Commit Graph

73 Commits

Author SHA1 Message Date
Damian Mooyman
97f21fddb3 [ss-2015-021] Fix rewrite hash links XSS 2015-11-11 17:46:27 +13:00
Damian Mooyman
7ff131daa7 BUG Fix default casted (boolean)false evaluating to true in templates 2015-06-12 15:47:15 +12:00
Christopher Pitt
604c328712 Fixed XSS vulnerability relating to rewrite_hash 2015-03-20 18:17:51 +13:00
Loz Calver
998c055676 FIX: Misleading error message in SSViewer
Better error message if theme is disabled

DRY!
2015-02-16 09:24:58 +00:00
Loz Calver
570f261302 FIX: Tag-less cache backends error on flush 2014-10-15 11:41:15 +01:00
Damian Mooyman
793784e9d7 BUG Fix flushing of SSViewer cache via testing 2014-10-14 09:47:05 +13:00
Loz Calver
48eb0e67e6 FIX: Deliberately clear partial cache blocks on flush (fixes #1383)
Move property to top of class definition

Move property to top of class definition
2014-10-09 21:44:01 +01:00
Sean Harvey
2b316e79e5 NEW Provide a consistent way of triggering flush
Provides an interface for classes to implement their own flush()
functionality. This function gets called early in a request on
all implementations of Flushable when flush=1|all is requested in the
URL.

This fix came out of an issue where Requirements combined files were not
being cleaned up after dev/build?flush=1, due to the fact that flush
would only occur when you called it while on a page that used those
combined files, but not in any other contexts. This will now call flush
on any implementors of Flushable regardless of the context of where
flush was called.
2014-08-22 09:24:27 +12:00
Simon Welsh
1d5706f15c Correct line length and indentation 2014-03-30 21:11:56 +13:00
Simon Welsh
f9c44e4ceb Merge branch '3.0' into 3.1
Conflicts:
	model/Versioned.php
	view/SSTemplateParser.php
	view/SSViewer.php
2014-03-30 18:15:12 +13:00
Damian Mooyman
4415a75d93 BUG Fix issue with versioned dataobjects being cached between stages 2014-03-27 13:17:29 +13:00
Ingo Schommer
ab070944d5 Merge branch 'pulls/apidocs-package-list' of https://github.com/madmatt/silverstripe-framework into madmatt-pulls/apidocs-package-list
Conflicts:
	view/SSTemplateParser.php
	view/SSTemplateParser.php.inc
2014-01-31 15:15:59 +13:00
micmania1
b89ab1eb16 Added SSViewer::get_templates_by_class() to make the functionality in LeftAndMain::getTemplatesWithSuffix() more open. 2013-12-01 07:42:37 +00:00
madmatt
bebe0f6e37 Updating @package and @subpackage doc tags 2013-11-29 17:49:30 +13:00
Cam Spiers
ac418ce99e Feature to allow that changing the SSTemplateParser through the Injector system
The motivation for this was to allow module developers to change what parser is used to parse SilverStripe templates.
This change enables people to compile their own version of the SilverStripe template parser and use it without modifying core files.
2013-10-18 12:42:39 +13:00
Jörn Röder
e2a43961d0 fixed undefined offset #2276 2013-07-28 19:39:40 +02:00
Jeremy Thomerson
f6ff39369f FEATURE: <% include %> inherits iterator scope of parent template 2013-07-07 12:39:42 +00:00
Hamish Friedlander
ae3e3f3b44 FIX Arguments to method calls reseting scope 2013-06-25 17:35:16 +12:00
Sam Minnee
526b40414a FIX: Ensure that actions inferred from templates with the "_action" suffix also respect allowed_actions.
FIX: Ensure SSViewer::hasTemplate() is aware of themes.

To do this, RequestHandler::definingClassForAction() has been created, splitting out the code that looks up the class that defines a given action into its own method.  This is then overridden in Controller to look at templates.
2013-06-19 20:11:50 +12:00
Colin Richardson
b2934d7ebf FIX: exclude directory from available themes when underscore is first character
Change FALSE to lowercase
2013-05-23 16:49:35 +01:00
Ingo Schommer
7121fc3f85 FIX Config isolation in Director::test() 2013-04-07 23:59:10 +02:00
Ingo Schommer
828ac7fe4f API Replaced SSViewer.custom_theme with SSViewer.theme_enabled
Since we can't influence the setting of configuration values,
we also can't set/unset the 'custom_theme' value based on which
theme is set. This means the 'custom_theme' value goes stale,
and we can't rely on it e.g. in FilesystemPublisher.

The 'theme_enabled' toggle is a cleaner solution to the same problem,
since the 'custom_theme' was really just a way to remember the original
theme, while still disabling it. The toggle makes this more explicit,
but also requires users of the 'theme' setting to check for it.
2013-04-07 23:59:10 +02:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Hamish Friedlander
743a186c32 API Make SSViewer#process return HTMLText not string
This means that you dont have to worry about casting it
as HTMLText again when using the result in a template or other context

However in some situations code might be assuming it can
check with is_string, in which case you now need to use instanceof HTMLText
2013-03-14 12:49:03 +13:00
Hamish Friedlander
d2650bbc44 NEW Disable shortcodes in $Layout and $Content in SSViewer 2013-03-14 12:49:03 +13:00
Hamish Friedlander
7efae6b95f Merge remote-tracking branch 'origin/3.0' into 3.1 2013-02-18 14:31:57 +13:00
Ingo Schommer
d969e29d00 API Require ADMIN for ?showtemplate=1 2013-02-12 23:26:04 +01:00
ajshort
a4096ecc70 Add a self method to the SSViewer scope.
This returns the current object, and resets the scope.
2013-02-11 17:53:14 +11:00
Simon Welsh
b0121b541c Add codesniffer that ensures indentation is with tabs. 2012-12-12 17:33:31 +13:00
Simon Welsh
fc5dd2994c Add codesniffer that ensures indentation is with tabs. 2012-12-12 00:12:11 +13:00
Ingo Schommer
d92258da8f Allow calling SSViewer_Scope on empty sets
Specifically fixes a bug where a SelectionGroup_Item
without a "child" field causes fatal errors.
2012-12-11 11:07:00 +01:00
Sean Harvey
fbc6e3366b Merge branch '3.0' 2012-11-05 15:11:48 +13:00
Will Rossiter
dfd3455802 BUG Only include processed requirements at the top level. (Fixes #7847)
After each sub template was processed Requirements::includeInHTML() is included which appended requirements again.
2012-11-04 17:54:09 +13:00
Ingo Schommer
fb5e488103 Line length fixes 2012-10-03 18:11:31 +02:00
Ingo Schommer
56f7ce1dcf Merge remote-tracking branch 'origin/3.0'
Conflicts:
	control/Cookie.php
	control/Director.php
	control/HTTPResponse.php
	model/Database.php
	model/MySQLDatabase.php
	model/SQLQuery.php
	view/Requirements.php
	view/SSViewer.php
2012-10-03 16:16:19 +02:00
Sam Minnee
1f7fc1f76a FIX Remove instances of lines longer than 120c
The entire framework repo (with the exception of system-generated files) has been amended to respect the 120c line-length limit.  This is in preparation for the enforcement of this rule with PHP_CodeSniffer.
2012-09-30 17:18:13 +13:00
Simon Welsh
1e629f4585 Merge branch '3.0'
Conflicts:
	control/Cookie.php
	control/Director.php
	dev/Profiler.php
	view/Requirements.php
2012-09-21 14:56:56 +12:00
Ingo Schommer
e2f073f38a Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
Ingo Schommer
0fe515e182 API Deprecated Profiler class, removed related debug GET params
Use third party tools like XHProf instead.
Removed defunct or unnecessary debug GET parameters:
debug_profile, debug_memory, profile_trace, debug_javascript, debug_behaviour
2012-07-05 12:02:06 +02:00
Sam Minnee
3f0136749b API CHANGE: Add Security::ignore_disallowed_actions() to allow site features to be disabled when permissions have failed, rather than redirecting to the log-in form. (Trac #7097) 2012-06-15 15:17:48 +12:00
Sean Harvey
792c89e103 ENHANCEMENT Adding List() in the GenericTemplateGlobalProvider so
templates can use <% cached List(Member).max(LastEdited) %> instead
of deprecated "Aggregate" syntax.
2012-05-29 20:04:51 +12:00
Sean Harvey
1bf6495ae0 MINOR Partially reverted 4d4f9e08d9 as we don't need to check
forTemplate() exists
2012-05-19 18:17:25 +12:00
Sean Harvey
4d4f9e08d9 MINOR Code formatting in SSViewer 2012-05-19 18:09:39 +12:00
Sean Harvey
e5e8f489a2 Merge branch (pull request #247) 'template-global-fixes' of https://github.com/sminnee/sapphire into sminnee-template-global-fixes 2012-05-19 15:39:59 +12:00
Simon Welsh
ab34688273 BUGFIX: Looping over a PaginatedList in the template caused a seg fault/bus error. 2012-05-11 14:03:31 +12:00
Sean Harvey
ccb941ea9d BUGFIX Fixed places where Object::get_static() was being used. Replace
with Config system instead.
2012-04-18 23:55:37 +12:00
Simon Welsh
f07258f3cf MINOR Update @package values to match renaming sapphire 2012-04-15 10:50:19 +12:00
Hamish Friedlander
521742aaf8 ENHANCEMENT: Split arguments passed to SSViewer into underlay and overlay arguments to control precedence. Also fixes breakage of SecurityAdmin 2012-04-13 12:15:34 +12:00
Sam Minnée
1189322b41 Merge pull request #302 from robert-h-curry/7113-nested-controls-breaking-last
BUGFIX: Issue #7113: Recalculate itemIteratorCount when popping viewer state.
2012-04-11 17:19:46 -07:00
Sam Minnée
168eaf72d8 Merge pull request #300 from silverstripe-scienceninjas/feature/ssviewer-enhancements
Feature/ssviewer enhancements
2012-04-11 16:29:22 -07:00