Commit Graph

3657 Commits

Author SHA1 Message Date
Damian Mooyman
44de03da01
Merge pull request #53 from silverstripe-security/pulls/3.5/ss-2017-006
[ss-2017-006] Fix user agent invalidation on session startup (3.5 branch)
2017-12-06 16:25:39 +13:00
Damian Mooyman
3e2bcaa0b4
Merge pull request #54 from silverstripe-security/pulls/3.5/ss-2017-009
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt (3.5 branch)
2017-12-06 16:25:19 +13:00
Chris Joe
0e8d288240
Merge pull request #7667 from open-sausages/pulls/4.0/better-tinymce-locales
BUG Ensure that all tinymce_lang mappings are valid
2017-12-06 11:24:02 +13:00
Daniel Hensby
2aa1d8f2c4
remove create_function usage 2017-12-05 14:20:13 +00:00
Loz Calver
91bd92df31 FIX: Remove some unnecessary ClassInfo calls in DataObjectSchema 2017-12-05 12:23:10 +00:00
Daniel Hensby
eb55c27124
Merge branch '4.0' into 4 2017-12-05 12:14:22 +00:00
Damian Mooyman
69295a6e22
BUG Ensure that all tinymce_lang mappings are valid 2017-12-01 15:00:39 +13:00
Damian Mooyman
25e276cf37 [ss-2017-006] Fix user agent invalidation on session startup 2017-12-01 10:55:00 +13:00
Damian Mooyman
cfe1d4f481
[ss-2017-007] Ensure xls formulae are safely sanitised on output
CSVParser now strips leading tabs on cells
2017-12-01 10:24:49 +13:00
Damian Mooyman
22ccf3e2f9
[ss-2017-007] Ensure xls formulae are safely sanitised on output
CSVParser now strips leading tabs on cells
2017-12-01 10:19:48 +13:00
Damian Mooyman
f1dd3d6f03
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt 2017-11-30 17:00:49 +13:00
Damian Mooyman
6ba00e829a
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt 2017-11-30 15:53:50 +13:00
Damian Mooyman
5bfc0c43eb
Merge pull request #7648 from creative-commoners/pulls/4.0/support-some-class-collection
FIX Support self::class text collection
2017-11-29 11:37:06 +13:00
Damian Mooyman
2fe59680e3
Merge pull request #7620 from open-sausages/pulls/4.0/its-too-big-to-fit
BUG Added warning for auto-generated table_name
2017-11-28 09:42:12 +13:00
Robbie Averill
b7ea05900e FIX Support self::class text collection 2017-11-27 23:20:29 +13:00
Christopher Joe
cc72b5c852 BUG Added warning for auto-generated table_name for non-test classes 2017-11-27 20:22:37 +13:00
Damian Mooyman
6e7fb4747e
Restore legacy $ThemeDir support 2017-11-27 15:24:40 +13:00
Damian Mooyman
bac5f4c8aa
Merge branch '3.5' into pulls/3.5/update-pwd-encryption-on-change 2017-11-27 14:42:32 +13:00
Daniel Hensby
6d5cbe0a0e
Merge branch '4.0' into 4 2017-11-25 17:19:31 +00:00
Daniel Hensby
07a0f75426
Merge branch '3.6' into 4.0 2017-11-25 16:56:50 +00:00
Daniel Hensby
fd201bc71b
Merge branch '3.6' into 3 2017-11-25 16:18:46 +00:00
Daniel Hensby
badeb0cc8c
Merge branch '3.5' into 3.6 2017-11-25 16:17:36 +00:00
Daniel Hensby
09a003bc13
Fix deprecated usage of getMock in unit tests 2017-11-24 14:48:30 +00:00
Daniel Hensby
2ad3cc07d5
FIX Update meber passwordencryption to default on password change 2017-11-23 21:17:31 +00:00
Daniel Hensby
333ecc201c
Merge pull request #7583 from open-sausages/pulls/4/relation-object-navigation
BUG Ensure relObject() safely bails on empty objects
2017-11-23 12:48:57 +00:00
Damian Mooyman
d9e7a92b3c
BUG Fix regressions in asset resize behaviour change 2017-11-22 14:36:24 +13:00
Christopher Joe
2b6b877327 Merge branch '4.0' of https://github.com/silverstripe/silverstripe-framework into 4 2017-11-21 15:08:30 +13:00
Chris Joe
d8ca223e15
Merge pull request #7605 from open-sausages/pulls/4.0/fix-enum-defaults
BUG Fix DBEnum ignoring empty defaults
2017-11-20 11:32:45 +13:00
Damian Mooyman
cbf9e40115
BUG Fix postgres / PDO support 2017-11-17 12:35:55 +13:00
Damian Mooyman
ef58799103
BUG Fix DBEnum ignoring empty defaults
FIxes #7582
2017-11-17 12:35:39 +13:00
Loz Calver
13b02feed7
Merge pull request #7602 from dhensby/pulls/3.5/fix-filter-any-inner-join
FIX ManyMany link table joined with LEFT JOIN
2017-11-16 13:48:07 +00:00
Daniel Hensby
4f3deb13e0
TEST filterAny on many_many relations return correct items 2017-11-16 11:10:12 +00:00
Daniel Hensby
3d3096485b
TEST Uppercase file extensions return correct mime type 2017-11-16 11:01:25 +00:00
Christopher Joe
2bc7edbf47 BUG Fix don't treat zero-date as invalid 2017-11-16 13:30:15 +13:00
Damian Mooyman
eae3d0cfaa
Merge remote-tracking branch 'origin/4.0' into 4 2017-11-16 10:16:44 +13:00
Chris Joe
bee3c404fa
Merge pull request #7545 from open-sausages/pulls/4.0/deprecated-each
BUG Remove usage of deprecated each() and use a helper method instead
2017-11-15 16:30:20 +13:00
Damian Mooyman
c9921447b3
Merge pull request #7539 from colintucker/fix-broken-paginated-list
Fixed array/object mismatch bug in PaginatedList
2017-11-15 15:17:15 +13:00
Damian Mooyman
f863573d1c
API Add getShortName to DBClassName
Fixes #7586
2017-11-15 11:27:58 +13:00
Daniel Hensby
cf321895ba
Merge branch '4.0' into 4 2017-11-14 13:24:15 +00:00
Daniel Hensby
0baa996cc0
Merge branch '3.6' into 3 2017-11-14 12:13:08 +00:00
Daniel Hensby
4731d3c671
Merge branch '3.5' into 3.6 2017-11-14 12:00:53 +00:00
Damian Mooyman
ba2c5b48f7
BUG Ensure relObject() safely bails on empty objects
BUG Remove assignment of IDs to singletons
API relation methods can take an optional $id parameter to get relations from specific parents
API Added UnsavedRelationList::relation() method
2017-11-10 15:27:02 +13:00
Colin Tucker
f952ef747b
Fixed array/object mismatch bug in PaginatedList 2017-11-06 11:23:41 +00:00
Sam Minnee
d8b4ca91d9 FIX: Fix ContextSummary behaviour with UTF8 chars
Fixes https://github.com/silverstripe/silverstripe-framework/issues/1396

Ensure that DBTextTest has UTF8 test cases
2017-11-06 12:09:08 +13:00
Damian Mooyman
420041f2b6
Merge remote-tracking branch 'origin/4.0' into 4 2017-11-03 17:04:44 +13:00
Damian Mooyman
6a73466b41 BUG Fix basicauth 2017-11-03 12:08:38 +13:00
Damian Mooyman
0b3ed7ff15
Merge 4.0 -> 4 2017-11-02 16:52:05 +13:00
Chris Joe
cd55a039e7
Merge pull request #7520 from open-sausages/pulls/4.0/config-redirect-works
API / BUG - Introduce new request resolver middleware and fix broken forceWWW / forceSSL
2017-11-02 10:01:58 +13:00
Damian Mooyman
5bc4f3d1fc
BUG Remove usage of deprecated each() and use a helper method instead 2017-11-01 16:04:35 +13:00
Damian Mooyman
3c8848a090
Update code style and fix tests 2017-10-30 17:34:15 +13:00
Damian Mooyman
9d3277f3d3
BUG Fix forceWWW and forceSSL not working in _config.php
API Introduce CanonicalURLMiddleware
BUG Fix Director::makeRelative() failing on multi-domain sites
2017-10-30 14:42:36 +13:00
Christopher Joe
f6b7cf8889 Feature disable current user from removing their admin permission 2017-10-30 12:34:06 +13:00
Damian Mooyman
324bdad48c
ENHANCEMENT Ensure DBVarchar scaffolds text field with TextField with appropriate max length
Fixes #1413
2017-10-26 16:21:51 +13:00
Damian Mooyman
68c3279fd9
BUG Ensure readonly tree dropdown is safely encoded
Removed legacy entwine dead code
Added soft-deprecation to label field
2017-10-26 13:04:30 +13:00
Andrew Aitken-Fincham
c4a50a3d10 Spelling in DataQueryTest 2017-10-20 12:00:35 +01:00
Sam Minnee
4bec62ba51 Merge branch '4.0' into 4 2017-10-20 18:45:16 +13:00
Damian Mooyman
b9cb1e69e6 BUG Replace phpdotenv with thread-safe replacement 2017-10-20 18:43:11 +13:00
Christopher Joe
dabdc905ce
BUG Fix enable email subclasses to use their respective templates 2017-10-19 14:44:04 +13:00
Robbie Averill
2f579b64cb FIX Files without extensions (folders) do not have a trailing period added 2017-10-18 09:25:27 +13:00
Chris Joe
cafa3fc29a BUG switch to trigger_error() when a resource is not found (#7468)
* BUG switch to `trigger_error()` when a resource is not found rather than throw an exception

* Add unit test for module url failing
2017-10-16 16:11:42 +13:00
Daniel Hensby
c09dec5958 Merge pull request #7456 from open-sausages/pulls/4.0/decimal-scaffolding
BUG Fix decimal scaffolding
2017-10-10 15:46:38 +01:00
Damian Mooyman
6a55dcfc16
Fix references to resource paths / urls 2017-10-10 16:51:47 +13:00
Damian Mooyman
fd630a99b0
BUG Fix decimal scaffolding
Fixes #7454
2017-10-10 10:13:26 +13:00
Christopher Joe
f34f7cb668 Fix surname behat test 2017-10-09 16:00:21 +13:00
Damian Mooyman
311811a261 Merge pull request #7451 from open-sausages/pulls/4.0/whats-temporary-could-turn-path
rename TEMP_FOLDER to TEMP_PATH
2017-10-09 14:16:06 +13:00
Damian Mooyman
994689ab54 Merge pull request #7450 from open-sausages/rename-assertDOS-to-assertList
API Rename assert dos to assert list
2017-10-09 13:47:18 +13:00
Christopher Joe
3560a0418d rename TEMP_FOLDER to TEMP_PATH 2017-10-09 12:41:34 +13:00
Damian Mooyman
313f8c7ac3 Merge pull request #7439 from creative-commoners/pulls/4.0/trim-injector-names
FIX Trim whitespace off names in Injector
2017-10-09 12:31:11 +13:00
Werner M. Krauß
f686b50824 API Rename assert dos to assert list 2017-10-09 11:53:11 +13:00
Chris Joe
566d7baa48 Merge pull request #7437 from open-sausages/pulls/4.0/stateless-extensions
API Extensions are now stateless
2017-10-09 11:45:33 +13:00
Daniel Hensby
d8f49a1bda Merge pull request #7426 from silverstripe/filefield-accept-attr
NEW: Implement accept attribute in FileField (closes #7279)
2017-10-06 15:01:12 +01:00
Robbie Averill
3bdc8c7e65 FIX Trim whitespace off names in Injector 2017-10-06 15:52:44 +13:00
Damian Mooyman
b996e2c22c
API Extensions are now stateless
ENHANCEMENT Injector now lazy-loads services more intelligently
2017-10-06 14:53:44 +13:00
Chris Joe
90ce2abecb Merge pull request #7422 from open-sausages/pulls/4.0/flags-in-gridfield
Add gridfield versioned columns
2017-10-06 14:39:02 +13:00
Christopher Joe
578f3f208c Fix behat test 2017-10-06 13:40:11 +13:00
Damian Mooyman
168db412de Merge pull request #7424 from creative-commoners/pulls/4.0/extensible-change-password
NEW Make Member::changePassword extensible
2017-10-05 13:18:53 +13:00
Damian Mooyman
4dbd727206
BUG Config updates are now applied after middleware not before 2017-10-05 12:30:21 +13:00
Robbie Averill
6b52412693 NEW Make Member::changePassword extensible 2017-10-05 11:18:34 +13:00
Damian Mooyman
1b6d0144c5
BUG Fix resource mapping for TinyMCE
API add ModuleResource::getRelativeResource()
2017-10-04 17:44:04 +13:00
Loz Calver
43ec2f87ed NEW: Implement accept attribute in FileField (closes #7279) 2017-10-03 16:48:49 +01:00
Damian Mooyman
16f4345124
Remove unnecessary FRAMEWORK_DIR constants 2017-10-03 14:52:23 +13:00
Damian Mooyman
f4a77649a4
Fix requirements tests 2017-10-03 14:21:24 +13:00
Damian Mooyman
5ffe64f024
Fix tinymce plugins 2017-10-03 14:08:24 +13:00
Damian Mooyman
fa57deeba4
ENHANCEMENT Allow vendor modules with url rewriting
API Introduce ModuleResource feature
2017-09-29 10:28:38 +13:00
Daniel Hensby
b49d1d7fbd
Merge branch '3.6' into 3 2017-09-28 17:17:19 +01:00
Christopher Joe
53b2fcd1ea Fix amend TinyMCE combined generator's unit test to be more lenient with encoding 2017-09-28 16:47:13 +13:00
Christopher Joe
7e92b053f4 Enhancement Add setter and getter for certain classes, so that LeftAndMain no longer updates config during init 2017-09-28 16:47:13 +13:00
Damian Mooyman
da27948777 Merge pull request #7373 from dhensby/pulls/4/rate-limit-security
NEW RateLimiter for Security controller
2017-09-28 11:01:37 +13:00
Damian Mooyman
e4fd9b4ff7
Code style fixes 2017-09-28 09:54:29 +13:00
Daniel Hensby
5f739c111e
added ratelimiter tests 2017-09-27 16:42:04 +01:00
Daniel Hensby
060c2d62d3
Merge pull request #7408 from ajoneil/fix-paginated-list-get-vars
Prior to this change, if there were already GET vars on a page
with a PaginatedList, the links would include a mix of '&' and '&'.
2017-09-27 09:41:32 +01:00
Andrew O'Neil
c7cbbb29f4 Fix links on paginated lists when there are GET vars
Prior to this change, if there were already GET vars on a page
with a PaginatedList, the links would include a mix of '&' and '&'.
2017-09-27 15:41:08 +10:00
Daniel Hensby
28552155c3
NEW Add actWithPermission to SapphireTest for shortcut to perform actions with specific permissions 2017-09-26 13:39:31 +01:00
Daniel Hensby
bd7abc73de
Merge branch '3.5.5' into 3.6.2 2017-09-20 16:26:30 +01:00
Damian Mooyman
261302a121
ENHANCEMENT Don't force all class names to lowercase
Speeds up autoloading because composer psr-4 works properly now
2017-09-20 15:14:55 +12:00
Mike Cochrane
41d1b2a882 Test fix: Don't hard code the security page_class controller 2017-09-16 11:27:16 +12:00
Sacha Judd
c707fccf69 NEW Allow GridFieldEditButton to have configurable HTML classes. Change edit icon. 2017-09-13 13:11:17 +12:00
Daniel Hensby
091d99f599
FIX Authenticators are more resilient to incomplete configuration 2017-09-12 15:57:03 +01:00
Andrew Aitken-Fincham
6613826ed8 FIX SSViewer::add_themes() to properly prepend 2017-09-12 13:34:56 +01:00
Damian Mooyman
4c84f22b2e Merge pull request #7325 from xini/patch-3
use html5 mark tag to highlight search parameter
2017-09-05 13:38:42 +12:00