From 1ac36611a6cfac8ed08e183068fc89fc5ec34f44 Mon Sep 17 00:00:00 2001 From: Robbie Averill Date: Sun, 2 Dec 2018 23:04:34 +0000 Subject: [PATCH 01/16] Update tests to pass in CWP kitchen sink context --- .../php/Forms/ConfirmedPasswordFieldTest.php | 4 +++- .../php/Security/MemberAuthenticatorTest.php | 5 +++++ .../php/Security/MemberCsvBulkLoaderTest.php | 10 ++++++++++ tests/php/Security/MemberTest.php | 4 +++- tests/php/Security/PasswordValidatorTest.php | 4 ++-- tests/php/Security/SecurityTest.php | 20 +++++++++++++------ 6 files changed, 37 insertions(+), 10 deletions(-) diff --git a/tests/php/Forms/ConfirmedPasswordFieldTest.php b/tests/php/Forms/ConfirmedPasswordFieldTest.php index 0df22d4a8..55389ce1d 100644 --- a/tests/php/Forms/ConfirmedPasswordFieldTest.php +++ b/tests/php/Forms/ConfirmedPasswordFieldTest.php @@ -19,7 +19,9 @@ class ConfirmedPasswordFieldTest extends SapphireTest { parent::setUp(); - PasswordValidator::singleton()->setMinLength(0); + PasswordValidator::singleton() + ->setMinLength(0) + ->setTestNames([]); } public function testSetValue() diff --git a/tests/php/Security/MemberAuthenticatorTest.php b/tests/php/Security/MemberAuthenticatorTest.php index 4314cf558..b8758140c 100644 --- a/tests/php/Security/MemberAuthenticatorTest.php +++ b/tests/php/Security/MemberAuthenticatorTest.php @@ -18,6 +18,7 @@ use SilverStripe\Security\MemberAuthenticator\CMSMemberAuthenticator; use SilverStripe\Security\MemberAuthenticator\CMSMemberLoginForm; use SilverStripe\Security\MemberAuthenticator\MemberAuthenticator; use SilverStripe\Security\MemberAuthenticator\MemberLoginForm; +use SilverStripe\Security\PasswordValidator; use SilverStripe\Security\Security; /** @@ -44,6 +45,10 @@ class MemberAuthenticatorTest extends SapphireTest $this->defaultPassword = null; } DefaultAdminService::setDefaultAdmin('admin', 'password'); + + PasswordValidator::singleton() + ->setMinLength(0) + ->setTestNames([]); } protected function tearDown() diff --git a/tests/php/Security/MemberCsvBulkLoaderTest.php b/tests/php/Security/MemberCsvBulkLoaderTest.php index 03c50c9a3..75f62c732 100644 --- a/tests/php/Security/MemberCsvBulkLoaderTest.php +++ b/tests/php/Security/MemberCsvBulkLoaderTest.php @@ -6,6 +6,7 @@ use SilverStripe\ORM\DataObject; use SilverStripe\Security\Group; use SilverStripe\Security\MemberCsvBulkLoader; use SilverStripe\Security\Member; +use SilverStripe\Security\PasswordValidator; use SilverStripe\Security\Security; use SilverStripe\Dev\SapphireTest; @@ -13,6 +14,15 @@ class MemberCsvBulkLoaderTest extends SapphireTest { protected static $fixture_file = 'MemberCsvBulkLoaderTest.yml'; + protected function setUp() + { + parent::setUp(); + + PasswordValidator::singleton() + ->setMinLength(0) + ->setTestNames([]); + } + public function testNewImport() { $loader = new MemberCsvBulkLoader(); diff --git a/tests/php/Security/MemberTest.php b/tests/php/Security/MemberTest.php index 6817246f8..9cd7e67b1 100644 --- a/tests/php/Security/MemberTest.php +++ b/tests/php/Security/MemberTest.php @@ -57,7 +57,9 @@ class MemberTest extends FunctionalTest Member::config()->set('unique_identifier_field', 'Email'); - PasswordValidator::singleton()->setMinLength(0); + PasswordValidator::singleton() + ->setMinLength(0) + ->setTestNames([]); i18n::set_locale('en_US'); } diff --git a/tests/php/Security/PasswordValidatorTest.php b/tests/php/Security/PasswordValidatorTest.php index 7fa5637ab..071e50760 100644 --- a/tests/php/Security/PasswordValidatorTest.php +++ b/tests/php/Security/PasswordValidatorTest.php @@ -18,10 +18,10 @@ class PasswordValidatorTest extends SapphireTest { parent::setUp(); - // Unset framework default values PasswordValidator::config() ->remove('min_length') - ->remove('historic_count'); + ->remove('historic_count') + ->set('min_test_score', 0); } public function testValidate() diff --git a/tests/php/Security/SecurityTest.php b/tests/php/Security/SecurityTest.php index 9ac158758..b75be724c 100644 --- a/tests/php/Security/SecurityTest.php +++ b/tests/php/Security/SecurityTest.php @@ -21,6 +21,7 @@ use SilverStripe\ORM\ValidationResult; use SilverStripe\Security\LoginAttempt; use SilverStripe\Security\Member; use SilverStripe\Security\MemberAuthenticator\MemberAuthenticator; +use SilverStripe\Security\PasswordValidator; use SilverStripe\Security\Security; use SilverStripe\Security\SecurityToken; @@ -51,6 +52,13 @@ class SecurityTest extends FunctionalTest */ Member::config()->set('unique_identifier_field', 'Email'); + PasswordValidator::config() + ->remove('min_length') + ->remove('historic_count') + ->remove('min_test_score'); + + Member::set_password_validator(null); + parent::setUp(); Director::config()->set('alternate_base_url', '/'); @@ -388,7 +396,7 @@ class SecurityTest extends FunctionalTest // Test external redirection on ChangePasswordForm $this->get('Security/changepassword?BackURL=http://myspoofedhost.com'); - $changedResponse = $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword'); + $changedResponse = $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword#123'); $this->assertNotRegExp( '/^' . preg_quote('http://myspoofedhost.com', '/') . '/', (string)$changedResponse->getHeader('Location'), @@ -435,7 +443,7 @@ class SecurityTest extends FunctionalTest // Make sure it redirects correctly after the password has been changed $this->mainSession->followRedirection(); - $changedResponse = $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword'); + $changedResponse = $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword#123'); $this->assertEquals(302, $changedResponse->getStatusCode()); $this->assertEquals( Controller::join_links(Director::absoluteBaseURL(), 'test/link'), @@ -449,7 +457,7 @@ class SecurityTest extends FunctionalTest // Change the password $this->get('Security/changepassword?BackURL=test/back'); - $changedResponse = $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword'); + $changedResponse = $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword#123'); $this->assertEquals(302, $changedResponse->getStatusCode()); $this->assertEquals( Controller::join_links(Director::absoluteBaseURL(), 'test/back'), @@ -459,7 +467,7 @@ class SecurityTest extends FunctionalTest // Check if we can login with the new password $this->logOut(); - $goodResponse = $this->doTestLoginForm('testuser@example.com', 'changedPassword'); + $goodResponse = $this->doTestLoginForm('testuser@example.com', 'changedPassword#123'); $this->assertEquals(302, $goodResponse->getStatusCode()); $this->assertEquals( Controller::join_links(Director::absoluteBaseURL(), 'test/link'), @@ -501,12 +509,12 @@ class SecurityTest extends FunctionalTest // Follow redirection to form without hash in GET parameter $this->get('Security/changepassword'); - $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword'); + $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword#123'); $this->assertEquals($this->idFromFixture(Member::class, 'test'), $this->session()->get('loggedInAs')); // Check if we can login with the new password $this->logOut(); - $goodResponse = $this->doTestLoginForm('testuser@example.com', 'changedPassword'); + $goodResponse = $this->doTestLoginForm('testuser@example.com', 'changedPassword#123'); $this->assertEquals(302, $goodResponse->getStatusCode()); $this->assertEquals($this->idFromFixture(Member::class, 'test'), $this->session()->get('loggedInAs')); From 48bd335648188df9dae72be1e5f9c808f3fe1e77 Mon Sep 17 00:00:00 2001 From: Robbie Averill Date: Wed, 7 Nov 2018 12:12:44 +0200 Subject: [PATCH 02/16] [SS-2018-020] Ensure that table names are escaped to prevent possible SQL injection --- src/ORM/DataObjectSchema.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ORM/DataObjectSchema.php b/src/ORM/DataObjectSchema.php index 6ad3cfe34..e2b371995 100644 --- a/src/ORM/DataObjectSchema.php +++ b/src/ORM/DataObjectSchema.php @@ -8,6 +8,7 @@ use LogicException; use SilverStripe\Core\ClassInfo; use SilverStripe\Core\Config\Config; use SilverStripe\Core\Config\Configurable; +use SilverStripe\Core\Convert; use SilverStripe\Core\Injector\Injectable; use SilverStripe\Core\Injector\Injector; use SilverStripe\Dev\TestOnly; @@ -125,7 +126,7 @@ class DataObjectSchema $tables = $this->getTableNames(); $class = ClassInfo::class_name($class); if (isset($tables[$class])) { - return $tables[$class]; + return Convert::raw2sql($tables[$class]); } return null; } From fecedc2d98eeaaff6424fb59dc70ef6bdc6dc92d Mon Sep 17 00:00:00 2001 From: Robbie Averill Date: Wed, 7 Nov 2018 12:12:44 +0200 Subject: [PATCH 03/16] [SS-2018-020] Ensure that table names are escaped to prevent possible SQL injection --- src/ORM/DataObjectSchema.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ORM/DataObjectSchema.php b/src/ORM/DataObjectSchema.php index 8251c8477..c80925603 100644 --- a/src/ORM/DataObjectSchema.php +++ b/src/ORM/DataObjectSchema.php @@ -8,6 +8,7 @@ use LogicException; use SilverStripe\Core\ClassInfo; use SilverStripe\Core\Config\Config; use SilverStripe\Core\Config\Configurable; +use SilverStripe\Core\Convert; use SilverStripe\Core\Injector\Injectable; use SilverStripe\Core\Injector\Injector; use SilverStripe\Dev\TestOnly; @@ -125,7 +126,7 @@ class DataObjectSchema $tables = $this->getTableNames(); $class = ClassInfo::class_name($class); if (isset($tables[$class])) { - return $tables[$class]; + return Convert::raw2sql($tables[$class]); } return null; } From fed9afb04667cd4b12d40fd43349164cb5f3a342 Mon Sep 17 00:00:00 2001 From: Aaron Carlino Date: Wed, 12 Dec 2018 12:21:17 +1300 Subject: [PATCH 04/16] Update translations --- lang/da.yml | 15 +++++++++++++++ lang/de_DE.yml | 6 ------ lang/eo.yml | 15 +++++++++++++++ lang/nl.yml | 15 +++++++++++++++ 4 files changed, 45 insertions(+), 6 deletions(-) diff --git a/lang/da.yml b/lang/da.yml index e203c1876..4fc3ade6f 100644 --- a/lang/da.yml +++ b/lang/da.yml @@ -84,6 +84,7 @@ da: RelationSearch: Relationssøgning ResetFilter: Nulstil SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Slet Delete: Slet DeletePermissionsFailure: 'Ingen slette rettigheder' EditPermissionsFailure: 'Ingen rettighed til at fjerne emnet' @@ -95,12 +96,23 @@ da: DeletePermissionsFailure: 'Ingen slette rettigheder' Deleted: 'Slet {type} {name}' Save: Gem + SilverStripe\Forms\GridField\GridFieldEditButton_ss: + EDIT: Rediger SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Kan ikke fjerne dig selv fra denne gruppe, du vil miste administrator rettigheder' SilverStripe\Forms\GridField\GridFieldPaginator: OF: af Page: Side View: Vis + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Elementet er endnu ikke udgivet' + ADDEDTODRAFTSHORT: Kladde + ARCHIVEDPAGEHELP: 'Elementet er fjernet fra kladde og udgivet version' + ARCHIVEDPAGESHORT: Arkiveret + MODIFIEDONDRAFTHELP: 'Elementet har ikke udgivne ændringer' + MODIFIEDONDRAFTSHORT: Ændret + ONLIVEONLYSHORT: 'Kun på udgivet version' + ONLIVEONLYSHORTHELP: 'Elementet er udgivet, men er slette fra kladde' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Beløb FIELDLABELCURRENCY: Valuta @@ -319,4 +331,7 @@ da: LOGOUT: 'Log ud' LOSTPASSWORDHEADER: 'Glemt kodeord' NOTEPAGESECURED: 'Denne side er beskyttet. Indtast dine loginoplysninger herunder for at få adgang.' + NOTERESETLINKINVALID: '

Kodeordets nulstillingslink er ugyldigt eller udløbet.

Du kan anmode om et nyt link her eller skifte dit kodeord efter du er logget ind.

' NOTERESETPASSWORD: 'Indtast din email adresse, så sender vi dig et link som du kan nulstille dit kodeord med' + PASSWORDSENTHEADER: 'Link til nulstilling af kodeord er sendt til ''{email}''' + PASSWORDSENTTEXT: 'Tak for det! Et link til at nulstille kodeordet er sendt til ''{email}'', forudsat at en konto eksisterer med denne email adresse.' diff --git a/lang/de_DE.yml b/lang/de_DE.yml index e1bea0c6e..995c45ad0 100644 --- a/lang/de_DE.yml +++ b/lang/de_DE.yml @@ -27,8 +27,6 @@ de_DE: ATLEAST: 'Passwörter müssen mindestens {min} Zeichen lang sein.' BETWEEN: 'Passwörter müssen {min} bis {max} Zeichen lang sein.' SHOWONCLICKTITLE: 'Passwort ändern' - SilverStripe\Forms\DateField: - TODAY: heute SilverStripe\Forms\DropdownField: CHOOSE: (Auswählen) CHOOSE_MODEL: '({name} auswählen)' @@ -45,10 +43,6 @@ de_DE: SilverStripe\Forms\GridField\GridFieldDetailForm: CancelBtn: Abbrechen Save: Speichern - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Bearbeiten - SilverStripe\Forms\GridField\GridFieldFilterHeader: - Search: 'Suche "{name}"' SilverStripe\Forms\GridField\GridFieldPaginator: Page: Seite SilverStripe\Forms\MoneyField: diff --git a/lang/eo.yml b/lang/eo.yml index cc792bab4..206dffc1d 100644 --- a/lang/eo.yml +++ b/lang/eo.yml @@ -84,6 +84,7 @@ eo: RelationSearch: 'Serĉi rilatojn' ResetFilter: Restartigi SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Forigi Delete: Forigi DeletePermissionsFailure: 'Mankas permeso forigi' EditPermissionsFailure: 'Mankas permeso malligi rikordon' @@ -95,12 +96,23 @@ eo: DeletePermissionsFailure: 'Mankas permeso forigi' Deleted: 'Forigita {type} {name}' Save: Konservi + SilverStripe\Forms\GridField\GridFieldEditButton_ss: + EDIT: Redakti SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Ne povas forigi vin el ĉi tiu grupo; vi perdus administrajn rajtojn' SilverStripe\Forms\GridField\GridFieldPaginator: OF: de Page: Paĝo View: Vido + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Ero ankoraŭ estas ne publikigita' + ADDEDTODRAFTSHORT: Malneto + ARCHIVEDPAGEHELP: 'Ero estas forigita el malneta kaj publika' + ARCHIVEDPAGESHORT: Enarkivigita + MODIFIEDONDRAFTHELP: 'Ero enhavas nepublikigitajn ŝanĝojn' + MODIFIEDONDRAFTSHORT: Ŝanĝita + ONLIVEONLYSHORT: 'Nur ĉe publika' + ONLIVEONLYSHORTHELP: 'Ero estas publikigita, sed ĝi estas forigita el malneto' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Kvanto FIELDLABELCURRENCY: Kurzo @@ -319,4 +331,7 @@ eo: LOGOUT: Elsaluti LOSTPASSWORDHEADER: 'Perdis pasvorton' NOTEPAGESECURED: 'Tiu paĝo estas sekurigita. Enigu viajn akreditaĵojn sube kaj vi aliros pluen.' + NOTERESETLINKINVALID: '

La pasvorta reagorda ligilo estas malvalida aŭ finiĝis.

Vi povas peti novan ĉi tie aŭ ŝanĝi vian pasvorton post vi ensalutis.

' NOTERESETPASSWORD: 'Enigu vian retpoŝtan adreson kaj ni sendos al vi ligilon per kiu vi povas reagordi vian pasvorton' + PASSWORDSENTHEADER: 'Pasvorta reagorda ligilo sendiĝis al ''{email}''' + PASSWORDSENTTEXT: 'Dankon! Reagordita ligilo sendiĝis al ''{email}'', kondiĉe ke konto ekzistas por tiu retadreso.' diff --git a/lang/nl.yml b/lang/nl.yml index f4e35af66..eae378c9d 100644 --- a/lang/nl.yml +++ b/lang/nl.yml @@ -84,6 +84,7 @@ nl: RelationSearch: 'Zoek relatie' ResetFilter: Resetten SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Verwijder Delete: Verwijder DeletePermissionsFailure: 'Onvoldoende rechten om te verwijderen' EditPermissionsFailure: 'Geen toelating om te ontkoppelen' @@ -95,12 +96,23 @@ nl: DeletePermissionsFailure: 'Onvoldoende rechten om te verwijderen' Deleted: '{type} {name} verwijderd' Save: Opslaan + SilverStripe\Forms\GridField\GridFieldEditButton_ss: + EDIT: Edit SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'U kunt uzelf niet verwijderen van deze groep, omdat u dan geen admin-rechten meer heeft.' SilverStripe\Forms\GridField\GridFieldPaginator: OF: van Page: Pagina View: Bekijk + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Item is nog niet gepubliceerd' + ADDEDTODRAFTSHORT: Concept + ARCHIVEDPAGEHELP: 'Het item is verwijderd van de concept- en de live site' + ARCHIVEDPAGESHORT: Gearchiveerd + MODIFIEDONDRAFTHELP: 'Item heeft wijzigingen die nog niet gepubliceerd zijn' + MODIFIEDONDRAFTSHORT: Aangepast + ONLIVEONLYSHORT: 'Alleen op de live site' + ONLIVEONLYSHORTHELP: 'Item is gepubliceerd, maar verwijderd van de concept site' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Aantal FIELDLABELCURRENCY: Munteenheid @@ -319,4 +331,7 @@ nl: LOGOUT: Uitloggen LOSTPASSWORDHEADER: 'Wachtwoord vergeten' NOTEPAGESECURED: 'Deze pagina is beveiligd. Voer uw gegevens in en u wordt automatisch doorgestuurd.' + NOTERESETLINKINVALID: '

De link om uw wachtwoord te kunnen wijzigen is niet meer geldig.

U kunt een nieuwe link aanvragen of uw wachtwoord aanpassen door in te loggen.

' NOTERESETPASSWORD: 'Voer uw e-mailadres in en we sturen een link waarmee u een nieuw wachtwoord kunt instellen.' + PASSWORDSENTHEADER: 'Wachtwoord herstel link verzonden naar {email}' + PASSWORDSENTTEXT: 'Bedankt! Er is een link verstuurd naar {email} om uw wachtwoord opnieuw in te stellen, in de veronderstelling dat er een account bestaat voor dit e-mailadres.' From 90a50649ddd8284e9a7f668f53d4cab8b50d681d Mon Sep 17 00:00:00 2001 From: Aaron Carlino Date: Wed, 12 Dec 2018 12:34:51 +1300 Subject: [PATCH 05/16] Update translations --- lang/da.yml | 19 ++++++++++++++----- lang/de_DE.yml | 6 ------ lang/en.yml | 9 +++++++++ lang/eo.yml | 19 ++++++++++++++----- lang/fi.yml | 6 ------ lang/it.yml | 6 ------ lang/nl.yml | 22 +++++++++++++++------- lang/sv.yml | 6 ------ 8 files changed, 52 insertions(+), 41 deletions(-) diff --git a/lang/da.yml b/lang/da.yml index 3fe62969a..4fc3ade6f 100644 --- a/lang/da.yml +++ b/lang/da.yml @@ -84,6 +84,7 @@ da: RelationSearch: Relationssøgning ResetFilter: Nulstil SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Slet Delete: Slet DeletePermissionsFailure: 'Ingen slette rettigheder' EditPermissionsFailure: 'Ingen rettighed til at fjerne emnet' @@ -95,7 +96,7 @@ da: DeletePermissionsFailure: 'Ingen slette rettigheder' Deleted: 'Slet {type} {name}' Save: Gem - SilverStripe\Forms\GridField\GridFieldEditButton: + SilverStripe\Forms\GridField\GridFieldEditButton_ss: EDIT: Rediger SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Kan ikke fjerne dig selv fra denne gruppe, du vil miste administrator rettigheder' @@ -103,6 +104,15 @@ da: OF: af Page: Side View: Vis + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Elementet er endnu ikke udgivet' + ADDEDTODRAFTSHORT: Kladde + ARCHIVEDPAGEHELP: 'Elementet er fjernet fra kladde og udgivet version' + ARCHIVEDPAGESHORT: Arkiveret + MODIFIEDONDRAFTHELP: 'Elementet har ikke udgivne ændringer' + MODIFIEDONDRAFTSHORT: Ændret + ONLIVEONLYSHORT: 'Kun på udgivet version' + ONLIVEONLYSHORTHELP: 'Elementet er udgivet, men er slette fra kladde' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Beløb FIELDLABELCURRENCY: Valuta @@ -149,8 +159,6 @@ da: other: '{count} år' SilverStripe\ORM\FieldType\DBEnum: ANY: Enhver - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'For mange relaterede objekter; fallback felt i brug' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'For mange underelementer ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -323,6 +331,7 @@ da: LOGOUT: 'Log ud' LOSTPASSWORDHEADER: 'Glemt kodeord' NOTEPAGESECURED: 'Denne side er beskyttet. Indtast dine loginoplysninger herunder for at få adgang.' + NOTERESETLINKINVALID: '

Kodeordets nulstillingslink er ugyldigt eller udløbet.

Du kan anmode om et nyt link her eller skifte dit kodeord efter du er logget ind.

' NOTERESETPASSWORD: 'Indtast din email adresse, så sender vi dig et link som du kan nulstille dit kodeord med' - PASSWORDRESETSENTHEADER: 'link til at nulstille kodeord afsendt' - PASSWORDRESETSENTTEXT: 'Tak for det. Et link til at nulstille dit kodeord er afsendt, hvis der findes en bruger med denne email adresse.' + PASSWORDSENTHEADER: 'Link til nulstilling af kodeord er sendt til ''{email}''' + PASSWORDSENTTEXT: 'Tak for det! Et link til at nulstille kodeordet er sendt til ''{email}'', forudsat at en konto eksisterer med denne email adresse.' diff --git a/lang/de_DE.yml b/lang/de_DE.yml index e1bea0c6e..995c45ad0 100644 --- a/lang/de_DE.yml +++ b/lang/de_DE.yml @@ -27,8 +27,6 @@ de_DE: ATLEAST: 'Passwörter müssen mindestens {min} Zeichen lang sein.' BETWEEN: 'Passwörter müssen {min} bis {max} Zeichen lang sein.' SHOWONCLICKTITLE: 'Passwort ändern' - SilverStripe\Forms\DateField: - TODAY: heute SilverStripe\Forms\DropdownField: CHOOSE: (Auswählen) CHOOSE_MODEL: '({name} auswählen)' @@ -45,10 +43,6 @@ de_DE: SilverStripe\Forms\GridField\GridFieldDetailForm: CancelBtn: Abbrechen Save: Speichern - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Bearbeiten - SilverStripe\Forms\GridField\GridFieldFilterHeader: - Search: 'Suche "{name}"' SilverStripe\Forms\GridField\GridFieldPaginator: Page: Seite SilverStripe\Forms\MoneyField: diff --git a/lang/en.yml b/lang/en.yml index 37da731e4..2a6fa6c18 100644 --- a/lang/en.yml +++ b/lang/en.yml @@ -104,6 +104,15 @@ en: OF: of Page: Page View: View + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Item has not been published yet' + ADDEDTODRAFTSHORT: Draft + ARCHIVEDPAGEHELP: 'Item is removed from draft and live' + ARCHIVEDPAGESHORT: Archived + MODIFIEDONDRAFTHELP: 'Item has unpublished changes' + MODIFIEDONDRAFTSHORT: Modified + ONLIVEONLYSHORT: 'On live only' + ONLIVEONLYSHORTHELP: 'Item is published, but has been deleted from draft' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Amount FIELDLABELCURRENCY: Currency diff --git a/lang/eo.yml b/lang/eo.yml index fb6b74ca9..206dffc1d 100644 --- a/lang/eo.yml +++ b/lang/eo.yml @@ -84,6 +84,7 @@ eo: RelationSearch: 'Serĉi rilatojn' ResetFilter: Restartigi SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Forigi Delete: Forigi DeletePermissionsFailure: 'Mankas permeso forigi' EditPermissionsFailure: 'Mankas permeso malligi rikordon' @@ -95,7 +96,7 @@ eo: DeletePermissionsFailure: 'Mankas permeso forigi' Deleted: 'Forigita {type} {name}' Save: Konservi - SilverStripe\Forms\GridField\GridFieldEditButton: + SilverStripe\Forms\GridField\GridFieldEditButton_ss: EDIT: Redakti SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Ne povas forigi vin el ĉi tiu grupo; vi perdus administrajn rajtojn' @@ -103,6 +104,15 @@ eo: OF: de Page: Paĝo View: Vido + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Ero ankoraŭ estas ne publikigita' + ADDEDTODRAFTSHORT: Malneto + ARCHIVEDPAGEHELP: 'Ero estas forigita el malneta kaj publika' + ARCHIVEDPAGESHORT: Enarkivigita + MODIFIEDONDRAFTHELP: 'Ero enhavas nepublikigitajn ŝanĝojn' + MODIFIEDONDRAFTSHORT: Ŝanĝita + ONLIVEONLYSHORT: 'Nur ĉe publika' + ONLIVEONLYSHORTHELP: 'Ero estas publikigita, sed ĝi estas forigita el malneto' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Kvanto FIELDLABELCURRENCY: Kurzo @@ -149,8 +159,6 @@ eo: other: '{count} jaroj' SilverStripe\ORM\FieldType\DBEnum: ANY: Ajna - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'Tro multaj objektoj; retropaŝa kampo uzata' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'Tro da idoj ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -323,6 +331,7 @@ eo: LOGOUT: Elsaluti LOSTPASSWORDHEADER: 'Perdis pasvorton' NOTEPAGESECURED: 'Tiu paĝo estas sekurigita. Enigu viajn akreditaĵojn sube kaj vi aliros pluen.' + NOTERESETLINKINVALID: '

La pasvorta reagorda ligilo estas malvalida aŭ finiĝis.

Vi povas peti novan ĉi tie aŭ ŝanĝi vian pasvorton post vi ensalutis.

' NOTERESETPASSWORD: 'Enigu vian retpoŝtan adreson kaj ni sendos al vi ligilon per kiu vi povas reagordi vian pasvorton' - PASSWORDRESETSENTHEADER: 'Pasvorta reagorda ligilo sendiĝis' - PASSWORDRESETSENTTEXT: 'Dankon. Reagorda ligilo sendiĝis, kondiĉe ke konto ekzistas por ĉi tiu retadreso.' + PASSWORDSENTHEADER: 'Pasvorta reagorda ligilo sendiĝis al ''{email}''' + PASSWORDSENTTEXT: 'Dankon! Reagordita ligilo sendiĝis al ''{email}'', kondiĉe ke konto ekzistas por tiu retadreso.' diff --git a/lang/fi.yml b/lang/fi.yml index 956e69a83..01899f2af 100644 --- a/lang/fi.yml +++ b/lang/fi.yml @@ -95,8 +95,6 @@ fi: DeletePermissionsFailure: 'Ei oikeuksia poistamiseen' Deleted: 'Poistettiin {type} {name}' Save: Tallenna - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Muokkaa SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Et voi siirtää itseäsi pois tästä ryhmästä: menettäisit pääkäyttäjän oikeudet' SilverStripe\Forms\GridField\GridFieldPaginator: @@ -149,8 +147,6 @@ fi: other: '{count} vuotta' SilverStripe\ORM\FieldType\DBEnum: ANY: Yhtään - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'Liian monta samaan liittyvää objektia: oletuskenttä käytössä' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'Liian monta lapsiobjektia ({count}}' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -324,5 +320,3 @@ fi: LOSTPASSWORDHEADER: 'Unohtunut salasana' NOTEPAGESECURED: 'Tämä sivu on suojattu. Syötä tunnistetietosi alle niin pääset eteenpäin.' NOTERESETPASSWORD: 'Syötä sähköpostiosoitteesi ja lähetämme sinulle linkin, jonka avulla saat palautettua salasanasi' - PASSWORDRESETSENTHEADER: 'Salasanan palautuslinkki lähetetty' - PASSWORDRESETSENTTEXT: 'Kiitos, palautuslinkki on lähetetty käyttäjätilille asetettuun sähköpostiosoitteeseen.' diff --git a/lang/it.yml b/lang/it.yml index 4089faf9b..adbdeb0fd 100644 --- a/lang/it.yml +++ b/lang/it.yml @@ -95,8 +95,6 @@ it: DeletePermissionsFailure: 'Non hai i permessi per eliminare' Deleted: 'Eliminato {type} {name}' Save: Salva - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Modifica SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Non è possibile rimuovere te stesso da questo gruppo, perderesti i diritti di admin' SilverStripe\Forms\GridField\GridFieldPaginator: @@ -149,8 +147,6 @@ it: other: '{count} anni' SilverStripe\ORM\FieldType\DBEnum: ANY: Qualsiasi - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'Troppi oggetti correlati; campo di fallback in uso' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'Troppi figli ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -324,5 +320,3 @@ it: LOSTPASSWORDHEADER: 'Password smarrita' NOTEPAGESECURED: 'La pagina è protetta. Inserisci le credenziali qui sotto per poter andare avanti.' NOTERESETPASSWORD: 'Inserisci il tuo indirizzo e-mail e ti verrà inviato un link per poter azzerare la tua password.' - PASSWORDRESETSENTHEADER: 'Link di azzeramento password inviato' - PASSWORDRESETSENTTEXT: 'Grazie! Un link di azzeramento è stato inviato, supponendo un account esista a quell''indirizzo e-mail.' diff --git a/lang/nl.yml b/lang/nl.yml index 242eccc45..eae378c9d 100644 --- a/lang/nl.yml +++ b/lang/nl.yml @@ -84,6 +84,7 @@ nl: RelationSearch: 'Zoek relatie' ResetFilter: Resetten SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Verwijder Delete: Verwijder DeletePermissionsFailure: 'Onvoldoende rechten om te verwijderen' EditPermissionsFailure: 'Geen toelating om te ontkoppelen' @@ -95,14 +96,23 @@ nl: DeletePermissionsFailure: 'Onvoldoende rechten om te verwijderen' Deleted: '{type} {name} verwijderd' Save: Opslaan - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Bewerken + SilverStripe\Forms\GridField\GridFieldEditButton_ss: + EDIT: Edit SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'U kunt uzelf niet verwijderen van deze groep, omdat u dan geen admin-rechten meer heeft.' SilverStripe\Forms\GridField\GridFieldPaginator: OF: van Page: Pagina View: Bekijk + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Item is nog niet gepubliceerd' + ADDEDTODRAFTSHORT: Concept + ARCHIVEDPAGEHELP: 'Het item is verwijderd van de concept- en de live site' + ARCHIVEDPAGESHORT: Gearchiveerd + MODIFIEDONDRAFTHELP: 'Item heeft wijzigingen die nog niet gepubliceerd zijn' + MODIFIEDONDRAFTSHORT: Aangepast + ONLIVEONLYSHORT: 'Alleen op de live site' + ONLIVEONLYSHORTHELP: 'Item is gepubliceerd, maar verwijderd van de concept site' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Aantal FIELDLABELCURRENCY: Munteenheid @@ -149,8 +159,6 @@ nl: other: '{count} jaren' SilverStripe\ORM\FieldType\DBEnum: ANY: Elke - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'Teveel keuzes in de lijst; een alternatief veld wordt getoond.' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'Teveel onderliggende items ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -323,7 +331,7 @@ nl: LOGOUT: Uitloggen LOSTPASSWORDHEADER: 'Wachtwoord vergeten' NOTEPAGESECURED: 'Deze pagina is beveiligd. Voer uw gegevens in en u wordt automatisch doorgestuurd.' - NOTERESETLINKINVALID: '

De reset link is ongeldig of komen te vervallen.

Je kan hier een nieuwe link aanvragen of het wachtwoord veranderen nadat je bent ingelogd.

' + NOTERESETLINKINVALID: '

De link om uw wachtwoord te kunnen wijzigen is niet meer geldig.

U kunt een nieuwe link aanvragen of uw wachtwoord aanpassen door in te loggen.

' NOTERESETPASSWORD: 'Voer uw e-mailadres in en we sturen een link waarmee u een nieuw wachtwoord kunt instellen.' - PASSWORDRESETSENTHEADER: 'link om uw wachtwoord opnieuw aan te maken' - PASSWORDRESETSENTTEXT: 'Bedankt! Er is een link verstuurd om uw wachtwoord opnieuw in te stellen (mits het mailadres reeds bekend is bij ons).' + PASSWORDSENTHEADER: 'Wachtwoord herstel link verzonden naar {email}' + PASSWORDSENTTEXT: 'Bedankt! Er is een link verstuurd naar {email} om uw wachtwoord opnieuw in te stellen, in de veronderstelling dat er een account bestaat voor dit e-mailadres.' diff --git a/lang/sv.yml b/lang/sv.yml index f2a18d659..88a3b3959 100644 --- a/lang/sv.yml +++ b/lang/sv.yml @@ -93,8 +93,6 @@ sv: DeletePermissionsFailure: 'Rättighet för att radera saknas' Deleted: 'Raderade {type} {name}' Save: Spara - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Ändra SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Du kan inte radera dig själv från den här gruppen, då du då kommer att förlora dina admin-rättigheter' SilverStripe\Forms\GridField\GridFieldPaginator: @@ -147,8 +145,6 @@ sv: other: '{count} år' SilverStripe\ORM\FieldType\DBEnum: ANY: 'Vilken som helst' - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'För många relaterade objekt; använder fallback-fält' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'För många barn ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -303,5 +299,3 @@ sv: LOSTPASSWORDHEADER: 'Bortglömt lösenord' NOTEPAGESECURED: 'Den här sidan är låst. Fyll i dina uppgifter nedan så skickar vi dig vidare.' NOTERESETPASSWORD: 'Ange din e-postadress så skickar vi en länk med vilken du kan återställa ditt lösenord' - PASSWORDRESETSENTHEADER: 'Återställningslänk för lösenord skickad' - PASSWORDRESETSENTTEXT: 'Tack. En återställningslänk har skickats, förutsatt att ett konto med denna adress existerar.' From 9939719ae39006632768567a752a05a8d50333c4 Mon Sep 17 00:00:00 2001 From: Aaron Carlino Date: Wed, 12 Dec 2018 12:50:47 +1300 Subject: [PATCH 06/16] Update translations --- lang/da.yml | 19 ++++++++++++++----- lang/de_DE.yml | 6 ------ lang/en.yml | 20 ++++++++++++++------ lang/eo.yml | 19 ++++++++++++++----- lang/fi.yml | 12 ------------ lang/it.yml | 6 ------ lang/nl.yml | 28 +++++++++++++++------------- lang/sv.yml | 6 ------ 8 files changed, 57 insertions(+), 59 deletions(-) diff --git a/lang/da.yml b/lang/da.yml index 3fe62969a..4fc3ade6f 100644 --- a/lang/da.yml +++ b/lang/da.yml @@ -84,6 +84,7 @@ da: RelationSearch: Relationssøgning ResetFilter: Nulstil SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Slet Delete: Slet DeletePermissionsFailure: 'Ingen slette rettigheder' EditPermissionsFailure: 'Ingen rettighed til at fjerne emnet' @@ -95,7 +96,7 @@ da: DeletePermissionsFailure: 'Ingen slette rettigheder' Deleted: 'Slet {type} {name}' Save: Gem - SilverStripe\Forms\GridField\GridFieldEditButton: + SilverStripe\Forms\GridField\GridFieldEditButton_ss: EDIT: Rediger SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Kan ikke fjerne dig selv fra denne gruppe, du vil miste administrator rettigheder' @@ -103,6 +104,15 @@ da: OF: af Page: Side View: Vis + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Elementet er endnu ikke udgivet' + ADDEDTODRAFTSHORT: Kladde + ARCHIVEDPAGEHELP: 'Elementet er fjernet fra kladde og udgivet version' + ARCHIVEDPAGESHORT: Arkiveret + MODIFIEDONDRAFTHELP: 'Elementet har ikke udgivne ændringer' + MODIFIEDONDRAFTSHORT: Ændret + ONLIVEONLYSHORT: 'Kun på udgivet version' + ONLIVEONLYSHORTHELP: 'Elementet er udgivet, men er slette fra kladde' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Beløb FIELDLABELCURRENCY: Valuta @@ -149,8 +159,6 @@ da: other: '{count} år' SilverStripe\ORM\FieldType\DBEnum: ANY: Enhver - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'For mange relaterede objekter; fallback felt i brug' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'For mange underelementer ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -323,6 +331,7 @@ da: LOGOUT: 'Log ud' LOSTPASSWORDHEADER: 'Glemt kodeord' NOTEPAGESECURED: 'Denne side er beskyttet. Indtast dine loginoplysninger herunder for at få adgang.' + NOTERESETLINKINVALID: '

Kodeordets nulstillingslink er ugyldigt eller udløbet.

Du kan anmode om et nyt link her eller skifte dit kodeord efter du er logget ind.

' NOTERESETPASSWORD: 'Indtast din email adresse, så sender vi dig et link som du kan nulstille dit kodeord med' - PASSWORDRESETSENTHEADER: 'link til at nulstille kodeord afsendt' - PASSWORDRESETSENTTEXT: 'Tak for det. Et link til at nulstille dit kodeord er afsendt, hvis der findes en bruger med denne email adresse.' + PASSWORDSENTHEADER: 'Link til nulstilling af kodeord er sendt til ''{email}''' + PASSWORDSENTTEXT: 'Tak for det! Et link til at nulstille kodeordet er sendt til ''{email}'', forudsat at en konto eksisterer med denne email adresse.' diff --git a/lang/de_DE.yml b/lang/de_DE.yml index e1bea0c6e..995c45ad0 100644 --- a/lang/de_DE.yml +++ b/lang/de_DE.yml @@ -27,8 +27,6 @@ de_DE: ATLEAST: 'Passwörter müssen mindestens {min} Zeichen lang sein.' BETWEEN: 'Passwörter müssen {min} bis {max} Zeichen lang sein.' SHOWONCLICKTITLE: 'Passwort ändern' - SilverStripe\Forms\DateField: - TODAY: heute SilverStripe\Forms\DropdownField: CHOOSE: (Auswählen) CHOOSE_MODEL: '({name} auswählen)' @@ -45,10 +43,6 @@ de_DE: SilverStripe\Forms\GridField\GridFieldDetailForm: CancelBtn: Abbrechen Save: Speichern - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Bearbeiten - SilverStripe\Forms\GridField\GridFieldFilterHeader: - Search: 'Suche "{name}"' SilverStripe\Forms\GridField\GridFieldPaginator: Page: Seite SilverStripe\Forms\MoneyField: diff --git a/lang/en.yml b/lang/en.yml index 18c2f4fe1..2a6fa6c18 100644 --- a/lang/en.yml +++ b/lang/en.yml @@ -84,6 +84,7 @@ en: RelationSearch: 'Relation search' ResetFilter: Reset SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Delete Delete: Delete DeletePermissionsFailure: 'No delete permissions' EditPermissionsFailure: 'No permission to unlink record' @@ -95,7 +96,7 @@ en: DeletePermissionsFailure: 'No delete permissions' Deleted: 'Deleted {type} {name}' Save: Save - SilverStripe\Forms\GridField\GridFieldEditButton: + SilverStripe\Forms\GridField\GridFieldEditButton_ss: EDIT: Edit SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Cannot remove yourself from this group, you will lose admin rights' @@ -103,6 +104,15 @@ en: OF: of Page: Page View: View + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Item has not been published yet' + ADDEDTODRAFTSHORT: Draft + ARCHIVEDPAGEHELP: 'Item is removed from draft and live' + ARCHIVEDPAGESHORT: Archived + MODIFIEDONDRAFTHELP: 'Item has unpublished changes' + MODIFIEDONDRAFTSHORT: Modified + ONLIVEONLYSHORT: 'On live only' + ONLIVEONLYSHORTHELP: 'Item is published, but has been deleted from draft' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Amount FIELDLABELCURRENCY: Currency @@ -149,8 +159,6 @@ en: other: '{count} years' SilverStripe\ORM\FieldType\DBEnum: ANY: Any - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'Too many related objects; fallback field in use' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'Too many children ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -323,7 +331,7 @@ en: LOGOUT: 'Log out' LOSTPASSWORDHEADER: 'Lost Password' NOTEPAGESECURED: 'That page is secured. Enter your credentials below and we will send you right along.' - NOTERESETLINKINVALID: '

The password reset link is invalid or expired.

You can request a new one here or change your password after you log in.

' + NOTERESETLINKINVALID: '

The password reset link is invalid or expired.

You can request a new one here or change your password after you logged in.

' NOTERESETPASSWORD: 'Enter your e-mail address and we will send you a link with which you can reset your password' - PASSWORDRESETSENTHEADER: 'Password reset link sent' - PASSWORDRESETSENTTEXT: 'Thank you. A reset link has been sent, provided an account exists for this email address.' + PASSWORDSENTHEADER: 'Password reset link sent to ''{email}''' + PASSWORDSENTTEXT: 'Thank you! A reset link has been sent to ''{email}'', provided an account exists for this email address.' diff --git a/lang/eo.yml b/lang/eo.yml index fb6b74ca9..206dffc1d 100644 --- a/lang/eo.yml +++ b/lang/eo.yml @@ -84,6 +84,7 @@ eo: RelationSearch: 'Serĉi rilatojn' ResetFilter: Restartigi SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Forigi Delete: Forigi DeletePermissionsFailure: 'Mankas permeso forigi' EditPermissionsFailure: 'Mankas permeso malligi rikordon' @@ -95,7 +96,7 @@ eo: DeletePermissionsFailure: 'Mankas permeso forigi' Deleted: 'Forigita {type} {name}' Save: Konservi - SilverStripe\Forms\GridField\GridFieldEditButton: + SilverStripe\Forms\GridField\GridFieldEditButton_ss: EDIT: Redakti SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Ne povas forigi vin el ĉi tiu grupo; vi perdus administrajn rajtojn' @@ -103,6 +104,15 @@ eo: OF: de Page: Paĝo View: Vido + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Ero ankoraŭ estas ne publikigita' + ADDEDTODRAFTSHORT: Malneto + ARCHIVEDPAGEHELP: 'Ero estas forigita el malneta kaj publika' + ARCHIVEDPAGESHORT: Enarkivigita + MODIFIEDONDRAFTHELP: 'Ero enhavas nepublikigitajn ŝanĝojn' + MODIFIEDONDRAFTSHORT: Ŝanĝita + ONLIVEONLYSHORT: 'Nur ĉe publika' + ONLIVEONLYSHORTHELP: 'Ero estas publikigita, sed ĝi estas forigita el malneto' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Kvanto FIELDLABELCURRENCY: Kurzo @@ -149,8 +159,6 @@ eo: other: '{count} jaroj' SilverStripe\ORM\FieldType\DBEnum: ANY: Ajna - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'Tro multaj objektoj; retropaŝa kampo uzata' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'Tro da idoj ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -323,6 +331,7 @@ eo: LOGOUT: Elsaluti LOSTPASSWORDHEADER: 'Perdis pasvorton' NOTEPAGESECURED: 'Tiu paĝo estas sekurigita. Enigu viajn akreditaĵojn sube kaj vi aliros pluen.' + NOTERESETLINKINVALID: '

La pasvorta reagorda ligilo estas malvalida aŭ finiĝis.

Vi povas peti novan ĉi tie aŭ ŝanĝi vian pasvorton post vi ensalutis.

' NOTERESETPASSWORD: 'Enigu vian retpoŝtan adreson kaj ni sendos al vi ligilon per kiu vi povas reagordi vian pasvorton' - PASSWORDRESETSENTHEADER: 'Pasvorta reagorda ligilo sendiĝis' - PASSWORDRESETSENTTEXT: 'Dankon. Reagorda ligilo sendiĝis, kondiĉe ke konto ekzistas por ĉi tiu retadreso.' + PASSWORDSENTHEADER: 'Pasvorta reagorda ligilo sendiĝis al ''{email}''' + PASSWORDSENTTEXT: 'Dankon! Reagordita ligilo sendiĝis al ''{email}'', kondiĉe ke konto ekzistas por tiu retadreso.' diff --git a/lang/fi.yml b/lang/fi.yml index 1efe8bbd3..01899f2af 100644 --- a/lang/fi.yml +++ b/lang/fi.yml @@ -76,7 +76,6 @@ fi: LinkExisting: 'Linkitä olemassaoleva' NewRecord: 'Uusi {type}' NoItemsFound: 'Ei kohteita' - OpenFilter: 'Avaa haku ja suodatus' PRINTEDAT: Tulostettu PRINTEDBY: Tulostaja PlaceHolder: 'Etsi {type}' @@ -96,19 +95,12 @@ fi: DeletePermissionsFailure: 'Ei oikeuksia poistamiseen' Deleted: 'Poistettiin {type} {name}' Save: Tallenna - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Muokkaa - SilverStripe\Forms\GridField\GridFieldFilterHeader: - Search: 'Haku "{name}"' - SearchFormFaliure: 'Hakulomaketta ei pystytty luomaan.' SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Et voi siirtää itseäsi pois tästä ryhmästä: menettäisit pääkäyttäjän oikeudet' SilverStripe\Forms\GridField\GridFieldPaginator: OF: / Page: Sivu View: Näytä - SilverStripe\Forms\GridField\GridFieldViewButton: - VIEW: Avaa SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Määrä FIELDLABELCURRENCY: Valuutta @@ -155,8 +147,6 @@ fi: other: '{count} vuotta' SilverStripe\ORM\FieldType\DBEnum: ANY: Yhtään - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'Liian monta samaan liittyvää objektia: oletuskenttä käytössä' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'Liian monta lapsiobjektia ({count}}' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -330,5 +320,3 @@ fi: LOSTPASSWORDHEADER: 'Unohtunut salasana' NOTEPAGESECURED: 'Tämä sivu on suojattu. Syötä tunnistetietosi alle niin pääset eteenpäin.' NOTERESETPASSWORD: 'Syötä sähköpostiosoitteesi ja lähetämme sinulle linkin, jonka avulla saat palautettua salasanasi' - PASSWORDRESETSENTHEADER: 'Salasanan palautuslinkki lähetetty' - PASSWORDRESETSENTTEXT: 'Kiitos, palautuslinkki on lähetetty käyttäjätilille asetettuun sähköpostiosoitteeseen.' diff --git a/lang/it.yml b/lang/it.yml index 4089faf9b..adbdeb0fd 100644 --- a/lang/it.yml +++ b/lang/it.yml @@ -95,8 +95,6 @@ it: DeletePermissionsFailure: 'Non hai i permessi per eliminare' Deleted: 'Eliminato {type} {name}' Save: Salva - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Modifica SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Non è possibile rimuovere te stesso da questo gruppo, perderesti i diritti di admin' SilverStripe\Forms\GridField\GridFieldPaginator: @@ -149,8 +147,6 @@ it: other: '{count} anni' SilverStripe\ORM\FieldType\DBEnum: ANY: Qualsiasi - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'Troppi oggetti correlati; campo di fallback in uso' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'Troppi figli ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -324,5 +320,3 @@ it: LOSTPASSWORDHEADER: 'Password smarrita' NOTEPAGESECURED: 'La pagina è protetta. Inserisci le credenziali qui sotto per poter andare avanti.' NOTERESETPASSWORD: 'Inserisci il tuo indirizzo e-mail e ti verrà inviato un link per poter azzerare la tua password.' - PASSWORDRESETSENTHEADER: 'Link di azzeramento password inviato' - PASSWORDRESETSENTTEXT: 'Grazie! Un link di azzeramento è stato inviato, supponendo un account esista a quell''indirizzo e-mail.' diff --git a/lang/nl.yml b/lang/nl.yml index f6de04299..eae378c9d 100644 --- a/lang/nl.yml +++ b/lang/nl.yml @@ -76,7 +76,6 @@ nl: LinkExisting: 'Koppel een bestaand item' NewRecord: 'Nieuw {type}' NoItemsFound: 'Geen items gevonden.' - OpenFilter: 'Zoeken en filteren openen' PRINTEDAT: 'Geprint op' PRINTEDBY: 'Geprint door' PlaceHolder: 'Zoek {type}' @@ -85,6 +84,7 @@ nl: RelationSearch: 'Zoek relatie' ResetFilter: Resetten SilverStripe\Forms\GridField\GridFieldDeleteAction: + DELETE_DESCRIPTION: Verwijder Delete: Verwijder DeletePermissionsFailure: 'Onvoldoende rechten om te verwijderen' EditPermissionsFailure: 'Geen toelating om te ontkoppelen' @@ -96,19 +96,23 @@ nl: DeletePermissionsFailure: 'Onvoldoende rechten om te verwijderen' Deleted: '{type} {name} verwijderd' Save: Opslaan - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Bewerken - SilverStripe\Forms\GridField\GridFieldFilterHeader: - Search: 'Zoek naar "{name}"' - SearchFormFaliure: 'Er kon geen zoekformulier worden aangemaakt' + SilverStripe\Forms\GridField\GridFieldEditButton_ss: + EDIT: Edit SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'U kunt uzelf niet verwijderen van deze groep, omdat u dan geen admin-rechten meer heeft.' SilverStripe\Forms\GridField\GridFieldPaginator: OF: van Page: Pagina View: Bekijk - SilverStripe\Forms\GridField\GridFieldViewButton: - VIEW: Bekijk + SilverStripe\Forms\GridField\GridFieldVersionedState: + ADDEDTODRAFTHELP: 'Item is nog niet gepubliceerd' + ADDEDTODRAFTSHORT: Concept + ARCHIVEDPAGEHELP: 'Het item is verwijderd van de concept- en de live site' + ARCHIVEDPAGESHORT: Gearchiveerd + MODIFIEDONDRAFTHELP: 'Item heeft wijzigingen die nog niet gepubliceerd zijn' + MODIFIEDONDRAFTSHORT: Aangepast + ONLIVEONLYSHORT: 'Alleen op de live site' + ONLIVEONLYSHORTHELP: 'Item is gepubliceerd, maar verwijderd van de concept site' SilverStripe\Forms\MoneyField: FIELDLABELAMOUNT: Aantal FIELDLABELCURRENCY: Munteenheid @@ -155,8 +159,6 @@ nl: other: '{count} jaren' SilverStripe\ORM\FieldType\DBEnum: ANY: Elke - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'Teveel keuzes in de lijst; een alternatief veld wordt getoond.' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'Teveel onderliggende items ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -329,7 +331,7 @@ nl: LOGOUT: Uitloggen LOSTPASSWORDHEADER: 'Wachtwoord vergeten' NOTEPAGESECURED: 'Deze pagina is beveiligd. Voer uw gegevens in en u wordt automatisch doorgestuurd.' - NOTERESETLINKINVALID: '

De reset link is ongeldig of komen te vervallen.

Je kan hier een nieuwe link aanvragen of het wachtwoord veranderen nadat je bent ingelogd.

' + NOTERESETLINKINVALID: '

De link om uw wachtwoord te kunnen wijzigen is niet meer geldig.

U kunt een nieuwe link aanvragen of uw wachtwoord aanpassen door in te loggen.

' NOTERESETPASSWORD: 'Voer uw e-mailadres in en we sturen een link waarmee u een nieuw wachtwoord kunt instellen.' - PASSWORDRESETSENTHEADER: 'link om uw wachtwoord opnieuw aan te maken' - PASSWORDRESETSENTTEXT: 'Bedankt! Er is een link verstuurd om uw wachtwoord opnieuw in te stellen (mits het mailadres reeds bekend is bij ons).' + PASSWORDSENTHEADER: 'Wachtwoord herstel link verzonden naar {email}' + PASSWORDSENTTEXT: 'Bedankt! Er is een link verstuurd naar {email} om uw wachtwoord opnieuw in te stellen, in de veronderstelling dat er een account bestaat voor dit e-mailadres.' diff --git a/lang/sv.yml b/lang/sv.yml index f2a18d659..88a3b3959 100644 --- a/lang/sv.yml +++ b/lang/sv.yml @@ -93,8 +93,6 @@ sv: DeletePermissionsFailure: 'Rättighet för att radera saknas' Deleted: 'Raderade {type} {name}' Save: Spara - SilverStripe\Forms\GridField\GridFieldEditButton: - EDIT: Ändra SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: UnlinkSelfFailure: 'Du kan inte radera dig själv från den här gruppen, då du då kommer att förlora dina admin-rättigheter' SilverStripe\Forms\GridField\GridFieldPaginator: @@ -147,8 +145,6 @@ sv: other: '{count} år' SilverStripe\ORM\FieldType\DBEnum: ANY: 'Vilken som helst' - SilverStripe\ORM\FieldType\DBForeignKey: - DROPDOWN_THRESHOLD_FALLBACK_MESSAGE: 'För många relaterade objekt; använder fallback-fält' SilverStripe\ORM\Hierarchy: LIMITED_TITLE: 'För många barn ({count})' SilverStripe\ORM\Hierarchy\Hierarchy: @@ -303,5 +299,3 @@ sv: LOSTPASSWORDHEADER: 'Bortglömt lösenord' NOTEPAGESECURED: 'Den här sidan är låst. Fyll i dina uppgifter nedan så skickar vi dig vidare.' NOTERESETPASSWORD: 'Ange din e-postadress så skickar vi en länk med vilken du kan återställa ditt lösenord' - PASSWORDRESETSENTHEADER: 'Återställningslänk för lösenord skickad' - PASSWORDRESETSENTTEXT: 'Tack. En återställningslänk har skickats, förutsatt att ett konto med denna adress existerar.' From 00e996f164d312202ffe1d54a91ff56dc1bec9a9 Mon Sep 17 00:00:00 2001 From: Aaron Carlino Date: Wed, 12 Dec 2018 13:47:17 +1300 Subject: [PATCH 07/16] Add changelog --- docs/en/04_Changelogs/4.0.6.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 docs/en/04_Changelogs/4.0.6.md diff --git a/docs/en/04_Changelogs/4.0.6.md b/docs/en/04_Changelogs/4.0.6.md new file mode 100644 index 000000000..b2e22e263 --- /dev/null +++ b/docs/en/04_Changelogs/4.0.6.md @@ -0,0 +1,19 @@ +# 4.0.6 + + + +## Change Log + +### Security + + * 2018-12-10 [0e841aa](https://github.com/silverstripe/silverstripe-graphql/commit/0e841aabb7372d9fa78108e4819e151608ddec0f) Apply CSRF middlware API + * 2018-11-07 [48bd33564](https://github.com/silverstripe/silverstripe-framework/commit/48bd335648188df9dae72be1e5f9c808f3fe1e77) Ensure that table names are escaped to prevent possible SQL injection (Robbie Averill) - See [ss-2018-020](https://www.silverstripe.org/download/security-releases/ss-2018-020) + +### Bugfixes + + * 2018-11-29 [59221e8](https://github.com/silverstripe/silverstripe-assets/commit/59221e8d74ac5e07b86a741e2709e0676130f7b4) Cache key cannot contain : chars, will happen when viewing from archive (Robbie Averill) + * 2018-11-21 [9ce6d91b7](https://github.com/silverstripe/silverstripe-framework/commit/9ce6d91b76e525a6fc81e02023e9e53cdf82e047) / TreeMultiselectField::objectForKey handles list of IDs correctly (Serge Latyntcev) + * 2018-11-16 [35c3a8c6](https://github.com/silverstripe/silverstripe-cms/commit/35c3a8c68db2660838dcd2ae5abd2bd1c3214af4) 'Search' text in default search form should be a placeholder (Robbie Averill) + * 2018-11-15 [b5bae137b](https://github.com/silverstripe/silverstripe-framework/commit/b5bae137bd341eeda3f4886f45fc8f8d657a9c4c) Redirect loop with multiple confirmation tokens present (fixes #8607) (Loz Calver) + * 2018-11-12 [15aaf9db9](https://github.com/silverstripe/silverstripe-framework/commit/15aaf9db9fe1679cf8b01b74fce3eee841278495) Fix a code style typo (Serge Latyntcev) + * 2018-11-08 [4b4fbabed](https://github.com/silverstripe/silverstripe-framework/commit/4b4fbabed5d70bf577e4b0d6fdbc9dab9da80451) TreeMultiselectField passes value 'unchanged' as null to ORM for 'ID' column key (Serge Latyntcev) From 2f9dae2c7136acca60bf9ea1158704abc11a49dd Mon Sep 17 00:00:00 2001 From: Aaron Carlino Date: Wed, 12 Dec 2018 14:10:59 +1300 Subject: [PATCH 08/16] Add changelog --- docs/en/04_Changelogs/4.1.4.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 docs/en/04_Changelogs/4.1.4.md diff --git a/docs/en/04_Changelogs/4.1.4.md b/docs/en/04_Changelogs/4.1.4.md new file mode 100644 index 000000000..d6e2fb3e5 --- /dev/null +++ b/docs/en/04_Changelogs/4.1.4.md @@ -0,0 +1,20 @@ +# 4.1.4 + + + +## Change Log + +### Security + + * 2018-12-10 [6f8dc77](https://github.com/silverstripe/silverstripe-graphql/commit/6f8dc779f39aebf79acbc0e2f3363705833b583b) Apply CSRF middlware API + * 2018-11-07 [fecedc2d9](https://github.com/silverstripe/silverstripe-framework/commit/fecedc2d98eeaaff6424fb59dc70ef6bdc6dc92d) Ensure that table names are escaped to prevent possible SQL injection (Robbie Averill) - See [ss-2018-020](https://www.silverstripe.org/download/security-releases/ss-2018-020) + +### Bugfixes + + * 2018-11-29 [59221e8](https://github.com/silverstripe/silverstripe-assets/commit/59221e8d74ac5e07b86a741e2709e0676130f7b4) Cache key cannot contain : chars, will happen when viewing from archive (Robbie Averill) + * 2018-11-21 [9ce6d91b7](https://github.com/silverstripe/silverstripe-framework/commit/9ce6d91b76e525a6fc81e02023e9e53cdf82e047) / TreeMultiselectField::objectForKey handles list of IDs correctly (Serge Latyntcev) + * 2018-11-16 [35c3a8c6](https://github.com/silverstripe/silverstripe-cms/commit/35c3a8c68db2660838dcd2ae5abd2bd1c3214af4) 'Search' text in default search form should be a placeholder (Robbie Averill) + * 2018-11-15 [b5bae137b](https://github.com/silverstripe/silverstripe-framework/commit/b5bae137bd341eeda3f4886f45fc8f8d657a9c4c) Redirect loop with multiple confirmation tokens present (fixes #8607) (Loz Calver) + * 2018-11-12 [15aaf9db9](https://github.com/silverstripe/silverstripe-framework/commit/15aaf9db9fe1679cf8b01b74fce3eee841278495) Fix a code style typo (Serge Latyntcev) + * 2018-11-08 [4b4fbabed](https://github.com/silverstripe/silverstripe-framework/commit/4b4fbabed5d70bf577e4b0d6fdbc9dab9da80451) TreeMultiselectField passes value 'unchanged' as null to ORM for 'ID' column key (Serge Latyntcev) + * 2018-10-15 [6de0fa0](https://github.com/silverstripe/silverstripe-versioned/commit/6de0fa087fe581b69a5978db82058490c44923b4) Fix codesniffer runs in Travis (Robbie Averill) From 4ff891fc8796f9dd112e03a74f4459d351a80f64 Mon Sep 17 00:00:00 2001 From: Aaron Carlino Date: Wed, 12 Dec 2018 14:21:23 +1300 Subject: [PATCH 09/16] Add changelog --- docs/en/04_Changelogs/4.2.3.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 docs/en/04_Changelogs/4.2.3.md diff --git a/docs/en/04_Changelogs/4.2.3.md b/docs/en/04_Changelogs/4.2.3.md new file mode 100644 index 000000000..93ea4679c --- /dev/null +++ b/docs/en/04_Changelogs/4.2.3.md @@ -0,0 +1,28 @@ +# 4.2.3 + + + +## Change Log + +### Security + + * 2018-12-10 [b59ba39](https://github.com/silverstripe/silverstripe-graphql/commit/b59ba397ff42d8934bd2d9c932514f898c327f64) Add CSRF middlware + +## Features and Enhancements + + * 2018-07-16 [9270206c](https://github.com/silverstripe/silverstripe-reports/commit/9270206c3bd2fe35bb263ad43ad3a5d87360873a) Use Injector to create new class instances and pass $params (Robbie Averill) + +### Bugfixes + + * 2018-12-10 [9fce4b2](https://github.com/silverstripe/silverstripe-graphql/commit/9fce4b2408dd82d303925eee3b6cf393da371e85) Ensure httpMethod context is applied to all controller actions (#194) (Aaron Carlino) + * 2018-11-29 [59221e8](https://github.com/silverstripe/silverstripe-assets/commit/59221e8d74ac5e07b86a741e2709e0676130f7b4) Cache key cannot contain : chars, will happen when viewing from archive (Robbie Averill) + * 2018-11-21 [9ce6d91b7](https://github.com/silverstripe/silverstripe-framework/commit/9ce6d91b76e525a6fc81e02023e9e53cdf82e047) / TreeMultiselectField::objectForKey handles list of IDs correctly (Serge Latyntcev) + * 2018-11-16 [35c3a8c6](https://github.com/silverstripe/silverstripe-cms/commit/35c3a8c68db2660838dcd2ae5abd2bd1c3214af4) 'Search' text in default search form should be a placeholder (Robbie Averill) + * 2018-11-15 [b5bae137b](https://github.com/silverstripe/silverstripe-framework/commit/b5bae137bd341eeda3f4886f45fc8f8d657a9c4c) Redirect loop with multiple confirmation tokens present (fixes #8607) (Loz Calver) + * 2018-11-12 [15aaf9db9](https://github.com/silverstripe/silverstripe-framework/commit/15aaf9db9fe1679cf8b01b74fce3eee841278495) Fix a code style typo (Serge Latyntcev) + * 2018-11-08 [4b4fbabed](https://github.com/silverstripe/silverstripe-framework/commit/4b4fbabed5d70bf577e4b0d6fdbc9dab9da80451) TreeMultiselectField passes value 'unchanged' as null to ORM for 'ID' column key (Serge Latyntcev) + * 2018-10-15 [6de0fa0](https://github.com/silverstripe/silverstripe-versioned/commit/6de0fa087fe581b69a5978db82058490c44923b4) Fix codesniffer runs in Travis (Robbie Averill) + * 2018-10-06 [c498aa03](https://github.com/silverstripe/silverstripe-cms/commit/c498aa03379ca883803dda853e64c411ed7454dc) Fixing wrong Live-Preview-Link in SilverStripeNavigatorItem_LiveLink (fixes #865). (Stephan Bauer) + * 2018-09-13 [7189653b](https://github.com/silverstripe/silverstripe-cms/commit/7189653b1f9a744b9ee2393a8ef3fb8597c89b1b) SiteTree Title field should have rounded corners before Update URL button is shown (Robbie Averill) + * 2018-07-27 [bc70b877](https://github.com/silverstripe/silverstripe-reports/commit/bc70b87721c8278111e39e0af69db1052af7333f) Apply missing class to report header. (Maxime Rainville) + * 2018-07-01 [bc8bb13](https://github.com/silverstripe/silverstripe-campaign-admin/commit/bc8bb13c93c75e718872315a60f0eb8213bd8e69) Button outline secondary class is now correct in disabled "Publish campaign" button (Robbie Averill) From 22314de559ce3d70b5769109eec47676f3441ba1 Mon Sep 17 00:00:00 2001 From: Damian Mooyman Date: Thu, 13 Dec 2018 15:50:50 +1300 Subject: [PATCH 10/16] DOCS Update security release docs / satis instructions (#7681) * DOCS Update security release docs / satis instructions * Update based on testing --- .../05_Making_A_SilverStripe_Core_Release.md | 161 ++++++++++++++---- 1 file changed, 127 insertions(+), 34 deletions(-) diff --git a/docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md b/docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md index 9dd42c2c1..31c85a71b 100644 --- a/docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md +++ b/docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md @@ -1,5 +1,5 @@ title: Making a SilverStripe core release -summary: Development guide for core contributors to build and publish a new release +summary: Development guide for core contributors to build and publish a new release # Making a SilverStripe core release @@ -12,7 +12,7 @@ The artifacts for this process are typically: * A downloadable tar / zip on silverstripe.org * A published announcement * A new composer installable stable tag for silverstripe/installer - + While this document is not normally applicable to normal silverstripe contributors, it is still useful to have it available in a public location so that these users are aware of these processes. @@ -29,7 +29,10 @@ As a core contributor it is necessary to have installed the following set of too be installed in a global location via the below command. Please see the installation docs on the cow repo for more setup details. `composer global require silverstripe/cow dev-master` -* [transifex client](http://docs.transifex.com/client/). +* [satis repository tool](https://github.com/composer/satis). This should be installed + globally for minimum maintenance. + `composer global require composer/satis ^1@dev` (or `^1@alpha` for php 5) +* [transifex client](http://docs.transifex.com/client/). `pip install transifex-client` If you're on OSX 10.10+, the standard Python installer is locked down. Use `brew install python; sudo easy_install pip` instead @@ -94,7 +97,7 @@ When doing a security release, typically one or more (or sometimes all) of the b steps will need to be performed manually. As such, this guide should not be followed exactly the same for these. -Standard practice is to produce a pre-release for any patched modules on the security +Standard practice is to produce a pre-release for any patched modules on the security forks for cms and framework (see [silverstripe-security](https://github.com/silverstripe-security)).
@@ -118,14 +121,18 @@ Producing a security fix follows this general process: release date of the final stable is not known, then it's ok to give an estimated release schedule. * Push the current upstream target branches (e.g. 3.2) to the corresponding security fork - to a new branch named for the target release (e.g. 3.2.4). Security fixes should be - applied to this branch only. Once a fix (or fixes) have been applied to this branch, then - a tag can be applied, and a private release can then be developed in order - to test this release. + to the equivalent branch on [silverstripe-security](https://github.com/silverstripe-security). + Security fixes should be applied to the branch on this private repository only. + Once a fix (or fixes) have been applied to this branch, then a tag can be applied, + and a private release can then be developed in order to test this release. +* Once upstream branches are all pushed to the security forks, make sure to merge all + security fixes into those branches prior to running cow. +* Setup a temporary [satis](https://github.com/composer/satis) repository which points to all relevant repositories + containing security fixes. See below for setting up a temporary satis repository. * Once release testing is completed and the release is ready for stabilisation, then these fixes can then be pushed to the upstream module fork, and the release completed as per normal. Make sure to publish any draft security pages at the same time as the release is published (same day). -* After the final release has been published, close related JIRA issues +* After the final release has been published, close related JIRA issues at [open source security jira](https://silverstripe.atlassian.net/secure/RapidBoard.jspa?rapidView=198&view=detail)
@@ -134,9 +141,62 @@ a public stable, not an RC or dev-branch. Security warnings that do not require can be published as soon as a workaround or usable resolution exists.
+### Setting up satis for hosting private security releases + +When installing a project from protected repositories, it's necessary prior to creating your project +to override the public repository URLs with the private repositories containing undisclosed fixes. For +this we use [satis](https://github.com/composer/satis). + +To setup a Satis project for a release: + +* Ensure Satis is installed globally: `composer global require composer/satis ^1@dev` (or `^1@alpha` if you + are running php 5) +* `cd ~/Sites/` (or whereever your web-root is located) +* `mkdir satis-security && cd satis-security` (or some directory specific to your release) +* Create a config file (e.g. config.json) of the given format (add only those repositories necessary). + +Note: +- The homepage path should match the eventual location of the package content +- You should add the root repository (silverstripe/installer) to ensure + `create-project` works (even if not a private security fork). +- You should add some package version constraints to prevent having to parse + all legacy tags and all branches. + +```json +{ + "name": "SilverStripe Security Repository", + "homepage": "http://localhost/satis-security/public", + "repositories": { + "installer": { + "type": "vcs", + "url": "https://github.com/silverstripe/silverstripe-installer.git" + }, + "framework": { + "type": "vcs", + "url": "https://github.com/silverstripe-security/silverstripe-framework.git" + } + }, + "require": { + "silverstripe/installer": "^3.5 || ^4", + "silverstripe/framework": "^3.5 || ^4" + }, + "require-all": true +} +``` + +* Build the repository: + `satis build config.json ./public` +* Test you can view the satis home page at `http://localhost/satis-security/public/` +* When performing the release ensure you use `--repository=http://localhost/satis-security/public` (below) + +
+It's important that you re-run `satis build` step after EVERY change that is pushed upstream; E.g. between +each release, if making multiple releases. +
+ ## Standard release process -The release process, at a high level, involves creating a release, publishing it, and +The release process, at a high level, involves creating a release, publishing it, and reviewing the need for either another pre-release or a final stable tag within a short period (normally within 3-5 business days). @@ -157,9 +217,9 @@ cross-posted to other relevant channels such as Twitter and Facebook. Sending an email to [marketing@silverstripe.com](mailto:marketing@silverstripe.com) with an overview of the release and a rough release timeline. -Check all tickets ([framework](https://github.com/silverstripe/silverstripe-framework/milestones), -[cms](https://github.com/silverstripe/silverstripe-cms/milestones), -[installer](https://github.com/silverstripe/silverstripe-installer/milestones)) assigned to that milestone are +Check all tickets ([framework](https://github.com/silverstripe/silverstripe-framework/milestones), +[cms](https://github.com/silverstripe/silverstripe-cms/milestones), +[installer](https://github.com/silverstripe/silverstripe-installer/milestones)) assigned to that milestone are either closed or reassigned to another milestone. Merge up from other older supported release branches (e.g. merge `3.1`->`3.2`, `3.2`->`3.3`, `3.3`->`3`, `3`->`master`). @@ -170,13 +230,29 @@ any mistakes migrating their way into the public sphere). Invoked by running `cow release` in the format as below: -``` -cow release -vvv -``` +`cow release -vvv` -This command has the following parameters: +E.g. -* `` The version that is to be released. E.g. 3.2.4 or 4.0.0-alpha4 +`cow release 4.0.1 -vvv` + +* `` is mandatory and must be the exact tag name to release including rc/alpha/beta if applicable. + +This command has these options (note that --repository option is critical for security releases): + +* `-vvv` to ensure all underlying commands are echoed +* `--directory ` to specify the folder to create or look for this project in. If you don't specify this, +it will install to the path specified by `./release-` in the current directory. +* `--repository ` will allow a custom composer package url to be specified. E.g. `http://packages.cwp.govt.nz` + See the above section "Setting up satis for hosting private security releases" on how to prepare a custom + repository for a security release. +* `--branching ` will specify a branching strategy. This allows these options: + * `auto` - Default option, will branch to the minor version (e.g. 1.1) unless doing a non-stable tag (e.g. rc1) + * `major` - Branch all repos to the major version (e.g. 1) unless already on a more-specific minor version. + * `minor` - Branch all repos to the minor semver branch (e.g. 1.1) + * `none` - Release from the current branch and do no branching. +* `--skip-tests` to skip tests +* `--skip-i18n` to skip updating localisations This can take between 5-15 minutes, and will invoke the following steps, each of which can also be run in isolation (in case the process stalls @@ -189,14 +265,16 @@ and needs to be manually advanced): know to install dev-master, and installing 3.3.0 will install from 3.x-dev. If installing pre-release versions for stabilisation, it will use the correct temporary release branch. -* `release:branch` If release:create installed from a non-rc branch, it will - create the new temporary release branch (via `--branch-auto`). You can also customise this branch - with `--branch=`, but it's best to use the standard. +* `release:plan` The release plan will be auto-generated, and presented on the screen + for the user to modify or confirm. At this stage you can also modify the branching + behaviour to be performed in the next step. +* `release:branch` This will branch all released modules to the correct branch, if necessary. + E.g. branching 3.7 from 3 branch in order to create the new minor version. * `release:translate` All upstream transifex strings will be pulled into the - local master strings, and then the [i18nTextCollector](api:SilverStripe\i18n\TextCollection\i18nTextCollector) task will be invoked - and will merge these strings together, before pushing all new master strings - back up to transifex to make them available for translation. Changes to these - files will also be automatically committed to git. + local master strings, and then the [i18nTextCollector](api:SilverStripe\i18n\TextCollection\i18nTextCollector) + task will be invoked and will merge these strings together, before pushing all + new master strings back up to transifex to make them available for translation. + Changes to these files will also be automatically committed to git. * `release:test` Will run all unit tests on this release. Make sure that you setup your `.env` correctly (as above) so that this will work. * `release:changelog` Will compare the current branch head with `--from` parameter @@ -242,9 +320,24 @@ building an archive, and uploading to Invoked by running `cow release:publish` in the format as below: -``` -cow release:publish -vvv -``` +`cow release:publish -vvv` + +E.g. + +`cow release:publish 4.0.1` + +This command has these options: + +* `-vvv` to ensure all underlying commands are echoed +* `--directory ` to specify the folder to look for the project created in the prior step. As with + above, it will be guessed if omitted. You can run this command in the `./release-` directory and + omit this option. +* `--aws-profile ` to specify the AWS profile name for uploading releases to s3. Check with + damian@silverstripe.com if you don't have an AWS key setup. +* `--skip-archive-upload` to disable both "archive" and "upload". This is useful if doing a private release and + you don't want to upload this file to AWS. +* `--skip-upload` to disable the "upload" command (but not archive) + As with the `cow release` command, this step is broken down into the following subtasks which are invoked in sequence: @@ -257,7 +350,7 @@ subtasks which are invoked in sequence: If the tags generated in the prior step are not yet available on packagist (which can take a few minutes at times) then this task will cycle through a retry-cycle, which will re-attempt the archive creation periodically until these tags are available. -* `release:upload` This will invoke the AWS CLI command to upload these archives to the +* `release:upload` This will invoke the AWS CLI command to upload these archives to the s3 bucket `silverstripe-ssorg-releases`. If you have setup your AWS profile for silverstripe releases under a non-default name, you can specify this profile on the command line with the `--aws-profile=` command. @@ -271,9 +364,9 @@ aren't strictly able to be automated: source branch (e.g. merge 3.2.4 into 3.2), or sometimes create new branches if releasing a new minor version, and bumping up the branch-alias in composer.json. E.g. branching 3.3 from 3, and aliasing 3 as 3.4.x-dev. You can then delete - the temporary release branches. This will need to be done before updating the + the temporary release branches. This will need to be done before updating the release documentation in stage 3. -* Merging up the changes in this release to newer branches, following the +* Merging up the changes in this release to newer branches, following the SemVer pattern (e.g. 3.2.4 > 3.2 > 3.3 > 3 > master). The more often this is done the easier it is, but this can sometimes be left for when you have more free time. Branches not receiving regular stable versions anymore (e.g. @@ -282,7 +375,7 @@ aren't strictly able to be automated: minor versions. It may be necessary to re-assign any issues assigned to the prior milestones to these new ones. * Make sure that the [releases page](https://github.com/silverstripe/silverstripe-installer/releases) - on github shows the new tag. + on github shows the new tag. *Updating non-patch versions* @@ -329,7 +422,7 @@ Running either of these tasks may time out when requested, but will continue to only the search index rebuild takes a long period of time. Note that markdown is automatically updated daily, and this should only be done if an immediate refresh is necessary. - + ### Stage 3: Let the world know Once a release has been published there are a few places where user documentation @@ -337,7 +430,7 @@ will need to be regularly updated. * Make sure that the [download page](http://www.silverstripe.org/download) on silverstripe.org has the release available. If it's a stable, it will appear - at the top of the page. If it's a pre-release, it will be available under the + at the top of the page. If it's a pre-release, it will be available under the [development builds](http://www.silverstripe.org/download#download-releases) section. If it's not available, you might need to check that the release was properly uploaded to aws s3, or that you aren't viewing a cached version of From 1644765a9f6aaf5187c97c2ea8172de75a91298f Mon Sep 17 00:00:00 2001 From: Daniel Hensby Date: Thu, 13 Dec 2018 03:49:12 +0000 Subject: [PATCH 11/16] Rebase against satis changes (#8298) --- .../05_Making_A_SilverStripe_Core_Release.md | 48 ++++++++----------- 1 file changed, 21 insertions(+), 27 deletions(-) diff --git a/docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md b/docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md index 31c85a71b..0ebc76154 100644 --- a/docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md +++ b/docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md @@ -28,10 +28,10 @@ As a core contributor it is necessary to have installed the following set of too * [cow release tool](https://github.com/silverstripe/cow#install). This should typically be installed in a global location via the below command. Please see the installation docs on the cow repo for more setup details. - `composer global require silverstripe/cow dev-master` + `composer global require silverstripe/cow ^2` * [satis repository tool](https://github.com/composer/satis). This should be installed globally for minimum maintenance. - `composer global require composer/satis ^1@dev` (or `^1@alpha` for php 5) + `composer global require composer/satis ^1` * [transifex client](http://docs.transifex.com/client/). `pip install transifex-client` If you're on OSX 10.10+, the standard Python installer is locked down. @@ -149,9 +149,8 @@ this we use [satis](https://github.com/composer/satis). To setup a Satis project for a release: -* Ensure Satis is installed globally: `composer global require composer/satis ^1@dev` (or `^1@alpha` if you - are running php 5) -* `cd ~/Sites/` (or whereever your web-root is located) +* Ensure Satis is installed globally: `composer global require composer/satis ^1` +* `cd ~/Sites/` (or wherever your web-root is located) * `mkdir satis-security && cd satis-security` (or some directory specific to your release) * Create a config file (e.g. config.json) of the given format (add only those repositories necessary). @@ -200,11 +199,6 @@ The release process, at a high level, involves creating a release, publishing it reviewing the need for either another pre-release or a final stable tag within a short period (normally within 3-5 business days). -During the pre-release cycle a temporary branch is created, and should only receive -absolutely critical fixes during the cycle. Any changes to this branch should -result in the requirement for a new release, thus a higher level of scrutiny is typically -placed on any pull request to these branches. - When creating a new pre-release or stable, the following process is broken down into two main sets of commands: @@ -222,7 +216,7 @@ Check all tickets ([framework](https://github.com/silverstripe/silverstripe-fram [installer](https://github.com/silverstripe/silverstripe-installer/milestones)) assigned to that milestone are either closed or reassigned to another milestone. -Merge up from other older supported release branches (e.g. merge `3.1`->`3.2`, `3.2`->`3.3`, `3.3`->`3`, `3`->`master`). +Merge up from other older supported release branches (e.g. merge `4.0`->`4.1`, `4.1`->`4.2`, `4.2`->`4`, `4`->`master`). This is the part of the release that prepares and tests everything locally, but doe not make any upstream changes (so it's safe to run without worrying about @@ -230,13 +224,14 @@ any mistakes migrating their way into the public sphere). Invoked by running `cow release` in the format as below: -`cow release -vvv` +`cow release [recipe] -vvv` E.g. `cow release 4.0.1 -vvv` -* `` is mandatory and must be the exact tag name to release including rc/alpha/beta if applicable. +* `` The version that is to be released. E.g. `4.1.4` or `4.3.0-rc1` +* `` `Optional: the recipe that is being released (default: "silverstripe/installer") This command has these options (note that --repository option is critical for security releases): @@ -265,11 +260,12 @@ and needs to be manually advanced): know to install dev-master, and installing 3.3.0 will install from 3.x-dev. If installing pre-release versions for stabilisation, it will use the correct temporary release branch. -* `release:plan` The release plan will be auto-generated, and presented on the screen - for the user to modify or confirm. At this stage you can also modify the branching - behaviour to be performed in the next step. -* `release:branch` This will branch all released modules to the correct branch, if necessary. - E.g. branching 3.7 from 3 branch in order to create the new minor version. +* `release:plan` The release planning will take place, this reads the various dependencies of the recipe being released + and determines what new versions of those dependencies need to be tagged to create the final release. The conclusion + of the planning step is output to the screen and requires user confirmation. +* `release:branch` If release:create installed from a non-rc branch, it will + create the new temporary release branch (via `--branch-auto`). You can also customise this branch + with `--branch=`, but it's best to use the standard. * `release:translate` All upstream transifex strings will be pulled into the local master strings, and then the [i18nTextCollector](api:SilverStripe\i18n\TextCollection\i18nTextCollector) task will be invoked and will merge these strings together, before pushing all @@ -298,9 +294,7 @@ for the various modules (e.g. [framework](https://travis-ci.org/silverstripe/sil and [cms](https://travis-ci.org/silverstripe/silverstripe-cms)). It's also ideal to eyeball the git changes generated by the release tool, making sure -that no translation strings were unintentionally lost, no malicious changes were -introduced in the (community contributed) translations, and that the changelog -was generated correctly. +that no translation strings were unintentionally lost, and that the changelog was generated correctly. In particular, double check that all necessary information is included in the release notes, including: @@ -320,11 +314,11 @@ building an archive, and uploading to Invoked by running `cow release:publish` in the format as below: -`cow release:publish -vvv` +`cow release:publish [] -vvv` E.g. -`cow release:publish 4.0.1` +`cow release:publish 4.0.1 silverstripe/installer` This command has these options: @@ -341,8 +335,8 @@ This command has these options: As with the `cow release` command, this step is broken down into the following subtasks which are invoked in sequence: -* `release:tag` Each module will have the appropriate tag applied (except the theme). -* `release:push` The temporary release branches and all tags are pushed up to origin on github. +* `release:tag` Each module will have the appropriate tag applied (except the theme). All tags are pushed up to origin + on github. * `release:archive` This will generate a new tar.gz and zip archive, each for cms and framework-only installations. These will be copied to the root folder of the release directory, although the actual build will be created in temporary @@ -359,7 +353,7 @@ subtasks which are invoked in sequence: Once all of these commands have completed there are a couple of final tasks left that aren't strictly able to be automated: -* If this is a stable release, it will be necessary to perform a post-release merge +* It will be necessary to perform a post-release merge on open source. This normally will require you to merge the temporary release branch into the source branch (e.g. merge 3.2.4 into 3.2), or sometimes create new branches if releasing a new minor version, and bumping up the branch-alias in composer.json. @@ -370,7 +364,7 @@ aren't strictly able to be automated: SemVer pattern (e.g. 3.2.4 > 3.2 > 3.3 > 3 > master). The more often this is done the easier it is, but this can sometimes be left for when you have more free time. Branches not receiving regular stable versions anymore (e.g. - 3.0 or 3.1) should usually be omitted. + 3.0 or 3.1) can be omitted. * Set the github milestones to completed, and create placeholders for the next minor versions. It may be necessary to re-assign any issues assigned to the prior milestones to these new ones. From 2deb8f4176193486356fbda9061c6c62463d76fe Mon Sep 17 00:00:00 2001 From: Simon Gow Date: Tue, 27 Nov 2018 16:40:15 +1300 Subject: [PATCH 12/16] Resolve Duplicate Headers Ensure only a single Set-Cookie header is returned from Session once we have data to save. Include backwards compatibility for PHP56 --- src/Control/Session.php | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/src/Control/Session.php b/src/Control/Session.php index 917fea78c..7f00c7bd4 100644 --- a/src/Control/Session.php +++ b/src/Control/Session.php @@ -300,6 +300,7 @@ class Session // If the session cookie is already set, then the session can be read even if headers_sent() = true // This helps with edge-case such as debugging. + $data = []; if (!session_id() && (!headers_sent() || !empty($_COOKIE[ini_get('session.name')]))) { if (!headers_sent()) { session_set_cookie_params($timeout, $path, $domain ?: null, $secure, true); @@ -319,36 +320,38 @@ class Session session_save_path($session_path); } - // If we want a secure cookie for HTTPS, use a seperate session name. This lets us have a - // seperate (less secure) session for non-HTTPS requests. Note that if this causes problems + // If we want a secure cookie for HTTPS, use a separate session name. This lets us have a + // separate (less secure) session for non-HTTPS requests // if headers_sent() is true then it's best to throw the resulting error rather than risk // a security hole. if ($secure) { session_name($this->config()->get('cookie_name_secure')); } - session_start(); + $sessionParameters = [ + "cookie_path" => $path, + "cookie_domain" => $domain ?: "", + "cookie_secure" => $secure, + "cookie_httponly" => true + ]; + + if ($timeout) { + $sessionParameters["cookie_lifetime"] = $timeout; + } + + session_start($sessionParameters); if (isset($_SESSION)) { // Initialise data from session store if present $data = $_SESSION; + // Merge in existing in-memory data, taking priority over session store data $this->recursivelyApply((array)$this->data, $data); - } else { - // Use in-memory data if the session is lazy started - $data = $this->data; } - $this->data = $data ?: []; - } else { - $this->data = []; } - // Modify the timeout behaviour so it's the *inactive* time before the session expires. - // By default it's the total session lifetime - if ($timeout && !headers_sent()) { - Cookie::set(session_name(), session_id(), $timeout/86400, $path, $domain ? $domain - : null, $secure, true); - } + // Save any modified session data back to the session store if present, otherwise initialise it to an array. + $this->data = $data; $this->started = true; } From 4eb6669c08aa096fc46679d80a3d4424bf93f06e Mon Sep 17 00:00:00 2001 From: Simon Gow Date: Mon, 3 Dec 2018 10:08:50 +1300 Subject: [PATCH 13/16] #8543 Resolve Duplicate Headers Put cookie_lifetime back into the session parameters. --- src/Control/Session.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/Control/Session.php b/src/Control/Session.php index 7f00c7bd4..cd543109c 100644 --- a/src/Control/Session.php +++ b/src/Control/Session.php @@ -331,14 +331,11 @@ class Session $sessionParameters = [ "cookie_path" => $path, "cookie_domain" => $domain ?: "", + "cookie_lifetime" => $timeout ?: 0, "cookie_secure" => $secure, "cookie_httponly" => true ]; - if ($timeout) { - $sessionParameters["cookie_lifetime"] = $timeout; - } - session_start($sessionParameters); if (isset($_SESSION)) { From 1edfa4d956925dc02590a1eec404181ac4b6eef9 Mon Sep 17 00:00:00 2001 From: Simon Gow Date: Mon, 3 Dec 2018 12:28:21 +1300 Subject: [PATCH 14/16] #8543 Resolve Duplicate Headers - Replace session name lookup with function to also check secure cookies - Added timeout which defaults to 0 (same as PHP) - Removed php7 style of session_start from PR - moved session_start into headers sent block to prevent warnings. --- src/Control/Session.php | 44 +++++++++++++++++------------------------ 1 file changed, 18 insertions(+), 26 deletions(-) diff --git a/src/Control/Session.php b/src/Control/Session.php index cd543109c..5b8f25c28 100644 --- a/src/Control/Session.php +++ b/src/Control/Session.php @@ -301,43 +301,35 @@ class Session // If the session cookie is already set, then the session can be read even if headers_sent() = true // This helps with edge-case such as debugging. $data = []; - if (!session_id() && (!headers_sent() || !empty($_COOKIE[ini_get('session.name')]))) { + if (!session_id() && (!headers_sent() || $this->requestContainsSessionId($request))) { if (!headers_sent()) { - session_set_cookie_params($timeout, $path, $domain ?: null, $secure, true); + session_set_cookie_params($timeout ?: 0, $path, $domain ?: null, $secure, true); $limiter = $this->config()->get('sessionCacheLimiter'); if (isset($limiter)) { session_cache_limiter($limiter); } - // If headers are sent then we can't have a session_cache_limiter otherwise we'll get a warning + // Allow storing the session in a non standard location + if ($session_path) { + session_save_path($session_path); + } + + // If we want a secure cookie for HTTPS, use a separate session name. This lets us have a + // separate (less secure) session for non-HTTPS requests + // if headers_sent() is true then it's best to throw the resulting error rather than risk + // a security hole. + if ($secure) { + session_name($this->config()->get('cookie_name_secure')); + } + + session_start(); + } else { + // If headers are sent then we can't have a session_cache_limiter otherwise we'll get a warning session_cache_limiter(null); } - // Allow storing the session in a non standard location - if ($session_path) { - session_save_path($session_path); - } - - // If we want a secure cookie for HTTPS, use a separate session name. This lets us have a - // separate (less secure) session for non-HTTPS requests - // if headers_sent() is true then it's best to throw the resulting error rather than risk - // a security hole. - if ($secure) { - session_name($this->config()->get('cookie_name_secure')); - } - - $sessionParameters = [ - "cookie_path" => $path, - "cookie_domain" => $domain ?: "", - "cookie_lifetime" => $timeout ?: 0, - "cookie_secure" => $secure, - "cookie_httponly" => true - ]; - - session_start($sessionParameters); - if (isset($_SESSION)) { // Initialise data from session store if present $data = $_SESSION; From d01585cc98cd84bf45c0a9ac0dc24422d114077f Mon Sep 17 00:00:00 2001 From: Simon Gow Date: Fri, 7 Dec 2018 14:45:41 +1300 Subject: [PATCH 15/16] #8543 Resolve Duplicate Headers - fix linting --- src/Control/Session.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/Control/Session.php b/src/Control/Session.php index 5b8f25c28..e2591d2c5 100644 --- a/src/Control/Session.php +++ b/src/Control/Session.php @@ -324,7 +324,6 @@ class Session } session_start(); - } else { // If headers are sent then we can't have a session_cache_limiter otherwise we'll get a warning session_cache_limiter(null); @@ -430,7 +429,7 @@ class Session } $var[] = $val; - $diffVar[sizeof($var)-1] = $val; + $diffVar[sizeof($var) - 1] = $val; } /** From 4adac7d591b9f5ac3e3879b15aeffb9cdec30c4a Mon Sep 17 00:00:00 2001 From: Robbie Averill Date: Tue, 8 Jan 2019 10:47:41 +0100 Subject: [PATCH 16/16] Update Travis to use PHP 7.3 stable --- .travis.yml | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/.travis.yml b/.travis.yml index 3150dc345..6ac472251 100644 --- a/.travis.yml +++ b/.travis.yml @@ -47,19 +47,11 @@ matrix: - DB=MYSQL - PHPUNIT_TEST=cms - - php: 7.3.0RC1 + - php: 7.3 env: - DB=MYSQL - PDO=1 - PHPUNIT_TEST=framework - sudo: required - dist: xenial - addons: - apt: - packages: - - libzip4 - services: - - mysql before_script: # Extra $PATH