Commit Graph

3089 Commits

Author SHA1 Message Date
Ingo Schommer
893e49703d [ss-2016-003] Hostname, IP and Protocol Spoofing through HTTP Headers 2016-02-18 17:28:54 +13:00
Silbinary Wolf
63dddacba7 Optimization: Swapped is_array for faster casting compare, shaved ~4s off flushing on 3.2ghz i5 dual core system 2015-12-05 19:39:37 +11:00
Damian Mooyman
c4dc10b255 Merge remote-tracking branch 'origin/3.2' into 3
Conflicts:
	forms/DropdownField.php
	tests/model/ImageTest.php
2015-11-03 13:06:39 +13:00
Damian Mooyman
e07f80014c Merge remote-tracking branch 'origin/3.1' into 3.2
Conflicts:
	lang/cs.yml
	lang/sk.yml
2015-11-03 11:10:46 +13:00
Damian Mooyman
2813f94124 BUG Ensure that filters on any fixed field are scoped to the base data table
Fixes #4700
2015-10-30 16:26:14 +13:00
Marco Kernler
5c04dc5d67 ENHANCEMENT - Added new method to display the number of total items in a paginated list within templates 2015-09-25 09:03:04 +02:00
Nicola Fontana
c39cf2d55f Do not hang on nested parameters in search context 2015-09-23 09:12:02 +02:00
Peter Thaleikis
4c19c183fe improve readibility 2015-09-20 20:18:48 +12:00
Damian Mooyman
e64d73c1f7 BUG Fix ClassInfo::table_for_object_field 2015-09-17 18:31:46 +12:00
Hamish Friedlander
a59a90c6b5 Merge pull request #4609 from tractorcow/pulls/3.1/fix-classinfo-breakage
BUG Fix ClassInfo::table_for_object_field
2015-09-17 14:45:17 +12:00
Damian Mooyman
c9ba6e5d00 BUG Fix ClassInfo::table_for_object_field 2015-09-17 13:39:42 +12:00
Damian Mooyman
f10785350e Merge remote-tracking branch 'origin/3.2' into 3
Conflicts:
	docs/en/02_Developer_Guides/02_Controllers/01_Introduction.md
2015-09-09 14:50:47 +12:00
Damian Mooyman
843e54509a Merge pull request #4475 from JeroenDeDauw/rm-unused-vars
Remove unused local vars
2015-09-01 11:42:16 +12:00
Damian Mooyman
4a011303b9 Add missing packages 2015-08-24 16:15:38 +12:00
Damian Mooyman
4ea344ac9c Merge remote-tracking branch 'origin/3.2' into 3 2015-08-24 12:57:22 +12:00
Damian Mooyman
1686c83826 Revert #3425 #3396 to restore deprecated functionality
Fixes #4514
2015-08-24 11:26:25 +12:00
Dan Hensby
c5c8a6a720 Merge remote-tracking branch '3.2' into 3
Conflicts:
	admin/templates/Includes/ModelAdmin_ImportSpec.ss
	css/GridField.css
2015-08-17 11:59:24 +00:00
Daniel Hensby
a8ab5a468d Merge branch '3.1' into 3.2
Conflicts:
	admin/code/LeftAndMain.php
	composer.json
2015-08-17 11:43:28 +01:00
Daniel Hensby
910156b84c Merge pull request #4443 from JorisDebonnet/base64url
Url-safe alternative for base64_encode in resampled Image filenames
2015-08-10 13:56:35 +01:00
Sam Minnee
1f0602d42f FIX: Fixed regression from ClassInfo case-sensitivity fix.
This fixes a bug introduced by ffbeac6b7d.
ClassInfo::subclassesFor() didn't previously throw an Exception if passed
an invalid class; it just returned no values. This will annoy minor-release
upgrades, and so I've made it return null instead in these situation.
2015-08-07 14:20:01 +12:00
JorisDebonnet
18e163d985 Url-safe alternative for base64_encode in resampled Image filenames 2015-08-05 20:59:40 +02:00
Loz Calver
687de33d0d Ensure ClassInfo is backwards compatible with non-existant classes 2015-08-04 15:07:07 +01:00
jeroendedauw
320c717358 Remove unused local vars 2015-08-03 20:42:43 +02:00
Damian Mooyman
e0a560051e Merge remote-tracking branch 'origin/3.2' into 3
Conflicts:
	css/AssetUploadField.css
2015-07-31 14:33:16 +12:00
Damian Mooyman
7ee444e08a Merge remote-tracking branch 'origin/3.1' into 3.2
Conflicts:
	admin/code/LeftAndMain.php
	control/injector/SilverStripeServiceConfigurationLocator.php
	core/ClassInfo.php
	filesystem/File.php
	model/DataObject.php
	model/DataQuery.php
	search/filters/FulltextFilter.php
	search/filters/SearchFilter.php
	tests/core/ClassInfoTest.php
	tests/filesystem/FileTest.php
	tests/model/DataListTest.php
2015-07-31 11:38:18 +12:00
Daniel Hensby
ffbeac6b7d Ensuring classinfo is case insensitive 2015-07-28 11:17:50 +01:00
Loz Calver
688c4382f3 Mark Object caching methods as deprecated 2015-07-27 17:15:53 +01:00
Simon Erkelens
1831947157 Declare the global mapping
Fix for  #4426
2015-07-23 20:52:09 +02:00
Dan Hensby
64ceba133c Merge remote-tracking branch 'origin/3.2' into 3
Conflicts:
	admin/css/screen.css
2015-07-20 14:08:36 +00:00
Daniel Hensby
ca8d0f2818 Merge branch '3.1' into 3.2
Conflicts:
	dev/Debug.php
	docs/en/05_Contributing/01_Code.md
	forms/FormField.php
	i18n/i18nTextCollector.php
	model/DataQuery.php
2015-07-20 10:48:01 +01:00
Damian Mooyman
5ace4905c9 BUG Fix issue when SS_ALLOWED_HOSTS is run in CLI 2015-07-08 11:01:06 +12:00
Daniel Hensby
7cd5cf3d4a Merge pull request #4273 from stevie-mayhew/pulls/increase_time_limit
FIX: increase_time_limit_to work when increase_time_limit_max is not yet set
2015-06-22 21:33:00 +01:00
Stevie Mayhew
8a4c51893b FIX: allow for increase_time_limit_to to work if $_increase_time_limit_max is not yet set 2015-06-22 08:17:04 +12:00
Daniel Hensby
66391ab57a FIX Imported namespaces now correctly used to determine class inheritance
Fixes #3707
2015-06-20 16:09:10 +01:00
Damian Mooyman
e14f743bf0 Set deprecation level for all changes in 3.x to 4.0 2015-06-19 13:07:41 +12:00
Daniel Hensby
eaec2ad9a8 Safe unnesting of Config and Injector 2015-06-15 00:23:40 +01:00
Damian Mooyman
8331171f2c Merge remote-tracking branch 'origin/3.1' into 3
Conflicts:
	.scrutinizer.yml
	admin/javascript/LeftAndMain.Panel.js
	core/startup/ParameterConfirmationToken.php
	dev/Debug.php
	dev/FixtureBlueprint.php
	docs/en/00_Getting_Started/05_Coding_Conventions.md
	docs/en/00_Getting_Started/index.md
	docs/en/02_Developer_Guides/01_Templates/01_Syntax.md
	filesystem/File.php
	filesystem/Folder.php
	forms/FieldList.php
	forms/LabelField.php
	forms/MoneyField.php
	forms/TextField.php
	forms/TreeDropdownField.php
	forms/Validator.php
	forms/gridfield/GridField.php
	forms/gridfield/GridFieldExportButton.php
	lang/de.yml
	lang/fi.yml
	model/DataObject.php
	model/SQLQuery.php
	parsers/ShortcodeParser.php
	security/ChangePasswordForm.php
	security/Security.php
	tests/control/DirectorTest.php
	tests/core/startup/ParameterConfirmationTokenTest.php
	tests/dev/FixtureBlueprintTest.php
	tests/forms/FieldListTest.php
	tests/forms/MoneyFieldTest.php
	tests/model/SQLQueryTest.php
	tests/security/SecurityTest.php
2015-06-02 19:13:38 +12:00
Damian Mooyman
0319f7855b FIX Incorrect env setting in 3.1.13 2015-06-02 12:27:08 +12:00
Marcus Nyeholt
9c8fa51321 FIX Allow users to specify allowed hosts
Allow users to explicitly state which Hosts are allowed to be requested via
this application instance to avoid Host: header forgery attacks.
2015-05-28 15:58:39 +10:00
Damian Mooyman
a978b891e1 BUG Fix handling of empty parameter token 2015-05-28 10:13:10 +12:00
Damian Mooyman
75137dbab2 Ensure only trusted proxy servers have control over certain HTTP headers 2015-05-28 10:12:46 +12:00
Stevie Mayhew
0d94cf15a5 UPDATE: change all instances of $this->request to use appropriate getter/setter 2015-04-30 11:04:08 +12:00
Damian Mooyman
43f49e8434 Merge remote-tracking branch 'origin/3.1' into 3
Conflicts:
	admin/code/ModelAdmin.php
	control/Director.php
	model/SQLQuery.php
	security/Member.php
	tests/control/HTTPTest.php
	tests/model/SQLQueryTest.php
	tests/security/SecurityTest.php
	tests/view/SSViewerTest.php
2015-03-31 19:54:15 +13:00
Damian Mooyman
7f983c2bae BUG Fix SS-2014-017 2015-03-20 18:27:30 +13:00
Damian Mooyman
db54125262 Deprecate stripslashes_recursively and magic quotes
This code is removed from 4.0
2015-03-14 21:24:11 +13:00
Damian Mooyman
319b96b48b Merge remote-tracking branch 'origin/3.1' into 3
Conflicts:
	docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
	docs/en/05_Contributing/01_Code.md
	forms/TreeDropdownField.php
	model/DataObject.php
	security/Member.php
	tests/model/DataObjectTest.php
2015-03-11 11:40:06 +13:00
Daniel Hensby
ef818b3b7b Merge pull request #3970 from tractorcow/pulls/3.2/api-zero-pagination
API enable PaginatedList to be disabled by setting page length to 0
2015-03-09 11:28:36 +00:00
Loz Calver
93dca9aabd Merge pull request #3934 from dhensby/pulls/cofig-lru-fix
Change the LRU cache to a simple in-memory model
2015-03-09 09:31:04 +00:00
Simon Welsh
1d135552cf Change the LRU cache to a simple in-memory model
Slight memory increase when there are lots of additions for much better performance in every case.
2015-03-09 02:01:24 +00:00
Damian Mooyman
9367fd2456 API enable PaginatedList to be disabled by setting page length to 0 2015-03-05 12:07:14 +13:00