From 9a97cbc255d7681e068347a95b4790037ab599d3 Mon Sep 17 00:00:00 2001
From: Damian Mooyman <damian@silverstripe.com>
Date: Mon, 16 Feb 2015 16:39:01 +1300
Subject: [PATCH 1/4] Added 3.1.10-rc1 changelog

---
 docs/en/04_Changelogs/rc/3.1.10-rc1.md | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/docs/en/04_Changelogs/rc/3.1.10-rc1.md b/docs/en/04_Changelogs/rc/3.1.10-rc1.md
index 1bfcd1c01..f960bf019 100644
--- a/docs/en/04_Changelogs/rc/3.1.10-rc1.md
+++ b/docs/en/04_Changelogs/rc/3.1.10-rc1.md
@@ -8,6 +8,31 @@ Form action titles are now safely XML encoded, although this was an implicit ass
 XML encoding titles will not cause an error, but is deprecated at framework 4.0. FormAction buttons with custom HTML
 content should be assigned using the `FormAction::setButtonContent` method instead.
 
+### Features and Enhancements
+
+ * 2015-01-22 [2e4bf9a](https://github.com/silverstripe/sapphire/commit/2e4bf9a) Update sake to reference new docs (Cam Findlay)
+
+### Bugfixes
+
+ * 2015-02-12 [047fe3a](https://github.com/silverstripe/sapphire/commit/047fe3a) Include php version in default cache folder name Update CoreTest.php (JorisDebonnet)
+ * 2015-02-10 [1db08ba](https://github.com/silverstripe/sapphire/commit/1db08ba) Fix FormAction title encoding BUG Fix TreeMultiSelectField using the wrong label BUG Fix encoding of selected title on TreeDropdownField BUG Fix DataDifferencer trying to compare non-comparable fields (non-dbfield objects) BUG: Fix issue with TreeMultiSelectField not saving BUG: Fix issue with GridFieldPrintButton ENHANCEMENT Instead of using multiple api calls to encode dbfield values, delegate this operation to the individual fields via forTemplate Instead of using a new API to communicate html encoding to treeselect, just ensure all content is HTML encoded, and enable html_titles in jstree. (Damian Mooyman)
+ * 2015-02-08 [a530085](https://github.com/silverstripe/silverstripe-cms/commit/a530085) External redirects shouldnt show in preview pane (Daniel Hensby)
+ * 2015-02-06 [d68435e](https://github.com/silverstripe/sapphire/commit/d68435e) SelectionGroup no longer shows empty FieldLists (Daniel Hensby)
+ * 2015-02-06 [a0f9535](https://github.com/silverstripe/sapphire/commit/a0f9535) issue where empty composite fields created a fieldlist with empty items (Daniel Hensby)
+ * 2015-02-05 [70e0d60](https://github.com/silverstripe/sapphire/commit/70e0d60) Fix developer output in redirection script (Damian Mooyman)
+ * 2015-02-03 [abd1e6b](https://github.com/silverstripe/sapphire/commit/abd1e6b) GridFieldExportButton should honour can method. (Will Rossiter)
+ * 2015-01-22 [eed7093](https://github.com/silverstripe/sapphire/commit/eed7093) dev/build not flushing manifests if site is in a subfolder (Loz Calver)
+ * 2015-01-22 [7733c43](https://github.com/silverstripe/silverstripe-cms/commit/7733c43) Correctly sanitise Title (Michael Strong)
+ * 2015-01-19 [77ebdc2](https://github.com/silverstripe/sapphire/commit/77ebdc2) DataObject::db returned fields in incorrect order, with incorrect data types (Loz Calver)
+ * 2015-01-15 [32ce85d](https://github.com/silverstripe/sapphire/commit/32ce85d) . Summary fields can't be translated (Elvinas L.)
+ * 2015-01-13 [2861e7c](https://github.com/silverstripe/sapphire/commit/2861e7c) insert media trims whitespace fixes #845 (Emma O'Keefe)
+ * 2015-01-13 [2e6e8af](https://github.com/silverstripe/sapphire/commit/2e6e8af) insert media trims whitespace - fixes #845 (Emma O'Keefe)
+ * 2015-01-09 [ef237f6](https://github.com/silverstripe/sapphire/commit/ef237f6) Expands the CMS' centre-pane when collapsed and it's clicked. (Russell Michell)
+ * 2014-10-24 [9d78eb7](https://github.com/silverstripe/sapphire/commit/9d78eb7) Fix BasicAuth not resetting failed login counts on authentication (Damian Mooyman)
+ * 2014-10-16 [e4ddb4b](https://github.com/silverstripe/sapphire/commit/e4ddb4b) Ensure query string in X-Backurl is encoded (fixes #3563) (Loz Calver)
+ * 2014-08-25 [f823831](https://github.com/silverstripe/sapphire/commit/f823831) making minify javascript fail-safe (Igor Nadj)
+ * 2014-04-03 [5180452](https://github.com/silverstripe/sapphire/commit/5180452) Fixed handling of numbers in certain locales. Fixes #2161 (Damian Mooyman)
+
 ## Changelog
 
  * [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.1.10-rc1)

From aa77e126c7ef02d96e96ac059f3fcfc1577d088b Mon Sep 17 00:00:00 2001
From: Zauberfisch <admin@zauberfisch.at>
Date: Tue, 17 Feb 2015 04:33:40 +0000
Subject: [PATCH 2/4] Fixed infinity loop when searching _ss_environment

---
 core/Constants.php | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/core/Constants.php b/core/Constants.php
index d54993c31..574773fc9 100644
--- a/core/Constants.php
+++ b/core/Constants.php
@@ -50,13 +50,11 @@ foreach ($dirsToCheck as $dir) {
 	//check this dir and every parent dir (until we hit the base of the drive)
 	// or until we hit a dir we can't read
 	while(true) {
-		//add the trailing slash we need to concatenate properly
-		$dir .= DIRECTORY_SEPARATOR;
 		//if it's readable, go ahead
 		if (@is_readable($dir)) {
 			//if the file exists, then we include it, set relevant vars and break out
-			if (file_exists($dir . $envFile)) {
-				define('SS_ENVIRONMENT_FILE', $dir . $envFile);
+			if (file_exists($dir . DIRECTORY_SEPARATOR . $envFile)) {
+				define('SS_ENVIRONMENT_FILE', $dir . DIRECTORY_SEPARATOR . $envFile);
 				include_once(SS_ENVIRONMENT_FILE);
 				//break out of BOTH loops because we found the $envFile
 				break(2);

From fab44dce75e4c95e9aba78828e92b81db0b2e749 Mon Sep 17 00:00:00 2001
From: Damian Mooyman <damian@silverstripe.com>
Date: Tue, 17 Feb 2015 18:05:16 +1300
Subject: [PATCH 3/4] Added 3.1.10-rc2 changelog

---
 docs/en/04_Changelogs/rc/3.1.10-rc2.md | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 docs/en/04_Changelogs/rc/3.1.10-rc2.md

diff --git a/docs/en/04_Changelogs/rc/3.1.10-rc2.md b/docs/en/04_Changelogs/rc/3.1.10-rc2.md
new file mode 100644
index 000000000..cb52b2e42
--- /dev/null
+++ b/docs/en/04_Changelogs/rc/3.1.10-rc2.md
@@ -0,0 +1,11 @@
+# 3.1.10-rc2
+
+## Bugfixes
+
+ * 2015-02-17 [aa77e12](https://github.com/silverstripe/sapphire/commit/aa77e12) Fixed infinity loop when searching _ss_environment (Zauberfish)
+
+## Changelog
+
+ * [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.1.10-rc2)
+ * [cms](https://github.com/silverstripe/silverstripe-cms/releases/tag/3.1.10-rc2)
+ * [installer](https://github.com/silverstripe/silverstripe-installer/releases/tag/3.1.10-rc2)

From c302edc4e72dd93ac2c7d9bbf0ee42d2d74cd48b Mon Sep 17 00:00:00 2001
From: Damian Mooyman <damian@silverstripe.com>
Date: Thu, 19 Feb 2015 12:37:16 +1300
Subject: [PATCH 4/4] Added 3.1.10 changelog

---
 docs/en/04_Changelogs/3.1.10.md | 57 +++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 docs/en/04_Changelogs/3.1.10.md

diff --git a/docs/en/04_Changelogs/3.1.10.md b/docs/en/04_Changelogs/3.1.10.md
new file mode 100644
index 000000000..04a3303a8
--- /dev/null
+++ b/docs/en/04_Changelogs/3.1.10.md
@@ -0,0 +1,57 @@
+# 3.1.10
+
+## Upgrading
+
+### Form Actions
+
+Form action titles are now safely XML encoded, although this was an implicit assumption, it is now explicitly enforced.
+XML encoding titles will not cause an error, but is deprecated at framework 4.0. FormAction buttons with custom HTML
+content should be assigned using the `FormAction::setButtonContent` method instead.
+
+## Security
+
+Several medium and some low level security XSS (cross site scripting) vulnerabilites have been closed in this release.
+All users of SilverStripe framework 3.1.9 and below are advised to upgrade.
+
+ * 2015-02-10 [1db08ba](https://github.com/silverstripe/sapphire/commit/1db08ba) Fix FormAction title encoding (Damian Mooyman) -
+	See announcement [ss-2015-007](http://www.silverstripe.org/software/download/security-releases/ss-2015-007)
+ * 2015-02-10 [1db08ba](https://github.com/silverstripe/sapphire/commit/1db08ba) Core CMS XSS Vulnerability Fixes (Damian Mooyman) -
+	See announcements
+	[ss-2015-003](http://www.silverstripe.org/software/download/security-releases/ss-2015-003),
+	[ss-2015-004](http://www.silverstripe.org/software/download/security-releases/ss-2015-004),
+	[ss-2015-006](http://www.silverstripe.org/software/download/security-releases/ss-2015-006)
+ * 2015-01-22 [7733c43](https://github.com/silverstripe/silverstripe-cms/commit/7733c43) Correctly sanitise Title (Michael Strong) -
+	See announcement [SS-2015-005](http://www.silverstripe.org/software/download/security-releases/ss-2015-005)
+ * 2015-02-05 [70e0d60](https://github.com/silverstripe/sapphire/commit/70e0d60) Fix developer output in redirection script (Damian Mooyman) -
+	See announcement [SS-2015-001](http://www.silverstripe.org/software/download/security-releases/ss-2015-001)
+
+### Features and Enhancements
+
+ * 2015-01-22 [2e4bf9a](https://github.com/silverstripe/sapphire/commit/2e4bf9a) Update sake to reference new docs (Cam Findlay)
+
+### Bugfixes
+
+ * 2015-02-17 [aa77e12](https://github.com/silverstripe/sapphire/commit/aa77e12) Fixed infinity loop when searching _ss_environment (Zauberfish)
+ * 2015-02-12 [047fe3a](https://github.com/silverstripe/sapphire/commit/047fe3a) Include php version in default cache folder name Update CoreTest.php (JorisDebonnet)
+ * 2015-02-08 [a530085](https://github.com/silverstripe/silverstripe-cms/commit/a530085) External redirects shouldnt show in preview pane (Daniel Hensby)
+ * 2015-02-06 [d68435e](https://github.com/silverstripe/sapphire/commit/d68435e) SelectionGroup no longer shows empty FieldLists (Daniel Hensby)
+ * 2015-02-06 [a0f9535](https://github.com/silverstripe/sapphire/commit/a0f9535) issue where empty composite fields created a fieldlist with empty items (Daniel Hensby)
+ * 2015-02-03 [abd1e6b](https://github.com/silverstripe/sapphire/commit/abd1e6b) GridFieldExportButton should honour can method. (Will Rossiter)
+ * 2015-01-22 [eed7093](https://github.com/silverstripe/sapphire/commit/eed7093) dev/build not flushing manifests if site is in a subfolder (Loz Calver)
+ * 2015-01-19 [77ebdc2](https://github.com/silverstripe/sapphire/commit/77ebdc2) DataObject::db returned fields in incorrect order, with incorrect data types (Loz Calver)
+ * 2015-01-15 [32ce85d](https://github.com/silverstripe/sapphire/commit/32ce85d) . Summary fields can't be translated (Elvinas L.)
+ * 2015-01-13 [2e6e8af](https://github.com/silverstripe/sapphire/commit/2e6e8af) insert media trims whitespace - fixes #845 (Emma O'Keefe)
+ * 2015-01-13 [2861e7c](https://github.com/silverstripe/sapphire/commit/2861e7c) insert media trims whitespace fixes #845 (Emma O'Keefe)
+ * 2015-01-09 [ef237f6](https://github.com/silverstripe/sapphire/commit/ef237f6) Expands the CMS' centre-pane when collapsed and it's clicked. (Russell Michell)
+ * 2014-10-24 [9d78eb7](https://github.com/silverstripe/sapphire/commit/9d78eb7) Fix BasicAuth not resetting failed login counts on authentication (Damian Mooyman)
+ * 2014-10-16 [e4ddb4b](https://github.com/silverstripe/sapphire/commit/e4ddb4b) Ensure query string in X-Backurl is encoded (fixes #3563) (Loz Calver)
+ * 2014-08-25 [f823831](https://github.com/silverstripe/sapphire/commit/f823831) making minify javascript fail-safe (Igor Nadj)
+ * 2014-04-03 [5180452](https://github.com/silverstripe/sapphire/commit/5180452) Fixed handling of numbers in certain locales. Fixes #2161 (Damian Mooyman)
+
+
+## Changelog
+
+ * [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.1.10)
+ * [cms](https://github.com/silverstripe/silverstripe-cms/releases/tag/3.1.10)
+ * [installer](https://github.com/silverstripe/silverstripe-installer/releases/tag/3.1.10)
+