Merge pull request #4930 from SpiritLevel/3.1-docs

DOCS 3.1 - fixes broken internal links
This commit is contained in:
Damian Mooyman 2016-01-15 10:02:43 +13:00
commit bd0716d1ee
40 changed files with 110 additions and 113 deletions

View File

@ -7,7 +7,7 @@ It is also a bit harder to install additional PHP modules required by SilverStri
[MAMP](http://www.mamp.info/en/) is a simple way to get a complete webserver [MAMP](http://www.mamp.info/en/) is a simple way to get a complete webserver
environment going on your OSX machine, without removing or altering any system-level configuration. environment going on your OSX machine, without removing or altering any system-level configuration.
Check out the [MAC OSX with Homebrew](other_installation_options/Mac_OSX_Homebrew) Check out the [MAC OSX with Homebrew](/getting_started/installation/other_installation_options/Mac_OSX_Homebrew)
for an alternative, more configurable installation process. for an alternative, more configurable installation process.
## Requirements ## Requirements
@ -46,4 +46,4 @@ Finally, we're ready to install SilverStripe through composer:
After finishing, the installation wizard should be available at `http://localhost:8888/silverstripe`. After finishing, the installation wizard should be available at `http://localhost:8888/silverstripe`.
The MAMP default database credentials are user `root` and password `root`. The MAMP default database credentials are user `root` and password `root`.
We have a separate in-depth tutorial for [Composer Installation and Usage](composer). We have a separate in-depth tutorial for [Composer Installation and Usage](/getting_started/composer).

View File

@ -6,7 +6,7 @@ OSX comes bundled with PHP, but you're stuck with the version and modules it shi
If you run projects on different PHP versions, or care about additional PHP module support If you run projects on different PHP versions, or care about additional PHP module support
and other dependencies such as MariaDB, we recommend an installation through [Homebrew](http://brew.sh/). and other dependencies such as MariaDB, we recommend an installation through [Homebrew](http://brew.sh/).
Check out the [MAC OSX with MAMP](../Mac_OSX) for an alternative installation process Check out the [MAC OSX with MAMP](/getting_started/installation/mac_osx) for an alternative installation process
which packages up the whole environment into a convenient application. which packages up the whole environment into a convenient application.
## Requirements ## Requirements
@ -115,4 +115,4 @@ Finally, we're ready to install SilverStripe through composer:
After finishing, the installation wizard should be available at `http://localhost/silverstripe`. After finishing, the installation wizard should be available at `http://localhost/silverstripe`.
The Homebrew MariaDB default database credentials are user `root` and password `root`. The Homebrew MariaDB default database credentials are user `root` and password `root`.
We have a separate in-depth tutorial for [Composer Installation and Usage](composer). We have a separate in-depth tutorial for [Composer Installation and Usage](getting_started/composer).

View File

@ -51,7 +51,7 @@ IIS 7.x comes with Windows. However, it needs to be installed. Follow these step
**NOTE**: These instructions are slightly different for Windows Vista and Windows 7. Instead of a Server Manager popup, you'll just get a list of features to enable. Do the same as above except click the **Internet Information Services** checkbox when the Windows Features popup appears and then expand this node and select **CGI** under World Wide Web Services > Application Development Features. **NOTE**: These instructions are slightly different for Windows Vista and Windows 7. Instead of a Server Manager popup, you'll just get a list of features to enable. Do the same as above except click the **Internet Information Services** checkbox when the Windows Features popup appears and then expand this node and select **CGI** under World Wide Web Services > Application Development Features.
Once the installation is finished, browse to http://localhost in your browser. If an image pops up, then IIS has been installed correctly. Once the installation is finished, browse to `http://localhost` in your browser. If an image pops up, then IIS has been installed correctly.
## IIS URL Rewrite Module ## IIS URL Rewrite Module
@ -191,7 +191,7 @@ After gettng the code installed, make sure you set the folder permissions proper
## Start SilverStripe installer ## Start SilverStripe installer
Open a browser and point it to http://localhost/ss Open a browser and point it to `http://localhost/ss`
If an installation screen shows up, congratulations! We're very close now. If an installation screen shows up, congratulations! We're very close now.
@ -260,7 +260,7 @@ To find out who the current user is, try echoing the result of get_current_user(
**Q: When I try to access my SilverStripe site for the first time, I get a 404 error** **Q: When I try to access my SilverStripe site for the first time, I get a 404 error**
**A:** Try accessing dev/build?username=admin&password=password at the end of the URL you requested. For example, http://localhost/ss/dev/build?username=admin&password=password. This will ensure the database is built properly **A:** Try accessing dev/build?username=admin&password=password at the end of the URL you requested. For example, `http://localhost/ss/dev/build?username=admin&password=password`. This will ensure the database is built properly
**Q: How do I make IIS expose errors instead of giving a generic 500 or 404 page?** **Q: How do I make IIS expose errors instead of giving a generic 500 or 404 page?**
@ -268,7 +268,7 @@ To find out who the current user is, try echoing the result of get_current_user(
Also, make sure that display_errors, display_startup_errors and html_errors in are set to On in php.ini. Also, make sure that display_errors, display_startup_errors and html_errors in are set to On in php.ini.
**Q: I get a 500 server error when trying to access the SilverStripe site. e.g. http://localhost/ss** **Q: I get a 500 server error when trying to access the SilverStripe site. e.g. `http://localhost/ss`**
**A:** One of the reasons why this could be happening is the web.config file inside the ss directory has XML that is not well formed. Make sure there are NO spaces before the starting <?xml> tag, and make sure that everything is tabbed out correctly. **A:** One of the reasons why this could be happening is the web.config file inside the ss directory has XML that is not well formed. Make sure there are NO spaces before the starting <?xml> tag, and make sure that everything is tabbed out correctly.

View File

@ -73,7 +73,7 @@ every page on the site, if that's easier.
Please make sure all code inside `*.php` files is wrapped in classes. Due to the way `[api:ManifestBuilder]` Please make sure all code inside `*.php` files is wrapped in classes. Due to the way `[api:ManifestBuilder]`
includes all files with this extension, any **procedural code will be executed on every call**. The most common error here includes all files with this extension, any **procedural code will be executed on every call**. The most common error here
is putting a test.php/phpinfo.php file in the document root. See [datamodel](/developer_guides/data_model_and_orm) and [controllers](/developer_guides/controllers) is putting a test.php/phpinfo.php file in the document root. See [datamodel](/developer_guides/model/data_model_and_orm) and [controllers](/developer_guides/controllers)
for ways how to structure your code. for ways how to structure your code.
Also, please check that you have PHP enabled on the webserver, and you're running PHP 5.1 or later. Also, please check that you have PHP enabled on the webserver, and you're running PHP 5.1 or later.

View File

@ -20,5 +20,5 @@ If the above steps don't work for any reason have a read of the [Common Problems
<div class="notice" markdown="1"> <div class="notice" markdown="1">
SilverStripe ships with default rewriting rules specific to your web server. Apart from SilverStripe ships with default rewriting rules specific to your web server. Apart from
routing requests to the framework, they also prevent access to sensitive files in the webroot, routing requests to the framework, they also prevent access to sensitive files in the webroot,
for example YAML configuration files. Please refer to the [security](/topics/security) documentation for details. for example YAML configuration files. Please refer to the [secure coding](/developer_guides/security/secure_coding/#filesystem) documentation for details.
</div> </div>

View File

@ -441,7 +441,7 @@ Use [ANSI SQL](http://en.wikipedia.org/wiki/SQL#Standardization) format where po
### Secure Development ### Secure Development
See [security](/topics/security) for conventions related to handing security permissions. See [security](/developer_guides/security) for conventions related to handing security permissions.
## License ## License

View File

@ -51,7 +51,7 @@ When designing your site you should only need to modify the *mysite*, *themes* a
![](../_images/tutorial1_cms-basic.jpg) ![](../_images/tutorial1_cms-basic.jpg)
The CMS is the area in which you can manage your site content. You can access the cms at http://localhost/your_site_name/admin (or http://yourdomain.com/admin if you are using your own domain name). You The CMS is the area in which you can manage your site content. You can access the cms at `http://localhost/your_site_name/admin` (or `http://yourdomain.com/admin` if you are using your own domain name). You
will be presented with a login screen. Login using the details you provided at installation. After logging in you will be presented with a login screen. Login using the details you provided at installation. After logging in you
should see the CMS interface with a list of the pages currently on your website (the site tree). Here you can add, delete and reorganize pages. If you need to delete, publish, or unpublish a page, first check "multi-selection" at the top. You will then be able to perform actions on any checked files using the "Actions" dropdown. Clicking on a page will open it in the page editing interface pictured below (we've entered some test content). should see the CMS interface with a list of the pages currently on your website (the site tree). Here you can add, delete and reorganize pages. If you need to delete, publish, or unpublish a page, first check "multi-selection" at the top. You will then be able to perform actions on any checked files using the "Actions" dropdown. Clicking on a page will open it in the page editing interface pictured below (we've entered some test content).
@ -85,7 +85,7 @@ The page type specifies the templates used to render the page, the fields that a
**SilverStripe's friendly URLs** **SilverStripe's friendly URLs**
While you are on the draft or live SilverStripe site, you may notice the URLs point to files that don't exist, e.g. While you are on the draft or live SilverStripe site, you may notice the URLs point to files that don't exist, e.g.
http://localhost/contact or http://yourdomainname.com/about-us etc. SilverStripe uses the URL field on the Meta-Data tab of the Edit Page -> Content section to look up the appropriate `http://localhost/contact` or `http://yourdomainname.com/about-us` etc. SilverStripe uses the URL field on the Meta-Data tab of the Edit Page -> Content section to look up the appropriate
page in the database. page in the database.
Note that if you have sub-pages, changing the Top level URL field for a page will affect the URL for all sub-pages. For example, if we changed the URL field "/about-us/" to "/about-silverstripe/" then the sub-pages URLs would now be "/about-silverstripe/URL-of-subpage/" rather than "/about-us/URL-of-subpage/". Note that if you have sub-pages, changing the Top level URL field for a page will affect the URL for all sub-pages. For example, if we changed the URL field "/about-us/" to "/about-silverstripe/" then the sub-pages URLs would now be "/about-silverstripe/URL-of-subpage/" rather than "/about-us/URL-of-subpage/".
@ -151,7 +151,7 @@ or placed between SilverStripe template tags:
**Flushing the cache** **Flushing the cache**
Whenever we edit a template file, we need to append *?flush=1* onto the end of the URL, e.g. Whenever we edit a template file, we need to append *?flush=1* onto the end of the URL, e.g.
http://localhost/your_site_name/?flush=1. SilverStripe stores template files in a cache for quicker load times. Whenever there are `http://localhost/your_site_name/?flush=1`. SilverStripe stores template files in a cache for quicker load times. Whenever there are
changes to the template, we must flush the cache in order for the changes to take effect. changes to the template, we must flush the cache in order for the changes to take effect.
## The Navigation System ## The Navigation System
@ -348,7 +348,7 @@ Create a new file *HomePage.php* in *mysite/code*. Copy the following code into
Every page type also has a database table corresponding to it. Every time we modify the database, we need to rebuild it. Every page type also has a database table corresponding to it. Every time we modify the database, we need to rebuild it.
We can do this by going to [http://localhost/your_site_name/dev/build](http://localhost/your_site_name/dev/build) (replace *localhost/your_site_name* with your own domain name if applicable). We can do this by going to `http://localhost/your_site_name/dev/build`.
It may take a moment, so be patient. This adds tables and fields needed by your site, and modifies any structures that have changed. It It may take a moment, so be patient. This adds tables and fields needed by your site, and modifies any structures that have changed. It
does this non-destructively - it will never delete your data. does this non-destructively - it will never delete your data.

View File

@ -12,7 +12,7 @@ information.
All data tables in SilverStripe are defined as subclasses of [api:DataObject]. The [api:DataObject] class represents a All data tables in SilverStripe are defined as subclasses of [api:DataObject]. The [api:DataObject] class represents a
single row in a database table, following the ["Active Record"](http://en.wikipedia.org/wiki/Active_record_pattern) single row in a database table, following the ["Active Record"](http://en.wikipedia.org/wiki/Active_record_pattern)
design pattern. Database Columns are defined as [Data Types](data_types_and_casting) in the static `$db` variable design pattern. Database Columns are defined as [Data Types](/developer_guides/model/data_types_and_casting) in the static `$db` variable
along with any [relationships](relations) defined as `$has_one`, `$has_many`, `$many_many` properties on the class. along with any [relationships](relations) defined as `$has_one`, `$has_many`, `$many_many` properties on the class.
Let's look at a simple example: Let's look at a simple example:
@ -512,7 +512,7 @@ whenever a new object is created.
<div class="notice" markdown='1'> <div class="notice" markdown='1'>
Note: Alternatively you can set defaults directly in the database-schema (rather than the object-model). See Note: Alternatively you can set defaults directly in the database-schema (rather than the object-model). See
[Data Types and Casting](data_types_and_casting) for details. [Data Types and Casting](/developer_guides/model/data_types_and_casting) for details.
</div> </div>
## Subclasses ## Subclasses
@ -579,7 +579,7 @@ To retrieve a news article, SilverStripe joins the [api:SiteTree], [api:Page] an
## Related Documentation ## Related Documentation
* [Data Types and Casting](../data_types_and_casting) * [Data Types and Casting](/developer_guides/model/data_types_and_casting)
## API Documentation ## API Documentation

View File

@ -2,7 +2,7 @@
The [api:SS_List] class is designed to return a flat list of records. The [api:SS_List] class is designed to return a flat list of records.
These lists can get quite long, and hard to present on a single list. These lists can get quite long, and hard to present on a single list.
[Pagination](/templates/how_tos/pagination) is one way to solve this problem, [Pagination](/developer_guides/templates/how_tos/pagination) is one way to solve this problem,
by splitting up the list into multiple pages. by splitting up the list into multiple pages.
In this howto, we present an alternative to pagination: In this howto, we present an alternative to pagination:
@ -144,5 +144,5 @@ The final step is the render this into the template using the [api:GroupedList->
## Related ## Related
* [Howto: "Pagination"](/templates/how_tos/pagination) * [Howto: "Pagination"](/developer_guides/templates/how_tos/pagination)

View File

@ -7,7 +7,7 @@ Editing and formatting content is the bread and butter of every content manageme
has a tight integration with our preferred editor library, [TinyMCE](http://tinymce.com). has a tight integration with our preferred editor library, [TinyMCE](http://tinymce.com).
On top of the base functionality, we use our own insertion dialogs to ensure you can effectively select and upload On top of the base functionality, we use our own insertion dialogs to ensure you can effectively select and upload
files. In addition to the markup managed by TinyMCE, we use [shortcodes](../../extending/shortcodes) to store files. In addition to the markup managed by TinyMCE, we use [shortcodes](/developer_guides/extending/shortcodes) to store
information about inserted images or media elements. information about inserted images or media elements.
The framework comes with a `[api:HTMLEditorField]` form field class which encapsulates most of the required The framework comes with a `[api:HTMLEditorField]` form field class which encapsulates most of the required
@ -170,7 +170,7 @@ The `[api:HtmlEditorField]` API also handles inserting images and media files in
used both for referencing files on the webserver filesystem (through the `[api:File]` and `[api:Image]` APIs), as well used both for referencing files on the webserver filesystem (through the `[api:File]` and `[api:Image]` APIs), as well
as hotlinking files from the web. as hotlinking files from the web.
We use [shortcodes](../../configuration/shortcodes) to store information about inserted images or media elements. The We use [shortcodes](/developer_guides/extending/shortcodes) to store information about inserted images or media elements. The
[api:ShortcodeParser] API post-processes the HTML content on rendering, and replaces the shortcodes accordingly. It also [api:ShortcodeParser] API post-processes the HTML content on rendering, and replaces the shortcodes accordingly. It also
takes care of care of placing the shortcode replacements relative to its surrounding markup (e.g. left/right alignment). takes care of care of placing the shortcode replacements relative to its surrounding markup (e.g. left/right alignment).

View File

@ -17,7 +17,7 @@ GridField can only be used with `$list` data sets that are of the type `SS_List`
<div class="notice" markdown="1"> <div class="notice" markdown="1">
[api:GridField] powers the automated data UI of [api:ModelAdmin]. For more information about `ModelAdmin` see the [api:GridField] powers the automated data UI of [api:ModelAdmin]. For more information about `ModelAdmin` see the
[Customizing the CMS](../../customizing_the_cms) guide. [Customizing the CMS](/developer_guides/customising_the_admin_interface) guide.
</div> </div>
Each `GridField` is built from a number of components grouped into the [api:GridFieldConfig]. Without any components, Each `GridField` is built from a number of components grouped into the [api:GridFieldConfig]. Without any components,

View File

@ -1,6 +1,6 @@
# How to add a custom action to a GridField row # How to add a custom action to a GridField row
In a [GridField](../field_types/gridfield) instance each table row can have a In a [GridField](/developer_guides/forms/field_types/gridfield) instance each table row can have a
number of actions located the end of the row such as edit or delete actions. number of actions located the end of the row such as edit or delete actions.
Each action is represented as a instance of a specific class Each action is represented as a instance of a specific class
(e.g [api:GridFieldEditButton]) which has been added to the `GridFieldConfig` (e.g [api:GridFieldEditButton]) which has been added to the `GridFieldConfig`
@ -79,7 +79,7 @@ below:
While we're working on the code, to add this new action to the `GridField`, add While we're working on the code, to add this new action to the `GridField`, add
a new instance of the class to the [api:GridFieldConfig] object. The `GridField` a new instance of the class to the [api:GridFieldConfig] object. The `GridField`
[Reference](../field_types/gridfield) documentation has more information about [Reference](/developer_guides/forms/field_types/gridfield) documentation has more information about
manipulating the `GridFieldConfig` instance if required. manipulating the `GridFieldConfig` instance if required.
:::php :::php
@ -93,7 +93,7 @@ manipulating the `GridFieldConfig` instance if required.
$gridField->getConfig()->addComponent(new GridFieldCustomAction()); $gridField->getConfig()->addComponent(new GridFieldCustomAction());
For documentation on adding a Component to a `GridField` created by `ModelAdmin` For documentation on adding a Component to a `GridField` created by `ModelAdmin`
please view the [ModelAdmin Reference](/reference/modeladmin#gridfield-customization) section `GridField Customization` please view the [GridField Customization](/developer_guides/forms/how_tos/create_a_gridfield_actionprovider) section.
Now let's go back and dive through the `GridFieldCustomAction` class in more Now let's go back and dive through the `GridFieldCustomAction` class in more
detail. detail.

View File

@ -45,8 +45,8 @@ Append the option and corresponding value to your URL in your browser's address
## Security Redirects ## Security Redirects
You can set an URL to redirect back to after a [Security](/topics/security) action. See the section on [URL You can set an URL to redirect back to after a [Security](/developer_guides/security) action. See the section on [URL
Redirections](security#redirect_back_to_another_page_after_login) for more information and examples. Redirections](/developer_guides/controllers/redirection) for more information and examples.
| URL Variable | | Values | | Description | | URL Variable | | Values | | Description |
| ------------ | | ------ | | ----------- | | ------------ | | ------ | | ----------- |

View File

@ -17,7 +17,7 @@ Flushing the various manifests is performed through a GET
parameter (`flush=1`). Since this action requires more server resources than normal requests, parameter (`flush=1`). Since this action requires more server resources than normal requests,
executing the action is limited to the following cases when performed via a web request: executing the action is limited to the following cases when performed via a web request:
* The [environment](../getting_started/environment_management) is in "dev mode" * The [environment](/getting_started/environment_management) is in "dev mode"
* A user is logged in with ADMIN permissions * A user is logged in with ADMIN permissions
* An error occurs during startup * An error occurs during startup

View File

@ -6,7 +6,7 @@ site you have to figure this stuff out, and it's not entirely obvious.
## Ways to restrict access ## Ways to restrict access
There are a number of ways to restrict access in SilverStripe. In the security tab in the CMS you can create groups There are a number of ways to restrict access in SilverStripe. In the security tab in the CMS you can create groups
that have access to certain parts. The options can be found on the [permissions](/reference/permission) documentation. that have access to certain parts. The options can be found on the [permissions](/developer_guides/security/permissions) documentation.
Once you have groups, you can set access for each page for a particular group. This can be: Once you have groups, you can set access for each page for a particular group. This can be:
* anyone; * anyone;

View File

@ -63,7 +63,7 @@ Making this work well is a subtle business and should be discussed with a few de
* On an individual data record, $page->can("View", $member = null) and be called. If a member isn't passed, the * On an individual data record, $page->can("View", $member = null) and be called. If a member isn't passed, the
currently logged in member is assumed. currently logged in member is assumed.
* On a request, $request->hasPermission("View", $member = null) can be called. See [datamodel](/topics/datamodel) for * On a request, $request->hasPermission("View", $member = null) can be called. See [datamodel](/developer_guides/model/permissions) for
information on request objects. information on request objects.
## Special cases ## Special cases

View File

@ -3,7 +3,7 @@
## Introduction ## Introduction
This page details notes on how to ensure that we develop secure SilverStripe applications. This page details notes on how to ensure that we develop secure SilverStripe applications.
See our "[Release Process](/misc/release-process#security-releases) on how to report security issues. See our "[Release Process](/contributing/release_process#security-releases) on how to report security issues.
## SQL Injection ## SQL Injection
@ -49,7 +49,7 @@ result in *double escaping* and alters the actually saved data (e.g. by adding s
### Manual escaping ### Manual escaping
As a rule of thumb, whenever you're creating raw queries (or just chunks of SQL), you need to take care of escaping As a rule of thumb, whenever you're creating raw queries (or just chunks of SQL), you need to take care of escaping
yourself. See [coding-conventions](/getting_started/coding_conventions) and [datamodel](/topics/datamodel) for ways to cast and convert yourself. See [coding-conventions](/getting_started/coding_conventions) and [datamodel](/developer_guides/model/data_types_and_casting) for ways to cast and convert
your data. your data.
* `SQLQuery` * `SQLQuery`
@ -137,7 +137,7 @@ XSS attack against an admin to perform any administrative action.
If you can't trust your editors, SilverStripe must be configured to filter the content so that any javascript is If you can't trust your editors, SilverStripe must be configured to filter the content so that any javascript is
stripped out stripped out
To enable filtering, set the HtmlEditorField::$sanitise_server_side [configuration](/topics/configuration) property to To enable filtering, set the HtmlEditorField::$sanitise_server_side [configuration](/developer_guides/configuration/configuration) property to
true, e.g. true, e.g.
HtmlEditorField::config()->sanitise_server_side = true HtmlEditorField::config()->sanitise_server_side = true
@ -160,12 +160,12 @@ The `SiteTree.ExtraMeta` property uses this to limit allowed input.
It is not currently possible to allow editors to provide javascript content and yet still protect other users It is not currently possible to allow editors to provide javascript content and yet still protect other users
from any malicious code within that javascript. from any malicious code within that javascript.
We recommend configuring [shortcodes](/reference/shortcodes) that can be used by editors in place of using javascript directly. We recommend configuring [shortcodes](/developer_guides/extending/shortcodes) that can be used by editors in place of using javascript directly.
### Escaping model properties ### Escaping model properties
`[api:SSViewer]` (the SilverStripe template engine) automatically takes care of escaping HTML tags from specific `[api:SSViewer]` (the SilverStripe template engine) automatically takes care of escaping HTML tags from specific
object-properties by [casting](/topics/datamodel#casting) its string value into a `[api:DBField]` object. object-properties by [casting](/developer_guides/model/data_types_and_casting) its string value into a `[api:DBField]` object.
PHP: PHP:
@ -192,7 +192,7 @@ outputting through SSViewer.
### Overriding default escaping in templates ### Overriding default escaping in templates
You can force escaping on a casted value/object by using an [escape type](/topics/datamodel) method in your template, e.g. You can force escaping on a casted value/object by using an [escape type](/developer_guides/model/data_types_and_casting) method in your template, e.g.
"XML" or "ATT". "XML" or "ATT".
Template (see above): Template (see above):
@ -274,7 +274,7 @@ Template:
Whenever you insert a variable into an HTML attribute within a template, use $VarName.ATT, no not $VarName. Whenever you insert a variable into an HTML attribute within a template, use $VarName.ATT, no not $VarName.
You can also use the built-in casting in PHP by using the *obj()* wrapper, see [datamodel](/topics/datamodel) . You can also use the built-in casting in PHP by using the *obj()* wrapper, see [datamodel](/developer_guides/model/data_types_and_casting).
### Escaping URLs ### Escaping URLs
@ -374,7 +374,7 @@ cast types can be found here:
* `(object)` - cast to object * `(object)` - cast to object
Note that there is also a 'SilverStripe' way of casting fields on a class, this is a different type of casting to the Note that there is also a 'SilverStripe' way of casting fields on a class, this is a different type of casting to the
standard PHP way. See [casting](/topics/datamodel#casting). standard PHP way. See [casting](/developer_guides/model/data_types_and_casting).

View File

@ -11,7 +11,7 @@ The default output of a [api:SearchContext] is either a [api:SQLQuery] object fo
[api:DataObject] instance. [api:DataObject] instance.
<div class="notice" markdown="1"> <div class="notice" markdown="1">
[api:SearchContext] is mainly used by [ModelAdmin](../customising_the_admin_interface/modeladmin). [api:SearchContext] is mainly used by [ModelAdmin](/developer_guides/customising_the_admin_interface/modeladmin).
</div> </div>
## Usage ## Usage
@ -110,8 +110,8 @@ the `$fields` constructor parameter.
## Related Documentation ## Related Documentation
* [ModelAdmin](../customising_the_cms/modeladmin) * [ModelAdmin](/developer_guides/customising_the_admin_interface/modeladmin)
* [Tutorial: Site Search](/tutorials/site_search) * [Site Search](/tutorials/site_search)
## API Documentation ## API Documentation

View File

@ -232,7 +232,7 @@ If you want to run the text collector for just one module you can use the 'modul
`http://localhost/dev/tasks/i18nTextCollectorTask/?module=cms` `http://localhost/dev/tasks/i18nTextCollectorTask/?module=cms`
<div class="hint" markdown='1'> <div class="hint" markdown='1'>
You'll need to install PHPUnit to run the text collector (see [testing-guide](/topics/testing)). You'll need to install PHPUnit to run the text collector (see [testing-guide](/developer_guides/testing)).
</div> </div>
## Module Priority ## Module Priority

View File

@ -16,7 +16,7 @@ Allows upload of images through limiting file extensions with `setAllowedExtensi
### Inserting images into the WYSIWYG editor ### Inserting images into the WYSIWYG editor
See [Topics: Rich Text Editing](/topics/rich-text-editing). See [Rich Text Editing](/developer_guides/forms/field_types/htmleditorfield).
### Resizing Images in PHP ### Resizing Images in PHP

View File

@ -13,7 +13,7 @@ feel familiar to you. This is just a quick run down to get you started
with some special conventions. with some special conventions.
For a more practical-oriented approach to CMS customizations, refer to the For a more practical-oriented approach to CMS customizations, refer to the
[Howto: Extend the CMS Interface](how_tos/extend_cms_interface) which builds [Howto: Extend the CMS Interface](/developer_guides/customising_the_admin_interface/how_tos/extend_cms_interface) which builds
## Markup and Style Conventions ## Markup and Style Conventions
@ -89,7 +89,7 @@ The various panels and UI components within them are loosely coupled to the layo
attribute. The layout is triggered on the top element and cascades into children, with a `redraw` method defined on attribute. The layout is triggered on the top element and cascades into children, with a `redraw` method defined on
each panel and UI component that needs to update itself as a result of layouting. each panel and UI component that needs to update itself as a result of layouting.
Refer to [Layout reference](cms_layout) for further information. Refer to [Layout reference](/developer_guides/customising_the_admin_interface/cms_layout) for further information.
## Forms ## Forms
@ -148,7 +148,7 @@ correctly configured form.
[jQuery.entwine](https://github.com/hafriedlander/jquery.entwine) is a thirdparty library [jQuery.entwine](https://github.com/hafriedlander/jquery.entwine) is a thirdparty library
which allows us to attach behaviour to DOM elements in a flexible and structured mannger. which allows us to attach behaviour to DOM elements in a flexible and structured mannger.
It replaces the `behaviour.js` library used in previous versions of the CMS interface. It replaces the `behaviour.js` library used in previous versions of the CMS interface.
See [JavaScript Development](javascript_development) for more information on how to use it. See [JavaScript Development](/developer_guides/customising_the_admin_interface/javascript_development) for more information on how to use it.
In the CMS interface, all entwine rules should be placed in the "ss" entwine namespace. In the CMS interface, all entwine rules should be placed in the "ss" entwine namespace.
If you want to call methods defined within these rules outside of entwine logic, If you want to call methods defined within these rules outside of entwine logic,
you have to use this namespace, e.g. `$('.cms-menu').entwine('ss').collapse()`. you have to use this namespace, e.g. `$('.cms-menu').entwine('ss').collapse()`.
@ -380,7 +380,7 @@ To avoid repetition, we've written some helpers for various use cases:
* Load into a PJAX panel: `<a href="..." class="cms-panel-link" data-pjax-target="Content">` * Load into a PJAX panel: `<a href="..." class="cms-panel-link" data-pjax-target="Content">`
* Load URL as an iframe into a popup/dialog: `<a href="..." class="ss-ui-dialog-link">` * Load URL as an iframe into a popup/dialog: `<a href="..." class="ss-ui-dialog-link">`
* GridField click to redirect to external link: `<a href="..." class="cms-panel-link action external-link"> * GridField click to redirect to external link: `<a href="..." class="cms-panel-link action external-link">`
## Buttons ## Buttons
@ -433,7 +433,7 @@ The CMS tree for viewing hierarchical structures (mostly pages) is powered
by the [jstree](http://jstree.com) library. It is configured through by the [jstree](http://jstree.com) library. It is configured through
`framework/admin/javascript/LeftAndMain.Tree.js`, as well as some `framework/admin/javascript/LeftAndMain.Tree.js`, as well as some
HTML5 metadata generated on its container (see the `data-hints` attribute). HTML5 metadata generated on its container (see the `data-hints` attribute).
For more information, see the [Howto: Customize the CMS tree](../how_tos/customize_cms_tree). For more information, see the [Howto: Customise the CMS tree](/developer_guides/customising_the_admin_interface/how_tos/customise_cms_tree).
Note that a similar tree logic is also used for the Note that a similar tree logic is also used for the
form fields to select one or more entries from those hierarchies form fields to select one or more entries from those hierarchies
@ -441,7 +441,7 @@ form fields to select one or more entries from those hierarchies
## Tabs ## Tabs
We're using [jQuery UI tabs](http://jqueryui.com/), but in a customized fashion. We're using [jQuery UI tabs](http://jqueryui.com/), but in a customised fashion.
HTML with tabs can be created either directly through HTML templates in the CMS, HTML with tabs can be created either directly through HTML templates in the CMS,
or indirectly through a `[api:TabSet]` form field. Since tabsets are useable or indirectly through a `[api:TabSet]` form field. Since tabsets are useable
outside of the CMS as well, the baseline application of tabs happens via outside of the CMS as well, the baseline application of tabs happens via
@ -538,8 +538,8 @@ through the `PjaxResponseNegotiator` class (see above).
## Related ## Related
* [Howto: Extend the CMS Interface](how_tos/extend_cms_interface) * [Howto: Extend the CMS Interface](/developer_guides/customising_the_admin_interface/how_tos/extend_cms_interface)
* [Howto: Customize the CMS tree](how_tos/customize_cms_tree) * [Howto: Customise the CMS tree](/developer_guides/customising_the_admin_interface/how_tos/customise_cms_tree)
* [ModelAdmin API](api:ModelAdmin) * [ModelAdmin API](api:ModelAdmin)
* [Reference: Layout](cms_layout) * [Reference: Layout](/developer_guides/customising_the_admin_interface/cms_layout)
* [Rich Text Editing](/developer_guides/forms/field_types/htmleditorfield) * [Rich Text Editing](/developer_guides/forms/field_types/htmleditorfield)

View File

@ -27,4 +27,4 @@ more complex fields like `GridField`, `UploadField`
or `DropdownField` with the chosen.js behaviour applied. or `DropdownField` with the chosen.js behaviour applied.
Note: For more advanced help text we recommend using Note: For more advanced help text we recommend using
[Custom form field templates](../form_templates); [Custom form field templates](/developer_guides/forms/form_templates);

View File

@ -43,7 +43,7 @@ In order to localize the menu title in different languages, use the
the i18n text collection. the i18n text collection.
For more information on language and translations, please refer to the For more information on language and translations, please refer to the
[i18n](../../ii8n) docs. [i18n](/developer_guides/i18n) docs.
## Adding an external link to the menu ## Adding an external link to the menu
@ -85,7 +85,7 @@ button configuration.
To have the link appear, make sure you add the extension to the `LeftAndMain` To have the link appear, make sure you add the extension to the `LeftAndMain`
class. For more information about configuring extensions see the class. For more information about configuring extensions see the
[extensions reference](../extending/extensions). [extensions reference](/developer_guides/extending/extensions).
:::php :::php
LeftAndMain::add_extension('CustomLeftAndMain') LeftAndMain::add_extension('CustomLeftAndMain')

View File

@ -11,7 +11,7 @@ into the main CMS menu. A page can be bookmarked by a CMS author through a
simple checkbox. simple checkbox.
For a deeper introduction to the inner workings of the CMS, please refer to our For a deeper introduction to the inner workings of the CMS, please refer to our
guide on [CMS Architecture](../reference/cms-architecture). guide on [CMS Architecture](/developer_guides/customising_the_admin_interface/cms_architecture).
## Overload a CMS template ## ## Overload a CMS template ##

View File

@ -40,7 +40,7 @@ Never update a website on the live server without trying it on a development cop
How easy will it be to update my project? It's a fair question, and sometimes a difficult one to answer. How easy will it be to update my project? It's a fair question, and sometimes a difficult one to answer.
* "Micro" releases (x.y.z) are explicitly backwards compatible, "minor" and "major" releases can deprecate features and change APIs (see our [/misc/release-process](release process) for details) * "Micro" releases (x.y.z) are explicitly backwards compatible, "minor" and "major" releases can deprecate features and change APIs (see our [release process](/contributing/release_process) for details)
* If you've made custom branches of SilverStripe core, or any thirdparty module, it's going to be harder to upgrade. * If you've made custom branches of SilverStripe core, or any thirdparty module, it's going to be harder to upgrade.
* The more custom features you have, the harder it will be to upgrade. You will have to re-test all of those features, and adapt to API changes in core. * The more custom features you have, the harder it will be to upgrade. You will have to re-test all of those features, and adapt to API changes in core.
* Customizations of a well defined type - such as custom page types or custom blog widgets - are going to be easier to upgrade than customisations that modify deep system internals like rewriting SQL queries. * Customizations of a well defined type - such as custom page types or custom blog widgets - are going to be easier to upgrade than customisations that modify deep system internals like rewriting SQL queries.

View File

@ -7,7 +7,7 @@
**Don't use Translatable for multilingual database content. Don't upgrade to 2.3.0 if you're already using **Don't use Translatable for multilingual database content. Don't upgrade to 2.3.0 if you're already using
Translatable.** Translatable.**
The [Translatable extension](/topics/translation) is currently marked as The [Translatable extension](/developer_guides/i18n) is currently marked as
unstable for the initial 2.3 release. **If your site uses more than one language for page content, don't upgrade to this unstable for the initial 2.3 release. **If your site uses more than one language for page content, don't upgrade to this
release.** We're working on bugfixes which will be contained in a minor 2.3.x release soon. Check our [releaseannouncements](http://groups.google.com/group/silverstripe-announce) for updates on Translatable bugfixes. release.** We're working on bugfixes which will be contained in a minor 2.3.x release soon. Check our [releaseannouncements](http://groups.google.com/group/silverstripe-announce) for updates on Translatable bugfixes.
@ -33,7 +33,7 @@ calling `dev/build`. See [#2847](http://open.silverstripe.com/ticket/2847)
### Newsletter moved into new module ### Newsletter moved into new module
Newsletter functionality has been moved into its own module called **[newsletter](modules/newsletter)**. If you were Newsletter functionality has been moved into its own module called **[newsletter](http://addons.silverstripe.org/add-ons/silverstripe/newsletter)**. If you were
previously using this as a feature out of the box with SilverStripe, then you will need to download the userforms module previously using this as a feature out of the box with SilverStripe, then you will need to download the userforms module
to continue using it. to continue using it.
@ -51,9 +51,7 @@ The auth_openid module has been removed from default installation. Please insta
### GenericDataAdmin and RelatedDataEditor moved into new module ### GenericDataAdmin and RelatedDataEditor moved into new module
GenericDataAdmin functionality has been moved into its own module called GenericDataAdmin functionality has been moved into its own module. If you were previously using this as a feature out of the box with
**[genericdataadmin](modules/genericdataadmin)**. If you were previously using this as a feature out of the box with
SilverStripe, then you will need to download this module to continue using it. SilverStripe, then you will need to download this module to continue using it.
### User Defined Form moved into new module ### User Defined Form moved into new module
@ -196,8 +194,8 @@ also that the DOCTYPE altering, which was a frequent cause of pain, only execute
* Removed deprecated File::loadallcontent(), use Upload class * Removed deprecated File::loadallcontent(), use Upload class
* Image->URL returns relative instead of absolute URL. Use Image->AbsoluteURL instead. * Image->URL returns relative instead of absolute URL. Use Image->AbsoluteURL instead.
* Moved DataReport and SQLReport into the ecommerce module. If you're using these classes, please download the * Moved DataReport and SQLReport into the ecommerce module. If you're using these classes, please see the
[ecommerce module](modules/ecommerce). [ecommerce modules](http://addons.silverstripe.org/add-ons?search=ecommerce&type=&compatibility%5B%5D=3.1).
### Default mysite/_config.php ### Default mysite/_config.php

View File

@ -31,9 +31,9 @@ Here's an example of how the default Blackcandy theme was changed:
The datamodel for the Translatable extension was changed from multiple language tables to multiple rows for each The datamodel for the Translatable extension was changed from multiple language tables to multiple rows for each
translated record in the original table. We've also introduced the concept of "Translation groups", which means not translated record in the original table. We've also introduced the concept of "Translation groups", which means not
every translated record has to exist in a "master language". Please review our updated documentation on how to [enable Translatable](/topics/translation). every translated record has to exist in a "master language". Please review our updated documentation on how to [enable Translatable](/developer_guides/i18n).
If you are upgrading an existing database with existing translations, you'll need to run our [Migration Script](/topics/translation#migrating_from_2.1_datamodel) before using the If you are upgrading an existing database with existing translations, you'll need migrate these before using the
database. database.
For in-depth discussion of the schema changes and translation groups, please refer to our developer mailinglist: For in-depth discussion of the schema changes and translation groups, please refer to our developer mailinglist:

View File

@ -243,7 +243,7 @@ No conversion of existing database schemas or content should be necessary.
### MySQL 5.0+ or newer required ### MySQL 5.0+ or newer required
See [server-requirements](/installation/server-requirements). See [server-requirements](/getting_started/server_requirements).
### BASE_PATH constant ### BASE_PATH constant

View File

@ -28,7 +28,7 @@ TRUE.
### Security: Installation in "live mode" by default ### Security: Installation in "live mode" by default
SilverStripe used to allow setting the [environment type](/topics/environment-management) ("dev mode", "test mode" or "live SilverStripe used to allow setting the [environment type](/getting_started/environment_management) ("dev mode", "test mode" or "live
mode") from within the installer, through *Director::set_dev_servers()*, *Director::set_test_servers()* and mode") from within the installer, through *Director::set_dev_servers()*, *Director::set_test_servers()* and
*Director::set_live_servers()*. *Director::set_live_servers()*.
@ -37,7 +37,7 @@ domain information in HTTP requests. This can lead to "live" environments being
administrative actions like *dev/build* without access control. administrative actions like *dev/build* without access control.
Note: The CMS is still secured through login in "dev mode". Note: The CMS is still secured through login in "dev mode".
We recommend setting environment types through a [_ss_environment.php](/topics/environment-management) file instead: We recommend setting environment types through a [_ss_environment.php](/getting_started/environment_management) file instead:
:::php :::php
<?php <?php
@ -88,7 +88,7 @@ this task:
### Date/Time format handling in CMS ### Date/Time format handling in CMS
Classes like DateField, TimeField and DatetimeField are now aware of member-specific formats which can be set in Classes like DateField, TimeField and DatetimeField are now aware of member-specific formats which can be set in
*admin/myprofile* (linked on the lower right footer in the CMS interface). See [i18n](/topics/i18n) for more details. *admin/myprofile* (linked on the lower right footer in the CMS interface). See [i18n](/developer_guides/i18n) for more details.
Example: Setting German date formats in *mysite/_config.php*: Example: Setting German date formats in *mysite/_config.php*:

View File

@ -253,7 +253,7 @@ actions accessible through URL routing. Methods that need automatic CSRF
protection (most form actions) should NOT be included in $allowed_actions, protection (most form actions) should NOT be included in $allowed_actions,
their protection is handled through request handling in the form class itself. their protection is handled through request handling in the form class itself.
See [security](/topics/security#limiting_url-access_to_controller_methods) documentation for more details. See [security](/developer_guides/controllers/access_control/#allowed-actions) documentation for more details.
#### Impact #### Impact

View File

@ -34,7 +34,7 @@ on those fields, this wasn't correctly applied. The following methods are affect
If you have used any of these transformations with untrusted values If you have used any of these transformations with untrusted values
(e.g. from a user-submitted form), please consider updating. (e.g. from a user-submitted form), please consider updating.
More info about SilverStripe's casting logic is available in the "[security](../topics/security)" documentation. More info about SilverStripe's casting logic is available in the "[security](/developer_guides/security)" documentation.
### Security: Cross-site scripting (XSS) related to page titles in the CMS ### Security: Cross-site scripting (XSS) related to page titles in the CMS

View File

@ -41,7 +41,7 @@ The detailed change logs are broken down by pre-release:
### Common Upgrade Tasks ### Common Upgrade Tasks
* Rename foder from `sapphire/`to `framework/`, replace own paths with `FRAMEWORK_DIR` (in PHP) or `$ModulePath(framework)` (in templates). Update paths in `.htaccess` or `web.config` ([more](/changelogs/3.0.0#sapphire-rename)) * Rename foder from `sapphire/`to `framework/`, replace own paths with `FRAMEWORK_DIR` (in PHP) or `$ModulePath(framework)` (in templates). Update paths in `.htaccess` or `web.config` ([more](/changelogs/3.0.0#sapphire-rename))
* Replace `<% control %>` in your templates with `<% loop %>` and `<% with %>` ([more](/reference/templates-upgrading-guide#control)) * Replace `<% control %>` in your templates with `<% loop %>` and `<% with %>` ([more](/developer_guides/templates))
* Replace `DataObjectSet` with `DataList` or `ArrayList` ([more](/changelogs/3.0.0#deprecated-classes)) * Replace `DataObjectSet` with `DataList` or `ArrayList` ([more](/changelogs/3.0.0#deprecated-classes))
* Rewrite `ComplexTableField` and `DataObjectManager` instances to `GridField` ([more](/changelogs/3.0.0#gridfield-replacement-for-tablelistfield-and-complextablefield-gridfield)) * Rewrite `ComplexTableField` and `DataObjectManager` instances to `GridField` ([more](/changelogs/3.0.0#gridfield-replacement-for-tablelistfield-and-complextablefield-gridfield))
* Rewrite `Director::redirect()` and `Director::redirectBack()` calls ([more](/changelogs/3.0.0#director-static-functions-deprecated-e-g-redirect-and-redirectback) * Rewrite `Director::redirect()` and `Director::redirectBack()` calls ([more](/changelogs/3.0.0#director-static-functions-deprecated-e-g-redirect-and-redirectback)
@ -61,7 +61,7 @@ which points to the framework directory, and in the templates you can use `$Modu
### GridField: Replacement for TableListField and ComplexTableField [gridfield]### ### GridField: Replacement for TableListField and ComplexTableField [gridfield]###
We have a new component for managing lists of objects: The `[GridField](/reference/grid-field)`. We have a new component for managing lists of objects: The `[GridField](/developer_guides/forms/field_types/gridfield)`.
It's a substantial rewrite of the features previously captured by `TableListField`, It's a substantial rewrite of the features previously captured by `TableListField`,
`ComplexTableField`, `HasManyComplexTableField` and `ManyManyComplexTableField`. `ComplexTableField`, `HasManyComplexTableField` and `ManyManyComplexTableField`.
@ -97,7 +97,7 @@ Upgrade example: Relationship editing
// after // after
$field = new GridField('MyRelation', null, $myRecord->MyRelation(), GridFieldConfig_RelationEditor::create()); $field = new GridField('MyRelation', null, $myRecord->MyRelation(), GridFieldConfig_RelationEditor::create());
More information is available in the [GridField documentation](/reference/grid-field). More information is available in the [GridField documentation](/developer_guides/forms/field_types/gridfield).
### Object static functions replaced with new Config class {#new-config} ### Object static functions replaced with new Config class {#new-config}
Static functions for getting a static variable on the `Object` class have been deprecated, Static functions for getting a static variable on the `Object` class have been deprecated,
@ -215,7 +215,7 @@ for the presence of records, please call the count() method on the `DataList`:
if(!DataObject::get('SiteTree', '"ParentID" = 5')->count()) echo "Page 5 has no children"; if(!DataObject::get('SiteTree', '"ParentID" = 5')->count()) echo "Page 5 has no children";
Beware that `DataList->remove()` will delete an entry from the database. Beware that `DataList->remove()` will delete an entry from the database.
See the ["datamodel" documentation](../topics/datamodel) for more details. See the ["datamodel" documentation](/developer_guides/model/data_model_and_orm) for more details.
### New ORM: Changes to manipulation of SQL queries {#new-orm-sql-queries} ### New ORM: Changes to manipulation of SQL queries {#new-orm-sql-queries}
@ -334,8 +334,7 @@ Now in SilverStripe 3.x, nested structures are arrays:
### New template engine [templates]### ### New template engine [templates]###
The template engine has been completely rewritten, and although it is generally backward compatible, there are new features The template engine has been completely rewritten, and although it is generally backward compatible, there are new features
and some features have been deprecated. See the [template upgrading guide](/reference/templates-upgrading-guide) and the and some features have been deprecated. See the [template reference](/developer_guides/templates) for more information.
[template reference](/reference/templates) for more information.
### Removed view-specific accessors from ViewableData #### ### Removed view-specific accessors from ViewableData ####
@ -343,7 +342,7 @@ Several methods in ViewableData that were originally added to expose values to t
in order to stop polluting the namespace. These were sometimes called by project-specific PHP code too, and that code in order to stop polluting the namespace. These were sometimes called by project-specific PHP code too, and that code
will need re-working. will need re-working.
See the [template upgrading guide](/reference/templates-upgrading-guide) for a list of methods and their replacements. See the [template reference](/developers_guides/templates) for a list of method replacements.
### New user interface for CMS [ui]### ### New user interface for CMS [ui]###
@ -354,9 +353,9 @@ the detailed changelog for this release. Many interface components have changed
unfortunately there is no clear upgrade path for every interface detail. unfortunately there is no clear upgrade path for every interface detail.
As a starting point, have a look at the new templates in `cms/templates` As a starting point, have a look at the new templates in `cms/templates`
and `framework/admin/templates`, as well as the new [jQuery.entwine](https://github.com/hafriedlander/jquery.entwine) and `framework/admin/templates`, as well as the new [jQuery.entwine](https://github.com/hafriedlander/jquery.entwine)
based JavaScript logic. Have a look at the new ["Extending the CMS" guide](../howto/extend-cms-interface), based JavaScript logic. Have a look at the new ["Extending the CMS" guide](/developer_guides/customising_the_admin_interface/how_tos/extend_cms_interface),
["CSS" guide](../topics/css), ["JavaScript" guide](../topics/javascript) and ["CSS" guide](/developer_guides/customising_the_admin_interface/typography), ["JavaScript" guide](/developer_guides/customising_the_admin_interface/javascript_development) and
["CMS Architecture" guide](/reference/cms-architecture) to get you started. ["CMS Architecture" guide](/developer_guides/customising_the_admin_interface/cms_architecture) to get you started.
### New tree library [tree]### ### New tree library [tree]###
@ -436,9 +435,9 @@ ModelAdmin has been substanially rewritten to natively support the `[api:GridFie
for more flexible data presentation (replacing `[api:ComplexTableField]`), for more flexible data presentation (replacing `[api:ComplexTableField]`),
and the `[api:DataList]` API for more expressive querying. and the `[api:DataList]` API for more expressive querying.
If you have overwritten any methods in the class, customized templates, If you have overwritten any methods in the class, customised templates,
or implemented your own `$collection_controller_class`/`$record_controller_class` controllers, or implemented your own `$collection_controller_class`/`$record_controller_class` controllers,
please refer to the new [ModelAdmin documentation](/reference/modeladmin) please refer to the new [ModelAdmin documentation](/developer_guides/customising_the_admin_interface/modeladmin)
on details for how to achieve the same goals in the new class. on details for how to achieve the same goals in the new class.
### Stylesheet preprocessing via SCSS and the "compass" module [scss]### ### Stylesheet preprocessing via SCSS and the "compass" module [scss]###

View File

@ -30,7 +30,7 @@ state of a database record.
Fix: Apply 3.0.4 update. In addition, we strongly recommend to define `$allowed_actions` Fix: Apply 3.0.4 update. In addition, we strongly recommend to define `$allowed_actions`
on all controller classes to ensure the intentions are clearly communicated. on all controller classes to ensure the intentions are clearly communicated.
Read more about `$allowed_actions` in our "[controller](/topics/controller/#access-control)" Read more about `$allowed_actions` in our "[controller](/developer_guides/controllers/access_control)"
docs. docs.
Reporter: Zann St Pierre Reporter: Zann St Pierre
@ -48,7 +48,7 @@ configuration values added in your own project, or a third party module.
Resolution: Update your `.htaccess` file (for Apache), or your `web.config` file (for IIS) Resolution: Update your `.htaccess` file (for Apache), or your `web.config` file (for IIS)
with the new files from the project root, and reapply any customizations you've made. with the new files from the project root, and reapply any customizations you've made.
Follow the [general upgrade instructions](/installation/upgrading). Follow the [general upgrade instructions](/installation/upgrading).
The [nginx installation instructions](/installation/nginx) The [nginx installation instructions](/getting_started/installation/how_to/configure_nginx)
have also been updated to reflect those changes. have also been updated to reflect those changes.
### Security: Information exposure through web access on composer files ### Security: Information exposure through web access on composer files
@ -64,8 +64,8 @@ versions of SilverStripe.
Resolution: Update your `.htaccess` file (for Apache), or your `web.config` file (for IIS) Resolution: Update your `.htaccess` file (for Apache), or your `web.config` file (for IIS)
with the new files from the project root, and reapply any customizations you've made. with the new files from the project root, and reapply any customizations you've made.
Follow the [general upgrade instructions](/installation/upgrading). Follow the [general upgrade instructions](/upgrading).
The [nginx installation instructions](/installation/nginx) The [nginx installation instructions](/getting_started/installation/how_to/configure_nginx)
have also been updated to reflect those changes. have also been updated to reflect those changes.

View File

@ -34,7 +34,7 @@
* Optional integration with ImageMagick as a new image manipulation backend * Optional integration with ImageMagick as a new image manipulation backend
* Support for PHP 5.4's built-in webserver * Support for PHP 5.4's built-in webserver
* Support for [Composer](http://getcomposer.org) dependency manager (also works with 3.0) * Support for [Composer](http://getcomposer.org) dependency manager (also works with 3.0)
* Added support for filtering incoming HTML from TinyMCE (disabled by default, see [security](/topics/security)) * Added support for filtering incoming HTML from TinyMCE (disabled by default, see [security](/developer_guides/security))
* Behaviour testing support through [Behat](http://behat.org), with CMS test coverage * Behaviour testing support through [Behat](http://behat.org), with CMS test coverage
(see the [SilverStripe Behat Extension]() for details) (see the [SilverStripe Behat Extension]() for details)
@ -48,7 +48,7 @@ it can facilitate [denial-of-service attacks](https://en.wikipedia.org/wiki/Deni
To prevent this, main.php now checks and only allows the flush parameter in the following cases: To prevent this, main.php now checks and only allows the flush parameter in the following cases:
* The [environment](/topics/environment-management) is in "dev mode" * The [environment](/getting_started/environment_management) is in "dev mode"
* A user is logged in with ADMIN permissions * A user is logged in with ADMIN permissions
* An error occurs during startup * An error occurs during startup
@ -233,7 +233,7 @@ needs to be explicitly denied through these configuration files (see the [3.0.5
for details. for details.
</div> </div>
For more information about how to use the config system, see the ["Configuration" topic](/topic/configuration). For more information about how to use the config system, see the ["Configuration" topic](/developer_guides/configuration).
### Deny URL access if `Controller::$allowed_actions` is undefined or empty array ### Deny URL access if `Controller::$allowed_actions` is undefined or empty array
@ -253,7 +253,7 @@ by setting the `RequestHandler.require_allowed_actions` config value to `false`
This applies to anything extending `RequestHandler`, so please check your `Form` and `FormField` This applies to anything extending `RequestHandler`, so please check your `Form` and `FormField`
subclasses as well. Keep in mind, action methods as denoted through `FormAction` names should NOT subclasses as well. Keep in mind, action methods as denoted through `FormAction` names should NOT
be mentioned in `$allowed_actions` to avoid CSRF issues. be mentioned in `$allowed_actions` to avoid CSRF issues.
Please review all rules governing allowed actions in the ["controller" topic](/topics/controller). Please review all rules governing allowed actions in the ["controller" topic](/developer_guides/controllers/access_control/#allowed-actions).
### Removed support for "*" rules in `Controller::$allowed_actions` ### Removed support for "*" rules in `Controller::$allowed_actions`
@ -272,7 +272,7 @@ you'll need to specificy each accessible action individually.
} }
Please review all rules governing allowed actions in the Please review all rules governing allowed actions in the
["controller" topic](/topics/controller). ["controller" topic](/developer_guides/controllers/access_control/#allowed-actions).
### Removed support for overriding rules on parent classes through `Controller::$allowed_actions` ### Removed support for overriding rules on parent classes through `Controller::$allowed_actions`
@ -295,7 +295,7 @@ which now have to be listed in the `$allowed_actions` specifically.
It also restricts `Extension` classes applied to controllers, which now It also restricts `Extension` classes applied to controllers, which now
can only grant or deny access or methods they define themselves. can only grant or deny access or methods they define themselves.
New approach with the [Config API](/topics/configuration) New approach with the [Config API](/developer_guides/configuration/configuration)
:::php :::php
class MySubController extends MyController { class MySubController extends MyController {
@ -309,7 +309,7 @@ New approach with the [Config API](/topics/configuration)
} }
Please review all rules governing allowed actions in the Please review all rules governing allowed actions in the
["controller" topic](/topics/controller). ["controller" topic](/developer_guides/controllers/access_control/#allowed-actions).
### Grouped CMS Buttons ### Grouped CMS Buttons
@ -377,7 +377,7 @@ Since `GridField` is used in `ModelAdmin`, this change will affect both classes.
return Permission::check('CMS_ACCESS_CMSMain', 'any', $member); return Permission::check('CMS_ACCESS_CMSMain', 'any', $member);
} }
You can also implement [custom permission codes](/topics/permissions). You can also implement [custom permission codes](/developer_guides/security/permissions).
For 3.1.0 stable, we aim to further simplify the permission definitions, For 3.1.0 stable, we aim to further simplify the permission definitions,
in order to reduce the boilerplate code required to get a model editable in the CMS. in order to reduce the boilerplate code required to get a model editable in the CMS.
@ -493,7 +493,7 @@ you can enable those warnings and future-proof your code already.
Hierarchy.node_threshold_leaf`. Set to `0` to show tree unrestricted. Hierarchy.node_threshold_leaf`. Set to `0` to show tree unrestricted.
* `Object` now has `beforeExtending` and `afterExtending` to inject behaviour around method extension. * `Object` now has `beforeExtending` and `afterExtending` to inject behaviour around method extension.
`DataObject` also has `beforeUpdateCMSFields` to insert fields between automatic scaffolding and extension `DataObject` also has `beforeUpdateCMSFields` to insert fields between automatic scaffolding and extension
by `updateCMSFields`. See the [DataExtension Reference](/reference/dataextension) for more information. by `updateCMSFields`. See the [DataExtension Reference](/developer_guides/model/extending_dataobjects) for more information.
* Magic quotes is now deprecated. Will trigger user_error on live sites, as well as an error on new installs * Magic quotes is now deprecated. Will trigger user_error on live sites, as well as an error on new installs
* Support for Apache 1.x is removed. * Support for Apache 1.x is removed.
* Forms created in the CMS should now be instances of a new `CMSForm` class, * Forms created in the CMS should now be instances of a new `CMSForm` class,

View File

@ -6,7 +6,7 @@ This release includes several security fixes to prevent HTTP Hostname injection,
as well as a fix for flush or isDev querystring parameters as well as a fix for flush or isDev querystring parameters
to be set via unauthenticated requests. to be set via unauthenticated requests.
Users upgrading from 3.1.12 or below should read the [security documentation](/security/secure_coding) Users upgrading from 3.1.12 or below should read the [security documentation](/developer_guides/security/secure_coding)
on securing their site. on securing their site.
### Security ### Security

View File

@ -14,7 +14,7 @@ will be disabled. If multiple authenticators are used, only supported ones will
In order to create a CMS supported version the `Authenticator::supports_cms` and `Authenticator::get_cms_login_form` In order to create a CMS supported version the `Authenticator::supports_cms` and `Authenticator::get_cms_login_form`
methods should be overridden. See `[api:MemberAuthenticator]` for an example implementation. methods should be overridden. See `[api:MemberAuthenticator]` for an example implementation.
Check the documentation at the [Authentication](/topics/authentication) topic. Check the documentation at the [Authentication](/developer_guides/security/authentication) topic.
### Default Admin ### Default Admin

View File

@ -27,14 +27,14 @@ DataList handles filtering in a more fluent way than using raw where calls. The
When this query is executed it will contain all members with firstname of Sam but not with lastname Magnusson sorted by age ascending When this query is executed it will contain all members with firstname of Sam but not with lastname Magnusson sorted by age ascending
For more information see documentation at [/topics/datamodel](../../topics/datamodel). For more information see documentation at [datamodel](/developer_guides/model/searchfilters).
### Grid Field ### Grid Field
GridField has changed since 3.0.0-alpha1 to be more flexible. Any previous implementation are broken GridField has changed since 3.0.0-alpha1 to be more flexible. Any previous implementation are broken
and need to be changed according to the new API. and need to be changed according to the new API.
For implementation details see documentation at [/reference/grid-field](../../reference/grid-field). For implementation details see documentation at [grid-field](/developer_guides/forms/field_types/gridfield).
## Upgrading ## ## Upgrading ##

View File

@ -15,7 +15,7 @@ it can facilitate [denial-of-service attacks](https://en.wikipedia.org/wiki/Deni
To prevent this, main.php now checks and only allows the flush parameter in the following cases: To prevent this, main.php now checks and only allows the flush parameter in the following cases:
* The [environment](/topics/environment-management) is in "dev mode" * The [environment](/getting_started/environment_management) is in "dev mode"
* A user is logged in with ADMIN permissions * A user is logged in with ADMIN permissions
* An error occurs during startup * An error occurs during startup

View File

@ -14,7 +14,7 @@ will be disabled. If multiple authenticators are used, only supported ones will
In order to create a CMS supported version the `Authenticator::supports_cms` and `Authenticator::get_cms_login_form` In order to create a CMS supported version the `Authenticator::supports_cms` and `Authenticator::get_cms_login_form`
methods should be overridden. See `[api:MemberAuthenticator]` for an example implementation. methods should be overridden. See `[api:MemberAuthenticator]` for an example implementation.
Check the documentation at the [Authentication](/topics/authentication) topic. Check the documentation at the [Authentication](/developer_guides/security/authentication) topic.
### Default Admin ### Default Admin

View File

@ -149,7 +149,7 @@ After you have edited the file, GitHub will offer to create a pull request for y
[API documentation](http://api.silverstripe.org/3.1/) for good examples. [API documentation](http://api.silverstripe.org/3.1/) for good examples.
* Check and update documentation on [doc.silverstripe.org](http://doc.silverstripe.org). Check for any references to functionality deprecated or extended through your patch. Documentation changes should be included in the patch. * Check and update documentation on [doc.silverstripe.org](http://doc.silverstripe.org). Check for any references to functionality deprecated or extended through your patch. Documentation changes should be included in the patch.
* If you get stuck, please post to the [forum](http://silverstripe.org/forum) or for deeper core problems, to the [core mailinglist](https://groups.google.com/forum/#!forum/silverstripe-dev) * If you get stuck, please post to the [forum](http://silverstripe.org/forum) or for deeper core problems, to the [core mailinglist](https://groups.google.com/forum/#!forum/silverstripe-dev)
* When working with the CMS, please read the ["CMS Architecture Guide"](cms_architecture) first * When working with the CMS, please read the ["CMS Architecture Guide"](/developer_guides/customising_the_admin_interface/cms_architecture) first
## Commit Messages ## Commit Messages