Commit Graph

118 Commits

Author SHA1 Message Date
Ingo Schommer
0e7231ff60 API Disable discontinued Google Spellcheck in TinyMCE
Replaced by browser-based spellchecking if available (Chrome, Firefox),
with instructions on how to use PSpell as an alternative.
2013-08-03 16:16:45 +02:00
Hamish Friedlander
1298d4a5bd FIX Prevent DOS by checking for env and admin on ?flush=1 (#1692) 2013-07-19 12:24:32 +12:00
Sam Minnee
eb583c5f14 NEW: Added DataObject::getQueriedDatabaseFields() as faster alternative to toMap()
API: CompositeDBField::setValue() may be passed an object as its second argument, in addition to array.

These changes provide a 15% - 20% performance improvement, and as such justify an small API change in the 3.0 branch. It will likely affect anyone who has created their own composite fields, which is fortunately not all that common.
2013-04-21 13:39:11 +12:00
Ingo Schommer
99ca0471f7 Merge remote-tracking branch 'origin/2.4' into 3.0
Conflicts:
	control/RequestHandler.php
	core/control/ContentController.php
	dev/CsvBulkLoader.php
	docs/en/changelogs/index.md
	docs/en/reference/execution-pipeline.md
	docs/en/topics/commandline.md
	docs/en/topics/controller.md
	docs/en/topics/form-validation.md
	docs/en/topics/forms.md
	docs/en/topics/security.md
	model/MySQLDatabase.php
	security/Security.php
	tests/control/ControllerTest.php
	tests/control/RequestHandlingTest.php
2013-03-19 13:56:04 +01:00
Ingo Schommer
9ceef6be07 Added changelog 2013-02-20 00:39:00 +01:00
Ingo Schommer
37b8034462 Fixed changelog 2013-02-18 01:34:51 +01:00
Ingo Schommer
ad9f26a00f Updated changelog 2013-02-18 01:29:30 +01:00
Ingo Schommer
62987139d4 Updated changelog 2013-02-18 01:19:33 +01:00
Ingo Schommer
56ad1d027e Updated changelog 2013-02-18 01:03:57 +01:00
Ingo Schommer
f06ba70fc9 BUG Undefined $allowed_actions overrides parent definitions, stricter handling of $allowed_actions on Extension
Controller (and subclasses) failed to enforce $allowed_action restrictions
on parent classes if a child class didn't have it explicitly defined.

Controllers which are extended with $allowed_actions (through an Extension)
now deny access to methods defined on the controller, unless this class also has them in its own
$allowed_actions definition.
2013-02-17 23:30:36 +01:00
Ingo Schommer
303352926b 3.0.4 changelog update 2013-02-17 23:28:22 +01:00
Ingo Schommer
50995fbecb BUG Undefined $allowed_actions overrides parent definitions, stricter handling of $allowed_actions on Extension
Controller (and subclasses) failed to enforce $allowed_action restrictions
on parent classes if a child class didn't have it explicitly defined.

Controllers which are extended with $allowed_actions (through an Extension)
now deny access to methods defined on the controller, unless this class also has them in its own
$allowed_actions definition.
2013-02-17 23:16:22 +01:00
Ingo Schommer
ede381326b BUG Secure composer files from web access (fixes #8011)
Already applied to root .htaccess, but required for dynamically
generated file from installer as well. Also added upgrade instructions.
2013-02-17 22:33:04 +01:00
Ingo Schommer
d969e29d00 API Require ADMIN for ?showtemplate=1 2013-02-12 23:26:04 +01:00
Nicolaas
7f4541e9f0 Update docs/en/changelogs/3.0.0.md
minor typo
2013-01-29 17:11:47 +01:00
Ingo Schommer
c6b1d4aa6b API Storing alternative DB name in cookie rather than session
Session is not initialized by the time we need to use
the setting in DB::connect(). Cookie values get initialized
automatically for each request.

Tightened name format validation to ensure it can only
be used for temporary databases, rather than switching
the browser session to a different production database.

Encrypting token for secure cookie usage.
Added dev/generatesecuretoken to generate this token.
Not storing in YML config directly because of web access issues.
2012-12-13 23:21:48 +01:00
Ingo Schommer
3fad49e2c0 2.4.9 changelog 2012-12-04 22:47:47 +01:00
Hamish Friedlander
e934030bc1 Merge changes for 3.0.3 release into 3.0 2012-11-26 11:34:28 +13:00
Hamish Friedlander
77f7778b4a Add 3.0.3 changelog 2012-11-26 11:20:21 +13:00
Hamish Friedlander
5edf86fe7a Merge branch '3.0.3' into 3.0 2012-11-16 14:57:50 +13:00
Hamish Friedlander
fb7db6de6d Add 3.0.3-rc2 changelog 2012-11-16 14:45:20 +13:00
Sean Harvey
34f9c8e866 adding 3.0.3-rc1 to changelog index 2012-11-06 10:58:55 +13:00
Sean Harvey
896ce60432 Adding changelog for 3.0.3-rc1 2012-11-06 10:41:24 +13:00
Ingo Schommer
a7753dfa5b Moved GridField docs to reference 2012-10-30 18:59:26 +01:00
Ingo Schommer
a502b222cc Merge remote-tracking branch 'origin/2.4' into 3.0 2012-10-30 17:24:52 +01:00
Ingo Schommer
9e595db7f3 Changelogs 2012-10-30 17:00:41 +01:00
Juan Molina
f6f96a630e Update docs/en/changelogs/3.0.0.md
Fixed broken links. Hash links were not working. I don’t know how to hide heading-anchor-link links. Tried to correct some layout errors (code quotes).
2012-10-25 17:21:31 +03:00
Sean Harvey
ea35b08634 Added 3.0.2 changelog (and added missing 3.0.1 changelog to the list) 2012-09-17 13:25:31 +12:00
Ingo Schommer
db1bffb054 Added 3.0.2-rc2 changelog 2012-09-12 11:17:40 +02:00
Sam Minnee
f49439c1a4 Added 3.0.2-rc1 docs 2012-09-05 11:05:21 +12:00
Hamish Friedlander
4583e83164 Add changelog for 3.0.1 2012-07-31 16:42:40 +12:00
Hamish Friedlander
3483d10369 Add 3.0.1-rc3 changelog 2012-07-30 11:43:07 +12:00
Hamish Friedlander
c070771fd7 Add changelog for 3.0.1-rc2 2012-07-27 15:31:14 +12:00
Hamish Friedlander
39c6606e13 Add changelog for 3.0.1-rc1 2012-07-25 14:23:33 +12:00
Ingo Schommer
64357a4522 Merge branch '3.0'
Conflicts:
	admin/css/screen.css
	admin/scss/_forms.scss
	docs/en/changelogs/3.0.0.md
2012-07-05 18:01:09 +02:00
Ingo Schommer
de73db9ef7 Restructured 3.0 changelog
Moved some more important stuff up the page,
rewritten upgrading overview to be more task focused,
reduced excessive use of paragraphs to make the text more scannable.
2012-07-04 18:42:38 +02:00
jakr
2b5214b55a Summarized 3.0 changes in changelog 2012-07-04 18:18:27 +02:00
Sam Minnee
5271504feb Fixed changelog links 2012-06-29 11:17:12 +12:00
Sam Minnee
4424ec679a Updated change logs for 3.0.0 stable 2012-06-29 11:05:42 +12:00
Ingo Schommer
19e087d226 Fixed references to deprecated APIs in docs 2012-06-28 14:49:55 +02:00
Ingo Schommer
868d3697fd Fixed usage of DataList etc in docs (fixes #7518) 2012-06-27 16:09:31 +02:00
Sam Minnée
993fc90ef8 Merge pull request #579 from silverstripe-rebelalliance/open/7523
Open/7523
2012-06-26 21:07:22 -07:00
Sam Minnee
05861437bd Added RC3 changelog 2012-06-27 14:42:23 +12:00
Kirk Mayo
2a976066eb MINOR: open/7523 added a note relating to versions and added a missing quote to the changelog for 3.0 2012-06-27 10:50:17 +12:00
Ingo Schommer
8c5c9228cf MINOR Changelog 2012-06-25 01:12:37 +02:00
Sam Minnee
0352a9191e MINOR: Fixed filename glitch in changelog 2012-06-22 11:46:35 +12:00
Sam Minnee
da7935e01c MINOR: Fixed filename glitch in changelog 2012-06-18 18:26:01 +12:00
Ingo Schommer
5f9b54c64a MINOR Added 3.0.0-rc1 changelog 2012-06-18 00:21:46 +02:00
Ingo Schommer
9e21fb8a4a API CHANGE Moved SapphireSoapServer and SOAPModelAccess into its own module at https://github.com/silverstripe/silverstripe-soapserver (fixes #7282) 2012-06-04 10:22:48 +02:00
Ingo Schommer
cb8b11812c API CHANGE Moved RestfulServer into its own module at https://github.com/silverstripe/silverstripe-restfulserver (fixes #7282) 2012-06-04 10:21:29 +02:00