From 805c38f107e7e332d2846407e0a89cade1d33ed1 Mon Sep 17 00:00:00 2001 From: Stevie Mayhew Date: Mon, 21 Mar 2016 11:30:38 +1300 Subject: [PATCH 1/5] BUGFIX: don't try and switch out of context of the tab system --- admin/javascript/LeftAndMain.js | 1 - 1 file changed, 1 deletion(-) diff --git a/admin/javascript/LeftAndMain.js b/admin/javascript/LeftAndMain.js index 43f9ef1c3..d607d3271 100644 --- a/admin/javascript/LeftAndMain.js +++ b/admin/javascript/LeftAndMain.js @@ -1331,7 +1331,6 @@ jQuery.noConflict(); } var container = this.closest('.cms-container'); - container.find('.cms-edit-form').tabs('select',0); //always switch to the first tab (list view) when searching container.loadPanel(url, "", {}, true); return false; From 2ad3cc07d583041e23a5dca0d53ffbdf8c9cd0d0 Mon Sep 17 00:00:00 2001 From: Daniel Hensby Date: Thu, 23 Nov 2017 20:28:25 +0000 Subject: [PATCH 2/5] FIX Update meber passwordencryption to default on password change --- security/Member.php | 3 +-- tests/security/MemberTest.php | 42 ++++++++++++++--------------------- 2 files changed, 18 insertions(+), 27 deletions(-) diff --git a/security/Member.php b/security/Member.php index 817c4b01a..39573a4b9 100644 --- a/security/Member.php +++ b/security/Member.php @@ -975,8 +975,7 @@ class Member extends DataObject implements TemplateGlobalProvider { $encryption_details = Security::encrypt_password( $this->Password, // this is assumed to be cleartext $this->Salt, - ($this->PasswordEncryption) ? - $this->PasswordEncryption : Security::config()->password_encryption_algorithm, + $this->isChanged('PasswordEncryption') ? $this->PasswordEncryption : null, $this ); diff --git a/tests/security/MemberTest.php b/tests/security/MemberTest.php index d1db139e5..342a2da71 100644 --- a/tests/security/MemberTest.php +++ b/tests/security/MemberTest.php @@ -45,7 +45,21 @@ class MemberTest extends FunctionalTest { parent::tearDown(); } - + public function testPasswordEncryptionUpdatedOnChangedPassword() + { + Config::inst()->update('Security', 'password_encryption_algorithm', 'none'); + $member = Member::create(); + $member->SetPassword = 'password'; + $member->write(); + $this->assertEquals('password', $member->Password); + $this->assertEquals('none', $member->PasswordEncryption); + Config::inst()->update('Security', 'password_encryption_algorithm', 'blowfish'); + $member->SetPassword = 'newpassword'; + $member->write(); + $this->assertNotEquals('password', $member->Password); + $this->assertNotEquals('newpassword', $member->Password); + $this->assertEquals('blowfish', $member->PasswordEncryption); + } /** * @expectedException ValidationException @@ -94,28 +108,6 @@ class MemberTest extends FunctionalTest { ); } - public function testDefaultPasswordEncryptionDoesntChangeExistingMembers() { - $member = new Member(); - $member->Password = 'mypassword'; - $member->PasswordEncryption = 'sha1_v2.4'; - $member->write(); - - $origAlgo = Security::config()->password_encryption_algorithm; - Security::config()->password_encryption_algorithm = 'none'; - - $member->Password = 'mynewpassword'; - $member->write(); - - $this->assertEquals( - $member->PasswordEncryption, - 'sha1_v2.4' - ); - $result = $member->checkPassword('mynewpassword'); - $this->assertTrue($result->valid()); - - Security::config()->password_encryption_algorithm = $origAlgo; - } - public function testKeepsEncryptionOnEmptyPasswords() { $member = new Member(); $member->Password = 'mypassword'; @@ -126,8 +118,8 @@ class MemberTest extends FunctionalTest { $member->write(); $this->assertEquals( - $member->PasswordEncryption, - 'sha1_v2.4' + Security::config()->get('password_encryption_algorithm'), + $member->PasswordEncryption ); $result = $member->checkPassword(''); $this->assertTrue($result->valid()); From 84d7afb3477885e9d69f2ac10838179efc1d3b91 Mon Sep 17 00:00:00 2001 From: Daniel Hensby Date: Thu, 30 Nov 2017 16:51:05 +0000 Subject: [PATCH 3/5] FIX Use baseDataClass for allVersions as with other methods --- model/Versioned.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/model/Versioned.php b/model/Versioned.php index 4dc191628..b49b00885 100644 --- a/model/Versioned.php +++ b/model/Versioned.php @@ -1050,7 +1050,7 @@ class Versioned extends DataExtension implements TemplateGlobalProvider { $oldMode = self::get_reading_mode(); self::reading_stage('Stage'); - $list = DataObject::get(get_class($this->owner), $filter, $sort, $join, $limit); + $list = DataObject::get(ClassInfo::baseDataClass($this->owner), $filter, $sort, $join, $limit); if($having) $having = $list->having($having); $query = $list->dataQuery()->query(); From 2aa1d8f2c495f47b3439d3c2d9f96a1e7f089113 Mon Sep 17 00:00:00 2001 From: Daniel Hensby Date: Thu, 30 Nov 2017 18:08:48 +0000 Subject: [PATCH 4/5] remove create_function usage --- admin/tests/LeftAndMainTest.php | 4 +++- api/RestfulService.php | 4 +++- core/Object.php | 4 +++- dev/install/install.php5 | 4 +++- forms/Form.php | 4 +++- forms/ListboxField.php | 4 +++- model/fieldtypes/HTMLText.php | 4 +++- tests/forms/uploadfield/UploadFieldTest.php | 8 ++++++-- .../Adapter/thirdparty/sfYaml/lib/sfYamlInline.php | 2 +- 9 files changed, 28 insertions(+), 10 deletions(-) diff --git a/admin/tests/LeftAndMainTest.php b/admin/tests/LeftAndMainTest.php index 750f40856..63bfbc8a9 100644 --- a/admin/tests/LeftAndMainTest.php +++ b/admin/tests/LeftAndMainTest.php @@ -173,7 +173,9 @@ class LeftAndMainTest extends FunctionalTest { $adminuser = $this->objFromFixture('Member', 'admin'); $securityonlyuser = $this->objFromFixture('Member', 'securityonlyuser'); $allcmssectionsuser = $this->objFromFixture('Member', 'allcmssectionsuser'); - $allValsFn = create_function('$obj', 'return $obj->getValue();'); + $allValsFn = function($obj) { + return $obj->getValue(); + }; // anonymous user $this->session()->inst_set('loggedInAs', null); diff --git a/api/RestfulService.php b/api/RestfulService.php index 517459976..38797ce44 100644 --- a/api/RestfulService.php +++ b/api/RestfulService.php @@ -373,7 +373,9 @@ class RestfulService extends ViewableData implements Flushable { if( preg_match('/([^:]+): (.+)/m', $field, $match) ) { $match[1] = preg_replace_callback( '/(?<=^|[\x09\x20\x2D])./', - create_function('$matches', 'return strtoupper($matches[0]);'), + function($matches) { + return strtoupper($matches[0]); + }, trim($match[1]) ); if( isset($headers[$match[1]]) ) { diff --git a/core/Object.php b/core/Object.php index ce0464377..98691d10f 100755 --- a/core/Object.php +++ b/core/Object.php @@ -948,7 +948,9 @@ abstract class Object { */ protected function createMethod($method, $code) { self::$extra_methods[get_class($this)][strtolower($method)] = array ( - 'function' => create_function('$obj, $args', $code) + 'function' => function($obj, $args) use ($code) { + eval($code); + } ); } diff --git a/dev/install/install.php5 b/dev/install/install.php5 index 5df46ffbc..9bcf6ac11 100755 --- a/dev/install/install.php5 +++ b/dev/install/install.php5 @@ -1307,7 +1307,9 @@ class Installer extends InstallRequirements { $locale = isset($_POST['locale']) ? addcslashes($_POST['locale'], "\'") : 'en_US'; $type = addcslashes($config['db']['type'], "\'"); $dbConfig = $config['db'][$type]; - $dbConfig = array_map(create_function('$v', 'return addcslashes($v, "\\\'");'), $dbConfig); + $dbConfig = array_map(function($v) { + return addcslashes($v, "\\'"); + }, $dbConfig); if(!isset($dbConfig['path'])) $dbConfig['path'] = ''; if(!$dbConfig) { echo "

Bad config submitted

";
diff --git a/forms/Form.php b/forms/Form.php
index eee8f1b86..096e1a723 100644
--- a/forms/Form.php
+++ b/forms/Form.php
@@ -859,7 +859,9 @@ class Form extends RequestHandler {
 		$attrs = $this->getAttributes();
 
 		// Remove empty
-		$attrs = array_filter((array)$attrs, create_function('$v', 'return ($v || $v === 0);'));
+		$attrs = array_filter((array)$attrs, function($v) {
+		    return ($v || $v === 0);
+        });
 
 		// Remove excluded
 		if($exclude) $attrs = array_diff_key($attrs, array_flip($exclude));
diff --git a/forms/ListboxField.php b/forms/ListboxField.php
index bdc402b5f..335af9737 100644
--- a/forms/ListboxField.php
+++ b/forms/ListboxField.php
@@ -136,7 +136,9 @@ class ListboxField extends DropdownField {
 	public function setSource($source) {
 		if($source) {
 			$hasCommas = array_filter(array_keys($source),
-				create_function('$key', 'return strpos($key, ",") !== FALSE;'));
+			function($key) {
+			    return strpos($key, ",") !== FALSE;
+			});
 			if($hasCommas) {
 				throw new InvalidArgumentException('No commas allowed in $source keys');
 			}
diff --git a/model/fieldtypes/HTMLText.php b/model/fieldtypes/HTMLText.php
index db1bad2f8..e0c351089 100644
--- a/model/fieldtypes/HTMLText.php
+++ b/model/fieldtypes/HTMLText.php
@@ -118,7 +118,9 @@ class HTMLText extends Text {
 			$doc = new DOMDocument();
 
 			// Catch warnings thrown by loadHTML and turn them into a failure boolean rather than a SilverStripe error
-			set_error_handler(create_function('$no, $str', 'throw new Exception("HTML Parse Error: ".$str);'), E_ALL);
+			set_error_handler(function($no, $str) {
+                throw new Exception("HTML Parse Error: " . $str);
+            }, E_ALL);
 			//  Nonbreaking spaces get converted into weird characters, so strip them
 			$value = str_replace(' ', ' ', $this->RAW());
 			try {
diff --git a/tests/forms/uploadfield/UploadFieldTest.php b/tests/forms/uploadfield/UploadFieldTest.php
index 6382574c4..a4eaf9d57 100644
--- a/tests/forms/uploadfield/UploadFieldTest.php
+++ b/tests/forms/uploadfield/UploadFieldTest.php
@@ -728,7 +728,9 @@ class UploadFieldTest extends FunctionalTest {
 		// A bit too much coupling with GridField, but a full template overload would make things too complex
 		$parser = new CSSContentParser($response->getBody());
 		$items = $parser->getBySelector('.ss-gridfield-item');
-		$itemIDs = array_map(create_function('$el', 'return (int)$el["data-id"];'), $items);
+		$itemIDs = array_map(function($el) {
+            return (int)$el["data-id"];
+        }, $items);
 		$this->assertContains($file4->ID, $itemIDs, 'Contains file in assigned folder');
 		$this->assertContains($fileSubfolder->ID, $itemIDs, 'Contains file in subfolder');
 	}
@@ -746,7 +748,9 @@ class UploadFieldTest extends FunctionalTest {
 		// A bit too much coupling with GridField, but a full template overload would make things too complex
 		$parser = new CSSContentParser($response->getBody());
 		$items = $parser->getBySelector('.ss-gridfield-item');
-		$itemIDs = array_map(create_function('$el', 'return (int)$el["data-id"];'), $items);
+		$itemIDs = array_map(function($el) {
+		    return (int)$el["data-id"];
+        }, $items);
 		$this->assertContains($file4->ID, $itemIDs, 'Contains file in assigned folder');
 		$this->assertNotContains($fileSubfolder->ID, $itemIDs, 'Does not contain file in subfolder');
 	}
diff --git a/thirdparty/zend_translate_railsyaml/library/Translate/Adapter/thirdparty/sfYaml/lib/sfYamlInline.php b/thirdparty/zend_translate_railsyaml/library/Translate/Adapter/thirdparty/sfYaml/lib/sfYamlInline.php
index a88cbb3d9..8dd7ac289 100644
--- a/thirdparty/zend_translate_railsyaml/library/Translate/Adapter/thirdparty/sfYaml/lib/sfYamlInline.php
+++ b/thirdparty/zend_translate_railsyaml/library/Translate/Adapter/thirdparty/sfYaml/lib/sfYamlInline.php
@@ -135,7 +135,7 @@ class sfYamlInline
     if (
       (1 == count($keys) && '0' == $keys[0])
       ||
-      (count($keys) > 1 && array_reduce($keys, create_function('$v,$w', 'return (integer) $v + $w;'), 0) == count($keys) * (count($keys) - 1) / 2))
+      (count($keys) > 1 && array_reduce($keys, function($v,$w) { return (integer) $v + $w;}, 0) == count($keys) * (count($keys) - 1) / 2))
     {
       $output = array();
       foreach ($value as $val)

From 8d1a5ed8b7b35336b21f440edea0a4a917d3fc4f Mon Sep 17 00:00:00 2001
From: Daniel Hensby 
Date: Tue, 5 Dec 2017 14:19:59 +0000
Subject: [PATCH 5/5] More code style fixes

---
 admin/code/CMSBatchActionHandler.php |  7 +++++--
 admin/code/CMSMenuItem.php           |  2 +-
 admin/code/LeftAndMain.php           | 12 +++++++++++-
 admin/code/SecurityAdmin.php         |  2 +-
 api/RestfulService.php               | 14 +++++++-------
 cli-script.php                       |  2 +-
 control/CookieJar.php                |  2 +-
 forms/ListboxField.php               |  2 +-
 8 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/admin/code/CMSBatchActionHandler.php b/admin/code/CMSBatchActionHandler.php
index d69a1f086..8237be9d4 100644
--- a/admin/code/CMSBatchActionHandler.php
+++ b/admin/code/CMSBatchActionHandler.php
@@ -23,10 +23,13 @@ class CMSBatchActionHandler extends RequestHandler {
 		'handleConfirmation',
 	);
 
+    /**
+     * @var Controller
+     */
 	protected $parentController;
 
 	/**
-	 * @var String
+	 * @var string
 	 */
 	protected $urlSegment;
 
@@ -38,7 +41,7 @@ class CMSBatchActionHandler extends RequestHandler {
 	protected $recordClass = 'SiteTree';
 
 	/**
-	 * @param string $parentController
+	 * @param Controller $parentController
 	 * @param string $urlSegment
 	 * @param string $recordClass
 	 */
diff --git a/admin/code/CMSMenuItem.php b/admin/code/CMSMenuItem.php
index b6efce7c3..1eb59a26d 100644
--- a/admin/code/CMSMenuItem.php
+++ b/admin/code/CMSMenuItem.php
@@ -41,7 +41,7 @@ class CMSMenuItem extends Object {
 	 * Attributes for the link. For instance, custom data attributes or standard
 	 * HTML anchor properties.
 	 *
-	 * @var string
+	 * @var array
 	 */
 	protected $attributes = array();
 
diff --git a/admin/code/LeftAndMain.php b/admin/code/LeftAndMain.php
index 03c077d06..d8915869d 100644
--- a/admin/code/LeftAndMain.php
+++ b/admin/code/LeftAndMain.php
@@ -398,7 +398,7 @@ class LeftAndMain extends Controller implements PermissionProvider {
 		Requirements::css(FRAMEWORK_DIR . '/css/GridField.css');
 
 		// Browser-specific requirements
-		$ie = isset($_SERVER['HTTP_USER_AGENT']) ? strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') : false;
+		$ie = isset($_SERVER['HTTP_USER_AGENT']) ? strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false : false;
 		if($ie) {
 			$version = substr($_SERVER['HTTP_USER_AGENT'], $ie + 5, 3);
 
@@ -1838,6 +1838,16 @@ class LeftAndMainMarkingFilter {
 	 */
 	protected $params = array();
 
+    /**
+     * @var array
+     */
+	public $ids = array();
+
+    /**
+     * @var array
+     */
+	public $expanded = array();
+
 	/**
 	 * @param array $params Request params (unsanitized)
 	 */
diff --git a/admin/code/SecurityAdmin.php b/admin/code/SecurityAdmin.php
index dd57b0c3b..ccdc42ef5 100755
--- a/admin/code/SecurityAdmin.php
+++ b/admin/code/SecurityAdmin.php
@@ -171,7 +171,7 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
 			$groupsTab->addExtraClass('ui-state-active');
 		} elseif($actionParam == 'users') {
 			$usersTab->addExtraClass('ui-state-active');
-		} elseif($actionParam == 'roles') {
+		} elseif($actionParam == 'roles' && isset($rolesTab)) {
 			$rolesTab->addExtraClass('ui-state-active');
 		}
 
diff --git a/api/RestfulService.php b/api/RestfulService.php
index 38797ce44..ee51b3aa5 100644
--- a/api/RestfulService.php
+++ b/api/RestfulService.php
@@ -420,7 +420,7 @@ class RestfulService extends ViewableData implements Flushable {
 		if($element)
 			$childElements = $xml->{$collection}->{$element};
 
-		if($childElements){
+		if(isset($childElements) && $childElements){
 			foreach($childElements as $child){
 				$data = array();
 				foreach($child->attributes() as $key => $value){
@@ -450,7 +450,7 @@ class RestfulService extends ViewableData implements Flushable {
 		if($element)
 			$childElements = $xml->{$collection}->{$element};
 
-		if($childElements)
+		if(isset($childElements[$attr]))
 			$attr_value = (string) $childElements[$attr];
 
 		return Convert::raw2xml($attr_value);
@@ -476,7 +476,7 @@ class RestfulService extends ViewableData implements Flushable {
 		if($element)
 			$childElements = $xml->{$collection}->{$element};
 
-		if($childElements){
+		if(isset($childElements) && $childElements){
 			foreach($childElements as $child){
 				$data = array();
 				$this->getRecurseValues($child,$data);
@@ -525,7 +525,7 @@ class RestfulService extends ViewableData implements Flushable {
 		if($element)
 			$childElements = $xml->{$collection}->{$element};
 
-		if($childElements)
+		if(isset($childElements) && $childElements)
 			return Convert::raw2xml($childElements);
 	}
 
@@ -575,7 +575,7 @@ class RestfulService_Response extends SS_HTTPResponse {
 	protected $simpleXML;
 
 	/**
-	 * @var boolean It should be populated with cached request
+	 * @var RestfulService_Response|false It should be populated with cached request
 	 * when a request referring to this response was unsuccessful
 	 */
 	protected $cachedResponse = false;
@@ -602,14 +602,14 @@ class RestfulService_Response extends SS_HTTPResponse {
 	 * get the cached response object. This allows you to access the cached
 	 * eaders, not just the cached body.
 	 *
-	 * @return RestfulSerivice_Response The cached response object
+	 * @return RestfulService_Response|false The cached response object
 	 */
 	public function getCachedResponse() {
 		return $this->cachedResponse;
 	}
 
 	/**
-	 * @return string
+	 * @return string|false
 	 */
 	public function getCachedBody() {
 		if ($this->cachedResponse) {
diff --git a/cli-script.php b/cli-script.php
index 48a87b38d..a25079c88 100755
--- a/cli-script.php
+++ b/cli-script.php
@@ -41,7 +41,7 @@ if(isset($_SERVER['argv'][2])) {
 	if(!isset($_GET)) $_GET = array();
 	if(!isset($_REQUEST)) $_REQUEST = array();
 	foreach($args as $arg) {
-		if(strpos($arg,'=') == false) {
+		if(strpos($arg,'=') === false) {
 			$_GET['args'][] = $arg;
 		} else {
 			$newItems = array();
diff --git a/control/CookieJar.php b/control/CookieJar.php
index 2b2a80c58..9f328f12e 100644
--- a/control/CookieJar.php
+++ b/control/CookieJar.php
@@ -144,7 +144,7 @@ class CookieJar implements Cookie_Backend {
 	 * @see http://uk3.php.net/manual/en/function.setcookie.php
 	 *
 	 * @param string $name The name of the cookie
-	 * @param string|array $value The value for the cookie to hold
+	 * @param string|array|false $value The value for the cookie to hold
 	 * @param int $expiry The number of days until expiry
 	 * @param string $path The path to save the cookie on (falls back to site base)
 	 * @param string $domain The domain to make the cookie available on
diff --git a/forms/ListboxField.php b/forms/ListboxField.php
index 335af9737..f88ec4933 100644
--- a/forms/ListboxField.php
+++ b/forms/ListboxField.php
@@ -139,7 +139,7 @@ class ListboxField extends DropdownField {
 			function($key) {
 			    return strpos($key, ",") !== FALSE;
 			});
-			if($hasCommas) {
+			if(!empty($hasCommas)) {
 				throw new InvalidArgumentException('No commas allowed in $source keys');
 			}
 		}