Ingo Schommer
757df3088e
ENHANCEMENT Returning FALSE from Security->ping() if no valid user session exists, for more accurate login checking through the CMS javascript pinging
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92527 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 02:31:09 +00:00
Ingo Schommer
2fc966cc44
MINOR Removed loader.js dependencies
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92514 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 02:30:36 +00:00
Ingo Schommer
dd074069de
MINOR Moved css specific to Security/login in Security_login.css (shouldnt be in the generic Form.css declarations)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92509 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 02:30:24 +00:00
Ingo Schommer
a11db29672
MINOR Changed paths to moved thirdparty dependencies (mostly from /jsparty to /sapphire/thirdparty, /cms/javascript and /sapphire/javascript)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92502 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 02:29:59 +00:00
Ingo Schommer
3b547ec9c9
ENHANCEMENT Using "concrete" jQuery plugin for tabbed Security/login view (in combination with jQuery UI tabs)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92480 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 02:22:41 +00:00
Ingo Schommer
deb691a481
ENHANCEMENT Using jQuery UI tabs for Security/login with multiple authentication methods (e.g. CMS-login and OpenID)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92478 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 02:22:36 +00:00
Andrew O'Neil
649079f4e8
BUGFIX: Use Object::create() for lostpassword(). ( #4670 , Tjofras)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@91270 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-11 03:00:02 +00:00
Ingo Schommer
e675381cd4
ENHANCEMENT Pluggable password encryption through PasswordEncryptor class ( #3665 )
...
BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004 )
API CHANGE Deprecated Security::encrypt_passwords()
API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation
API CHANGE Removed Security::get_encryption_algorithms()
API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword
API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90949 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-06 02:23:21 +00:00
Ingo Schommer
7dc1d607de
MINOR Moved Security::encryptallpasswords() to EncryptAllPasswordsTask
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90948 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-06 02:23:13 +00:00
Andrew Short
79773042be
API CHANGE: Renamed conflicting classes to have an "SS_" namespace, and renamed existing "SS" namespace to "SS_". The affected classes are: HTTPRequest, HTTPResponse, Query, Database, SSBacktrace, SSCli, SSDatetime, SSDatetimeTest, SSLog, SSLogTest, SSLogEmailWriter, SSLogErrorEmailFormatter, SSLogErrorFileFormatter, SSLogFileWriter and SSZendLog.
...
MINOR: Replaced usage of renamed classes with the new namespaced name.
From: Andrew Short <andrewjshort@gmail.com>
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90075 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-26 03:06:31 +00:00
Ingo Schommer
d386db0bc3
ENHANCEMENT Avoid information disclosure in Security/lostpassword form by returning the same message regardless wether a matching email address was found in the database.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86021 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 03:01:46 +00:00
Will Rossiter
ebce107d07
MINOR: added check for exec() and fixed the path for the wordlist file. Ticket #4428
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@85701 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-03 23:36:45 +00:00
Sam Minnee
d38c79f584
ENHANCEMENT: If you are logged in and Security::permissionFailure() is called, just return a 403
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@81430 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-07-09 03:20:32 +00:00
Sam Minnee
20cbabfcb5
BUGFIX #3750 bgribaudo: Always render the security login form in the $Form template variable.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@79565 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-06-18 08:22:27 +00:00
Geoff Munn
aaaf9cdfcd
API CHANGE: queries fixed for MSSQL
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@72929 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-03-11 23:03:28 +00:00
Sam Minnee
189f0567f8
Merged from branches/2.2
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@72811 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-03-10 22:17:26 +00:00
Andrew O'Neil
635e2c3df6
Merged from 2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@72453 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-03-04 03:44:11 +00:00
Andrew O'Neil
60f75c5ca4
Merged changes from 2.3 branch
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@71172 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-02-01 23:49:53 +00:00
Ingo Schommer
0747fc6d52
MINOR merged from branches/2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@69856 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-01-07 23:00:54 +00:00
Ingo Schommer
d26f08b481
MINOR merged branches/2.3 into trunk
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@67465 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-12-04 22:38:32 +00:00
Ingo Schommer
1c639c320e
MINOR reverted r66670 (see discussion at http://groups.google.com/group/silverstripe-dev/browse_thread/thread/1ed2a3c9224a785c )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66943 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-28 05:29:52 +00:00
Ingo Schommer
501cd2b70d
BUGFIX Redirecting with 403 HTTP statuscode on Security::permissionFailure() for better testability
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66670 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-25 22:21:28 +00:00
Sam Minnee
96c5be8252
Updating queries to be more DB agnostic
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66507 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-24 09:31:14 +00:00
Sam Minnee
93438e0be2
API CHANGE: Adding double quotes to all table and field references (a work in progress)
...
API CHANGE: DataObject::get()'s GROUP BY clause is only generated for MySQL as it needs to be improved for other databases to accept it.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66427 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-23 23:28:16 +00:00
Sam Minnee
a3d3fb65a9
Updated SQL queries to be ansi compatable
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66401 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-23 00:31:06 +00:00
Sam Minnee
2984355f43
Merged branches/2.3 into trunk
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66395 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-22 03:33:00 +00:00
Sam Minnee
3d9532db83
Merged branches/2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66108 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-18 01:48:37 +00:00
Sam Minnee
b39d3811ff
Refactored tabstrip.js to use livequery for loading
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65717 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-12 22:28:07 +00:00
Sam Minnee
58dbe416ee
Merged from branches/2.2
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65523 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-10 03:51:35 +00:00
Sam Minnee
5f177b9f08
BUGFIX #2056 : Removed all references to deprecated Member::isAdmin()
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65232 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-04 23:31:33 +00:00
Ingo Schommer
c4f3bc962f
ENHANCEMENT Only logging out users on Security::permissionFailure() is called in non-ajax context. For ajax requests, we now return a 403 HTTP Status in a HTTPResponse Object, with a ":NOTLOGGEDIN" body for backwards compatibility. If a logout+redirection is required after an ajax-request, this should be handled by the clientside.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65147 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-03 13:50:06 +00:00
Sean Harvey
3e48714f93
BUGFIX Security->passwordsent() didn't get the "Email" variable from the URL properly, because of updates to HTTPRequest
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64739 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-24 02:23:53 +00:00
Ingo Schommer
9f41917fb1
BUGFIX Fixed wrongly formatted _t() call in Security class
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64491 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-17 15:20:31 +00:00
Sean Harvey
e8e197c298
MINOR Security->LostPasswordForm() code formatting changes for clarity
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64404 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-16 11:08:52 +00:00
Hayden Smith
634ed7b70c
Merged from branches/nzct-trunk. Use 'svn log -c <changeset> -g' for full commit message. Merge includes stability fixes and minor refactor of TableListField and ComplexTableField.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@63806 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-08 02:00:12 +00:00
Ingo Schommer
2c11afb2df
BUGFIX wrong jsparty PATH references
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@63296 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-29 18:49:55 +00:00
Ingo Schommer
9371f4688b
ENHANCEMENT Introduced constants for system paths like /sapphire in preparation for a more flexible directory reorganisation. Instead of hardcoding your path, please use the following constants: BASE_PATH, BASE_URL, SAPPHIRE_DIR, SAPPHIRE_PATH, CMS_DIR, CMS_PATH, THIRDPARTY_DIR, THIRDPARTY_PATH, ASSETS_DIR, ASSETS_PATH, THEMES_DIR, THEMES_PATH
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@63154 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-27 16:02:38 +00:00
Sam Minnee
a9ad1e79c1
ENHANCEMENT: Prevent CMS session timing out and losing content - Added Security/ping as a destination for session-preserving ajax pings
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@62994 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-24 04:17:33 +00:00
Ingo Schommer
28699c3550
BUGFIX Changed URL format for password sent confirmation display, to avoid issues with new request handling trying to detect the email-TLD as a pseudo-file-extension (which resulted in truncated email-addresses in display). Old: /Security/passwordsent/myemailaddress. New: Security/passwordsent/?email=myemailaddress
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@62701 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-18 23:00:36 +00:00
Sam Minnee
c20c4ae6b0
Added Secuirty::set_default_login_dest() for developers to specify the default page to direct to after the log in
...
This results in more reliable log-in redirection
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@62653 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-18 03:53:36 +00:00
Hayden Smith
ca6c248de1
Merged [47069]: Replaced explicit calls to AccessLogEntry::create with more flexible calls to extensions. AccessLogEntry to be refactored into separate module.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60504 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-12 20:59:32 +00:00
Sam Minnee
eb9e66808c
API CHANGE: Renamed static Member::autologinhash() to static Member::member_from_autloginhash() to be more in line with naming convnetions, and not conflict with Member.AutoLoginHash in the database
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60392 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-11 05:18:18 +00:00
Ingo Schommer
ad4d506f82
(merged from branches/roa. use "svn log -c <changeset> -g <module-svn-path>" for detailed commit message)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60287 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-11 00:14:48 +00:00
Ingo Schommer
6bd5da7e6e
(merged from branches/roa. use "svn log -c <changeset> -g <module-svn-path>" for detailed commit message)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60206 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-09 03:29:30 +00:00
Ingo Schommer
03fcc80e19
(merged from branches/roa. use "svn log -c <changeset> -g <module-svn-path>" for detailed commit message)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60205 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-08-09 03:19:54 +00:00
Andrew O'Neil
3af8299b0b
Merged revisions 56719 via svnmerge from
...
svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.2.2
........
r56719 | aoneil | 2008-06-23 16:00:25 +1200 (Mon, 23 Jun 2008) | 2 lines
FEATURE: Deault permission failure message set can be changed.
........
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@56914 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-06-25 04:05:28 +00:00
Ingo Schommer
60860cc1b9
MINOR Unified @package PHPdoc (added where missing, removed duplicates)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@56212 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-06-15 13:33:53 +00:00
Sam Minnee
eb60b67732
Merged revisions 52121 via svnmerge from
...
http://svn.silverstripe.com/open/modules/sapphire/branches/govtsecurity
........
r52121 | sminnee | 2008-04-03 22:04:33 +1300 (Thu, 03 Apr 2008) | 4 lines
Added DataObject::validate() for specifying DataObject-level validators.
Added DataObject::onAfterWrite(), a complement of DataObject::onBeforeWrite()
Added password strength testing to security system
Added password expiry to security system
........
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@53465 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-26 06:31:52 +00:00
Ingo Schommer
f996d29e5b
Merged revisions 51762 via svnmerge from
...
svn://svn.silverstripe.com/silverstripe/modules/sapphire/branches/2.2.0-mesq
........
r51762 | ischommer | 2008-03-27 17:47:14 +1300 (Thu, 27 Mar 2008) | 1 line
ENHANCEMENT prepared for subclassing groups
........
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@52415 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-09 11:44:13 +00:00
Ingo Schommer
ca199a64e4
Merged revisions 49507 via svnmerge from
...
svn://svn.silverstripe.com/silverstripe/modules/sapphire/branches/2.2.0-mesq
........
r49507 | ischommer | 2008-02-13 15:41:11 +1300 (Wed, 13 Feb 2008) | 1 line
using stat() to get template (works with subclasses)
........
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@52410 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-09 11:26:31 +00:00