Commit Graph

233 Commits

Author SHA1 Message Date
Hamish Friedlander
0a79ac3592 Merge branch 'origin/3.1'
Conflicts:
	templates/forms/CheckboxSetField.ss
	templates/forms/FormField_holder.ss
	templates/forms/OptionsetField.ss
2013-07-19 16:25:38 +12:00
Hamish Friedlander
d38bd7d5cb Merge branch 'origin/3.0' into 3.1 2013-07-19 14:18:49 +12:00
Hamish Friedlander
1298d4a5bd FIX Prevent DOS by checking for env and admin on ?flush=1 (#1692) 2013-07-19 12:24:32 +12:00
Ingo Schommer
d4a1e6d294 BUG Prevent clickjacking in CMS and Security controllers (fixes #2215) 2013-07-14 22:44:09 +02:00
Ingo Schommer
b58e2dbe3a Member.lock_out_delay_mins configurable, password security docs 2013-07-11 09:47:28 +02:00
Hamish Friedlander
7b7982969b Add some docs about admin-side HTML sanitisation 2013-07-10 16:44:51 +12:00
Simon Welsh
fbce9fd7cd Merge branch '3.1'
Conflicts:
	.travis.yml
	docs/en/misc/contributing/code.md
	javascript/HtmlEditorField.js
2013-07-05 10:22:58 +12:00
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Mateusz Uzdowski
f9ede95e5b Add configuration system tests for Only and Except combinations. 2013-07-02 15:51:53 +12:00
Hamish Friedlander
df218d76da Clarify how Only and Except rules combine 2013-07-02 14:09:11 +12:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Ingo Schommer
2160fb8000 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.js
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
	tests/control/ControllerTest.php
2013-06-19 14:03:43 +02:00
Ingo Schommer
94b4237372 Merge remote-tracking branch 'origin/3.1' 2013-06-19 11:17:33 +02:00
CheeseSucker
671b7a0cc7 Consolidated command line examples
Examples were broken into several <pre> blocks.
2013-06-18 15:50:32 +03:00
CheeseSucker
b0615cdc5f Fixed a markdown issue
Maybe a bug in SS markdown?

The old code generated:
<a href="(faulty-link)">assertEmailSent</a>
<code>which can simulate sending emails through the</code>Email-&gt;send()` API

Instead of the expected:
<code><a href="(good-link)">assertEmailSent</a></code>
which can simulate sending emails through the <code>Email-&gt;send()</code> API

faulty-link = http://api.silverstripe.org/search/lookup/?q=SapphireTest->assertEmailSent(&version=trunk&module=framework)

good-link: http://api.silverstripe.org/search/lookup/?q=SapphireTest->assertEmailSent()&version=trunk&module=framework
2013-06-18 14:28:12 +02:00
CheeseSucker
476df739a2 A few minor improvements to the "Module development" documentation 2013-06-16 12:55:39 +03:00
Will Rossiter
8fca3799c3 Update module development, remove outdated release steps 2013-06-15 12:06:25 +12:00
Will Rossiter
6d792adab2 Update documentation static declarations to private
Also spelling, grammar and line length clean up.
2013-06-08 15:16:59 +12:00
Ingo Schommer
5a1d476e8d Merge branch 'idvalidattr' of git://github.com/wilr/sapphire into wilr-idvalidattr 2013-05-31 19:27:19 +02:00
Ingo Schommer
88536998b9 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	.travis.yml
2013-05-31 18:08:59 +02:00
Will Rossiter
9c1638a353 Remove references to ComplexTableField 2013-05-26 11:11:53 +12:00
Sam Minnée
00e09f1493 Update commandline.md 2013-05-25 19:07:17 +12:00
Sam Minnée
99275ea783 Merge pull request #1760 from jedateach/patch-3
CommandLine: Info about running regular tasks with cron
2013-05-24 23:53:45 -07:00
Sam Minnee
d97ca43cd0 Merge branch '3.1'
Conflicts:
	README.md
	dev/install/install.php5
	forms/ConfirmedPasswordField.php
	tests/forms/FormTest.php
2013-05-23 19:01:58 +12:00
Ingo Schommer
306d3b0c7e Merged existing shortcode docs with new topics docs from 3.0 2013-05-17 14:01:42 +02:00
Ingo Schommer
4c7c40e8b9 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	parsers/ShortcodeParser.php
2013-05-17 13:51:54 +02:00
Ingo Schommer
146b5a81cb Improved shortcode docs 2013-05-17 13:49:46 +02:00
Ingo Schommer
3b02d22989 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	dev/CsvBulkLoader.php
2013-05-09 10:34:20 +02:00
Sam Minnée
9672a22166 Merge pull request #1851 from chillu/pulls/form-strict-method-check
Form strict method check
2013-05-08 22:31:40 -07:00
Fred Condo
677dc9822e Edit forms documentation
Correct spelling and word choices.
2013-05-08 17:00:43 -07:00
Ingo Schommer
14c59be85e API Form::setStrictFormMethodCheck() and strict argument to setFormMethod()
Thanks to @sminnee for getting this started
2013-05-08 10:25:13 +02:00
Sam Minnee
b5a83878dd Added docs for i81n.moduole_priority. 2013-05-06 12:51:46 +12:00
Simon Welsh
a5d69f2bf5 Update page-type-templates.md 2013-05-03 15:04:30 +12:00
Ingo Schommer
6c2e791a48 Merge remote-tracking branch 'origin/3.1' 2013-04-29 08:59:06 +02:00
Ingo Schommer
5f91c3724d Consistently used dollar notation in template docs (see #1794) 2013-04-26 11:48:59 +02:00
Ingo Schommer
faa3e58468 Allow SS_DATABASE_NAME in _ss_environment.php configuration
Makes setups which are completely driven by that file a bit easier
to automate, particularly if the same codebase is deployed
multiple times (e.g. to a staging and live instance)
2013-04-22 14:11:37 +02:00
Ingo Schommer
67ce9e08cc Extended docs for shortcode handling and doctypes (fixes #1700) 2013-04-16 14:01:04 +02:00
Jeremy Shipman
4db5f75298 Info about running regular tasks with cron
What commands to use, and good approach to testing
2013-04-15 10:47:59 +12:00
Ingo Schommer
0343a77d30 Merge remote-tracking branch 'origin/3.1' 2013-04-11 11:42:04 +02:00
Ryan Wachtl
46831f56fb Update configuration.md
Link to ssbits.com config cheatsheet no longer relevant.
2013-04-09 10:09:25 -05:00
Ingo Schommer
9856fcef21 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	javascript/DateField.js
	model/DataQuery.php
	model/Versioned.php
	tests/forms/RequirementsTest.php
	tests/model/DataObjectLazyLoadingTest.php
	view/Requirements.php
2013-04-09 14:45:35 +02:00
Stephen Shkardoon
1a95be7e60 Update form-validation.md
Minor typo, missing a '
2013-04-09 18:44:47 +12:00
Will Rossiter
05d4dd863d Update controller.md 2013-04-05 22:17:11 +13:00
Jeremy Shipman
a57e4e8abe Update environment-management.md
Fixed "Available Constants" table at the bottom
2013-04-03 15:29:27 +13:00
Ingo Schommer
0b54b284bc Updated i18n docs 2013-04-02 11:43:36 +02:00
Ingo Schommer
ef3d974821 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	docs/en/misc/contributing/issues.md
2013-04-02 02:05:58 +02:00
Ingo Schommer
c08ab18c03 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	.travis.yml
	admin/javascript/LeftAndMain.AddForm.js
	docs/en/reference/requirements.md
2013-04-02 02:00:50 +02:00
Ingo Schommer
f5754c11aa Contribution guidelines, new bugtracker links 2013-04-02 01:51:40 +02:00
Ingo Schommer
538bf01860 Merge remote-tracking branch 'origin/3.1' 2013-03-27 12:12:16 +01:00
Ingo Schommer
ccb0155b8f Config docs improvement: @config and LSB mentions
Also moved some less important "notes" further down the page.
The doc is still written too much like a technical spec, we need
something that's more accessible to beginners.
2013-03-27 12:08:12 +01:00