Sabina Talipova
6fe377e69d
Merge pull request #11113 from creative-commoners/pulls/4.13/cve-2023-48714
...
[CVE-2023-48714] Don't show or add records the member isn't allowed to
2024-01-23 11:46:28 +13:00
Guy Sartorelli
873b721b6b
[CVE-2023-48714] Don't show or add records the member isn't allowed to
...
see
2024-01-23 11:11:36 +13:00
Guy Sartorelli
4b1b487041
[CVE-2023-49783] Allow permission checks in BulkLoader
2024-01-23 11:01:25 +13:00
Guy Sartorelli
7dc1a7a12b
FIX Correctly mark ConfirmedPasswordField children as required
2023-12-20 12:35:30 +13:00
Loz Calver
40b888eaf3
FIX: UnsavedRelationList::last() sometimes returned an ID instead of an item
2023-12-04 11:44:34 +00:00
Loz Calver
e28af9a5a7
FIX: UnsavedRelationList first/last to return null if list is empty ( fixes #11083 )
2023-12-04 11:32:08 +00:00
Guy Sartorelli
6d903848ab
FIX Don't replace config manifest for nested kernels ( #11082 )
2023-11-30 11:39:14 +13:00
Steve Boyd
4dbbf04ba5
FIX Add extraEmptyValues to TreedropdownField
2023-11-27 12:42:28 +13:00
Guy Sartorelli
7eab49f850
FIX Ensure environment is checked before enabling deprecations ( #11055 )
2023-11-22 09:30:08 +13:00
Guy Sartorelli
05f1d9ab86
FIX Make deprecation enabled check faster
2023-11-17 10:41:02 +13:00
Sabina Talipova
d883719c16
FIX ModelAdmin toast elements
2023-11-09 09:39:52 +13:00
Bernie Hamlin
e5eb98cc34
Use field editorconfig when sanitising content
2023-10-25 12:08:46 +13:00
Guy Sartorelli
7bb72eb7c5
FIX Ensure all fixed fields are added
2023-09-25 15:35:34 +13:00
Guy Sartorelli
58696e3ed5
FIX Set tableName on DBField before calling addToQuery ( #10946 )
2023-09-14 11:01:36 +12:00
Rastislav Brandobur
17733aa84a
added missing returns (fluent setter)
2023-09-11 10:58:11 +02:00
Guy Sartorelli
7ea25bf9e1
FIX Call addToQuery on all DBFields ( #10936 )
2023-09-05 15:06:53 +12:00
Sabina Talipova
c5be3fc487
Merge pull request #10931 from tjbwsk/4.13
...
added missing maxLength validation
2023-08-31 08:45:10 +12:00
Rastislav Brandobur
d6c39e7d36
added missing maxLength validation
2023-08-28 10:51:43 +02:00
Niklas Forsdahl
88c70b3234
Fixed deprecation notices in php 8.2 by using the AllowDynamicProperties
...
annotation on classes that set dynamic properties
2023-08-25 11:07:48 +03:00
Guy Sartorelli
2e92b89b54
Merge pull request #10923 from kinglozzer/10821-mmtl-changetracking
...
FIX: Stop ManyManyThroughList join records incorrectly showing as changed (fixes #10821 )
2023-08-24 09:05:38 +12:00
Loz Calver
1fd495449b
FIX: Stop ManyManyThroughList join records incorrectly showing as changed ( fixes #10821 )
2023-08-23 16:43:56 +01:00
Guy Sartorelli
c7cd26299a
Fix ArrayList canFilterBy to work with ArrayData ( #10915 )
2023-08-15 11:31:20 +12:00
Thomas
d621d00eea
DBComposite::writeToManipulation() is never called
2023-08-11 09:56:37 +12:00
Sabina Talipova
597d97bf0a
Merge pull request #10907 from creative-commoners/pulls/4.13/new-fields-validator
...
NEW Add FieldsValidator to ensure fields get validated
2023-08-10 10:50:57 +12:00
Sabina Talipova
037168a4fe
FIX Multi HTML entities in shortcodes
2023-08-08 13:08:19 +12:00
Guy Sartorelli
5a52484d88
NEW Add FieldsValidator to ensure fields get validated
2023-08-08 13:02:27 +12:00
Guy Sartorelli
9e5411e905
Merge pull request #10885 from creative-commoners/pulls/4.13/search-in-non-existing-fields
...
FIX Image in summaryfields breaks search
2023-08-03 15:11:49 +12:00
Sabina Talipova
d24095aba8
FIX Image in summaryfields breaks search
2023-08-03 14:48:55 +12:00
Guy Sartorelli
b90d606427
Merge pull request #10834 from lekoala/patch-36
...
SessionAuthenticationHandler doesn't cache member query
2023-08-03 11:54:50 +12:00
Steve Boyd
7b21b38ac4
[CVE-2023-32302] Require password field to be non-empty
2023-07-31 11:14:22 +12:00
Steve Boyd
a16b268ff7
MNT Tidy up double assignment
2023-07-20 18:19:14 +12:00
Steve Boyd
7daa3fdb08
FIX Short-array syntax for Enum
2023-07-20 16:06:01 +12:00
Dylan Wagstaff
8c3ba81052
FIX PHP 8.1 support in MySQLiConnector::query errors ( #10570 )
...
* FIX PHP 8.1 support in MySQLiConnector::query errors
The default error reporting mode in PHP 8.1 has changed from using
errors reported on the connection handle to throwing
mysqli_sql_exception. query() makes no allowance for this, and
functions up the call stack expect to catch
Silverstripe\ORM\Connect\DatabaseException instead - resulting in the
MySQLi exception going all the way up to halt the system.
We can use a try, catch, and finally to retain backwards compatibility,
no matter which setting (e.g. PHP version default) someone has enabled.
* Move MySQLConnector test skip call into setUp()
As review feedback; marking the test as skipped in a private function
obfuscated where the call was happening and made it harder to skimread
the tests. Moving this into a setUp function makes it obvious the check
is run before each test case, and skipped if necessary.
2023-07-07 15:56:31 +12:00
Thomas Portelange
9391e696bb
use Member::class
2023-06-23 09:35:34 +02:00
Thomas Portelange
2e73b5eeca
Use cached query
...
Fixes https://github.com/silverstripe/silverstripe-framework/issues/10833
2023-06-22 11:04:26 +02:00
Sabina Talipova
ad9df97626
FIX LastPage method returns true if TotalPages equals 0
2023-06-22 10:50:41 +12:00
josephlewisnz
b6a3e3a951
added an additional filter to remove empty array items ( #10803 )
...
* ENH Added filter to remove empty/null from Path::join parts
This is to ensure null values are removed and trim() deprecated warnings are not thrown
Fixes #10802
* FIX revert public signature
Co-authored-by: Steve Boyd <emteknetnz@gmail.com>
---------
Co-authored-by: Steve Boyd <emteknetnz@gmail.com>
2023-06-14 15:46:23 +12:00
Guy Sartorelli
6fd7694cbc
Merge pull request #10816 from creative-commoners/pulls/4.13/updatebool
...
FIX Show correct default value
2023-06-14 13:32:09 +12:00
Steve Boyd
35a8d79f62
FIX Show correct default value
2023-06-14 11:25:34 +12:00
Bram de Leeuw
33c62033fe
Fix translation key for DataObject.GENERALSEARCH ( #10805 )
...
* MNT Use gha-dispatch-ci
* Update DataObject.php
Fix typo in GENERALSEARCH localisation
* Update en.yml
remove unnecessary localisation line
* Update nl.yml
remove unnecessary localisation line
* Update eo.yml
remove unnecessary localisation line
* Update ci.yml
2023-06-09 13:44:00 +12:00
Guy Sartorelli
c4b8d9a246
FIX Add back missing SSL support for database connections ( #10784 )
2023-05-22 12:40:59 +12:00
Michal Kleiner
f815a9cf2a
FIX Provide correct replacement suggestion in deprecation message
2023-05-21 20:12:52 +12:00
Sabina Talipova
0ab36f6ae1
UPD Add support new TinyMC cs_CZ.js
2023-05-16 11:56:05 +12:00
Guy Sartorelli
234e229098
Merge pull request #9976 from kinglozzer/9975-default-form-action
...
FIX: Form::defaultAction() didn't work if actions were in CompositeFields (fixes #9975 )
2023-05-09 21:45:24 +12:00
Guy Sartorelli
01808a8316
FIX Don't assume searchableFields() exists in gridfield filter
2023-05-09 10:00:07 +12:00
Guy Sartorelli
908b6f2006
Merge branch '4.12' into 4.13
2023-04-26 11:44:54 +12:00
Sabina Talipova
c2733a3108
Merge pull request #10760 from creative-commoners/pulls/4.12/absoluteurl-parsing
...
Escaped double slash is absolute URL
2023-04-26 11:30:41 +12:00
Guy Sartorelli
1a5bb4cbec
[CVE-2023-22729] Escaped double slash is absolute URL
2023-04-26 09:49:59 +12:00
Guy Sartorelli
fd5d8217e8
[CVE-2023-22728] Check canView before printing from GridField
2023-04-26 09:45:34 +12:00
Steve Boyd
3d03a93b8f
Merge branch '4.12' into 4.13
2023-04-11 10:55:17 +12:00