html(title);
|
||||
this.data('title', title); // separate view from storage (important for search cancellation)
|
||||
|
@ -183,7 +183,7 @@ class Group extends DataObject {
|
||||
|
||||
// Add roles (and disable all checkboxes for inherited roles)
|
||||
$allRoles = PermissionRole::get();
|
||||
if(Permission::check('ADMIN')) {
|
||||
if(!Permission::check('ADMIN')) {
|
||||
$allRoles = $allRoles->filter("OnlyAdminCanApply", 0);
|
||||
}
|
||||
if($this->ID) {
|
||||
|
@ -378,7 +378,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
||||
* quirky problems (such as using the Windmill 0.3.6 proxy).
|
||||
*/
|
||||
public static function session_regenerate_id() {
|
||||
if(!self::$session_regenerate_id) return;
|
||||
if(!self::config()->session_regenerate_id) return;
|
||||
|
||||
// This can be called via CLI during testing.
|
||||
if(Director::is_cli()) return;
|
||||
|
@ -163,6 +163,10 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
||||
$memberID = (is_object($member)) ? $member->ID : $member;
|
||||
}
|
||||
|
||||
if (!$memberID) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Turn the code into an array as we may need to add other permsissions to the set we check
|
||||
if(!is_array($code)) $code = array($code);
|
||||
|
||||
|
@ -80,5 +80,25 @@ class ConfirmedPasswordFieldTest extends SapphireTest {
|
||||
"Does not validate when passwords differ"
|
||||
);
|
||||
}
|
||||
|
||||
public function testFormValidation() {
|
||||
$form = new Form(
|
||||
new Controller(),
|
||||
'Form',
|
||||
new FieldList($field = new ConfirmedPasswordField('Password')),
|
||||
new FieldList()
|
||||
);
|
||||
|
||||
$form->loadDataFrom(array(
|
||||
'Password' => array(
|
||||
'_Password' => '123',
|
||||
'_ConfirmPassword' => '999',
|
||||
)
|
||||
));
|
||||
|
||||
$this->assertEquals('123', $field->children->first()->Value());
|
||||
$this->assertEquals('999', $field->children->last()->Value());
|
||||
$this->assertNotEquals($field->children->first()->Value(), $field->children->last()->Value());
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -124,4 +124,14 @@ class PermissionTest extends SapphireTest {
|
||||
Config::inst()->remove('Permission', 'hidden_permissions');
|
||||
$this->assertContains('CMS_ACCESS_LeftAndMain', $permissionCheckboxSet->Field());
|
||||
}
|
||||
|
||||
public function testEmptyMemberFails() {
|
||||
$member = new Member();
|
||||
$this->assertFalse($member->exists());
|
||||
|
||||
$this->logInWithPermission('ADMIN');
|
||||
|
||||
$this->assertFalse(Permission::checkMember($member, 'ADMIN'));
|
||||
$this->assertFalse(Permission::checkMember($member, 'CMS_ACCESS_LeftAndMain'));
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user