silverstripe-framework

mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-07-04 02:19:32 +02:00

Author	SHA1	Message	Date
Loz Calver	6bf36fbd30	FIX: Correct return type for Member::currentUser()	2016-11-09 14:20:44 +00:00
Daniel Hensby	c35dc508cb	Merge branch '3.3' into 3.4	2016-07-04 23:53:55 +01:00
Damian Mooyman	f1a0aef0d7	BUG fix CMS_ACCESS permission being ignored if in incorrect order in array	2016-06-28 17:45:15 +12:00
Damian Mooyman	4f06a43986	Merge 3.3 into 3 # Conflicts: # admin/javascript/lang/src/cs.js # admin/javascript/lang/src/de.js # admin/javascript/lang/src/en.js # admin/javascript/lang/src/eo.js # admin/javascript/lang/src/es.js # admin/javascript/lang/src/fi.js # admin/javascript/lang/src/fr.js # admin/javascript/lang/src/id.js # admin/javascript/lang/src/id_ID.js # admin/javascript/lang/src/it.js # admin/javascript/lang/src/ja.js # admin/javascript/lang/src/lt.js # admin/javascript/lang/src/mi.js # admin/javascript/lang/src/nb.js # admin/javascript/lang/src/nl.js # admin/javascript/lang/src/pl.js # admin/javascript/lang/src/ro.js # admin/javascript/lang/src/ru.js # admin/javascript/lang/src/sk.js # admin/javascript/lang/src/sl.js # admin/javascript/lang/src/sr.js # admin/javascript/lang/src/sr@latin.js # admin/javascript/lang/src/sr_RS.js # admin/javascript/lang/src/sr_RS@latin.js # admin/javascript/lang/src/sv.js # admin/javascript/lang/src/zh.js # javascript/lang/fr.js # javascript/lang/src/ar.js # javascript/lang/src/cs.js # javascript/lang/src/de.js # javascript/lang/src/en.js # javascript/lang/src/eo.js # javascript/lang/src/es.js # javascript/lang/src/fi.js # javascript/lang/src/fr.js # javascript/lang/src/id.js # javascript/lang/src/id_ID.js # javascript/lang/src/it.js # javascript/lang/src/ja.js # javascript/lang/src/lt.js # javascript/lang/src/mi.js # javascript/lang/src/nb.js # javascript/lang/src/nl.js # javascript/lang/src/pl.js # javascript/lang/src/ru.js # javascript/lang/src/sk.js # javascript/lang/src/sl.js # javascript/lang/src/sr.js # javascript/lang/src/sr@latin.js # javascript/lang/src/sr_RS.js # javascript/lang/src/sr_RS@latin.js # javascript/lang/src/sv.js # javascript/lang/src/zh.js # lang/it.yml	2016-05-11 14:06:23 +12:00
Daniel Hensby	d1751e3310	Merge remote-tracking branch '3.2.4' into 3.3.2	2016-05-05 12:33:21 +01:00
Daniel Hensby	cf29b2c146	Merge remote-tracking branch '3.1.19' into 3.2.4	2016-05-05 11:17:45 +01:00
Daniel Hensby	679185514d	Merge 3.3 into 3 Conflicts: admin/css/screen.css.map	2016-04-26 00:24:59 +01:00
Daniel Hensby	745faebd81	Merge 3.2 into 3.3 Conflicts: .travis.yml	2016-04-26 00:17:09 +01:00
Daniel Hensby	f32c893546	[SS-2016-005] FIX Apply brute force protection to default admin	2016-04-19 23:20:29 +01:00
Roman Schmid	9146450c49	Fix Email test issue discovered in #5271 . Updated/added tests for changed- and forgot-password Emails. Updated fixture and tests to no longer use a real Email address.	2016-04-11 13:46:41 +02:00
Damian Mooyman	e1865151c5	Merge pull request #5098 from bummzack/5086-fix-member-validator Fix for issue #5086	2016-02-26 14:39:53 +13:00
Roman Schmid	f691a5da32	Improve `Member_Validator` to: - properly check for existing members. - allow extensions. - remove old code and replace with new syntax and add config API. Fix issue in Group code where Member_Validator was instantiated via "new" which didn't allow injector overrides. Added unit-tests. Establish a link between the member and the validator for said member.	2016-02-25 16:10:52 +01:00
Damian Mooyman	8c1cafd1a0	Merge remote-tracking branch 'origin/3.3' into 3 # Conflicts: # admin/scss/_forms.scss # admin/scss/_style.scss # admin/scss/_tree.scss # javascript/TreeDropdownField.js	2016-01-19 17:08:26 +13:00
Damian Mooyman	5d240feaec	Merge remote-tracking branch 'origin/3.2' into 3.3	2016-01-19 15:08:24 +13:00
Damian Mooyman	46cbe809ac	Merge remote-tracking branch 'origin/3.1' into 3.2 # Conflicts: # docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md # docs/en/02_Developer_Guides/14_Files/01_Image.md # docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_CMS_Menu.md # docs/en/03_Upgrading/index.md # docs/en/05_Contributing/01_Code.md # forms/TreeMultiselectField.php # security/Permission.php	2016-01-19 14:00:19 +13:00
Sam Minnee	3ee8f505b7	MINORE: Remove training whitespace. The main benefit of this is so that authors who make use of .editorconfig don't end up with whitespace changes in their PRs. Spaces vs. tabs has been left alone, although that could do with a tidy-up in SS4 after the switch to PSR-1/2. The command used was this: for match in '.ss' '.css' '.scss' '.html' '.yml' '.php' '.js' '.csv' '.inc' '.php5'; do find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" -exec sed -E -i '' 's/[[:space:]]+$//' {} \+ find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" \| xargs perl -pi -e 's/ +$//' done	2016-01-07 10:15:54 +13:00
Daniel Hensby	4335d8ed22	FIX Members with no ID inherit logged in user permission	2016-01-05 08:16:18 +00:00
Damian Mooyman	19b10044ec	Merge remote-tracking branch 'origin/3.2' into 3	2015-12-22 17:05:07 +13:00
Mateusz Uzdowski	5a21b2fb15	BUG Guard against users being added to all groups on unsaved Group. If ->Members()->add() is called on an unsaved group (with ID 0), the collateFamilyIDs() will errorneously return all root Groups thinking it's looking for Groups with ParentID=0. As a result, the Member will be added to all root groups, instead of just the selected group and all its children.	2015-12-11 14:51:51 +13:00
Damian Mooyman	71b8aec306	Merge remote-tracking branch 'origin/3.2' into 3	2015-09-15 13:35:51 +12:00
Damian Mooyman	c4710b2272	Merge remote-tracking branch 'origin/3.1' into 3.2 Conflicts: admin/code/GroupImportForm.php admin/code/MemberImportForm.php tests/model/DataListTest.php	2015-09-15 13:18:47 +12:00
Damian Mooyman	7367cf54c4	[ss-2015-020]: Prevent possible Privilege escalation	2015-09-10 13:01:24 +12:00
Damian Mooyman	f10785350e	Merge remote-tracking branch 'origin/3.2' into 3 Conflicts: docs/en/02_Developer_Guides/02_Controllers/01_Introduction.md	2015-09-09 14:50:47 +12:00
Damian Mooyman	309ac0d196	Merge remote-tracking branch 'origin/3.1' into 3.2 Conflicts: .travis.yml admin/code/CMSProfileController.php admin/tests/LeftAndMainTest.php control/HTTP.php security/Permission.php tests/forms/FormTest.php tests/model/ArrayListTest.php tests/security/PermissionTest.php	2015-09-09 14:35:29 +12:00
Stevie Mayhew	1b57e0ca5b	FEATURE: implement getter and setter usage for response	2015-08-29 10:24:06 +12:00
Daniel Hensby	2d4b743090	FIX Members can access their own profiles in CMS	2015-08-26 15:47:51 +01:00
Daniel Hensby	6eede57ff2	Fix issue where Access All CMS Sections doesnt work	2015-08-20 22:30:43 +01:00
Daniel Hensby	3507ddb0e8	FIX MemberPassword history removed with with Members Currently Members that were deleted would still have their passwords stored in the DB even though they were deleted. This seems unnecessary and just increases data that could potentially be compromised later.	2015-06-24 21:04:23 +01:00
Damian Mooyman	1d122803cc	Merge remote-tracking branch 'origin/3.1' into 3.2 Conflicts: dev/SapphireTest.php docs/en/02_Developer_Guides/01_Templates/01_Syntax.md forms/DatetimeField.php forms/NullableField.php forms/NumericField.php forms/gridfield/GridField.php tests/control/DirectorTest.php tests/model/DataObjectSchemaGenerationTest.php tests/model/MySQLDatabaseTest.php	2015-06-19 10:48:07 +12:00
Daniel Hensby	3ee5b24898	Nest and unnest Config and Controller for each test and test suite	2015-06-11 16:37:25 +01:00
Damian Mooyman	8331171f2c	Merge remote-tracking branch 'origin/3.1' into 3 Conflicts: .scrutinizer.yml admin/javascript/LeftAndMain.Panel.js core/startup/ParameterConfirmationToken.php dev/Debug.php dev/FixtureBlueprint.php docs/en/00_Getting_Started/05_Coding_Conventions.md docs/en/00_Getting_Started/index.md docs/en/02_Developer_Guides/01_Templates/01_Syntax.md filesystem/File.php filesystem/Folder.php forms/FieldList.php forms/LabelField.php forms/MoneyField.php forms/TextField.php forms/TreeDropdownField.php forms/Validator.php forms/gridfield/GridField.php forms/gridfield/GridFieldExportButton.php lang/de.yml lang/fi.yml model/DataObject.php model/SQLQuery.php parsers/ShortcodeParser.php security/ChangePasswordForm.php security/Security.php tests/control/DirectorTest.php tests/core/startup/ParameterConfirmationTokenTest.php tests/dev/FixtureBlueprintTest.php tests/forms/FieldListTest.php tests/forms/MoneyFieldTest.php tests/model/SQLQueryTest.php tests/security/SecurityTest.php	2015-06-02 19:13:38 +12:00
Damian Mooyman	0a8f328947	Fix merge / test regressions	2015-05-28 16:59:05 +12:00
Damian Mooyman	95c162ef0d	API Security better respects BackURL on login BUG Restore missing authentication message not appearing in the login form $Content area (regression from #1807)	2015-03-31 20:22:35 +13:00
Damian Mooyman	43f49e8434	Merge remote-tracking branch 'origin/3.1' into 3 Conflicts: admin/code/ModelAdmin.php control/Director.php model/SQLQuery.php security/Member.php tests/control/HTTPTest.php tests/model/SQLQueryTest.php tests/security/SecurityTest.php tests/view/SSViewerTest.php	2015-03-31 19:54:15 +13:00
Daniel Hensby	de2aa47250	Merge pull request #4006 from kinglozzer/patch-1 FIX: Security::$default_message_set Config value unusable	2015-03-17 17:05:01 +00:00
Loz Calver	a61c08d031	FIX: Security::$default_message_set Config value unusable	2015-03-17 15:51:31 +00:00
Loz Calver	c58f4c469d	Replace core uses of DataObject::has_one/has_many/many_many	2015-03-13 16:16:12 +00:00
Damian Mooyman	88fdc75456	Merge remote-tracking branch 'composer/3.1' into 3 Conflicts: .editorconfig docs/en/00_Getting_Started/00_Server_Requirements.md docs/en/00_Getting_Started/01_Installation/04_Other_installation_Options/Windows_IIS7.md docs/en/00_Getting_Started/01_Installation/04_Other_installation_Options/Windows_Platform_Installer.md docs/en/00_Getting_Started/04_Directory_Structure.md docs/en/00_Getting_Started/index.md docs/en/01_Tutorials/01_Building_A_Basic_Site.md docs/en/01_Tutorials/02_Extending_A_Basic_Site.md docs/en/01_Tutorials/03_Forms.md docs/en/01_Tutorials/04_Site_Search.md docs/en/01_Tutorials/05_Dataobject_Relationship_Management.md docs/en/01_Tutorials/index.md docs/en/02_Developer_Guides/00_Model/01_Data_Model_and_ORM.md docs/en/02_Developer_Guides/00_Model/11_Scaffolding.md docs/en/02_Developer_Guides/01_Templates/06_Themes.md docs/en/02_Developer_Guides/03_Forms/How_Tos/Simple_Contact_Form.md docs/en/02_Developer_Guides/05_Extending/05_Injector.md docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md docs/en/02_Developer_Guides/10_Email/index.md docs/en/02_Developer_Guides/11_Integration/01_RestfulService.md docs/en/02_Developer_Guides/12_Search/01_Searchcontext.md docs/en/02_Developer_Guides/14_Files/index.md docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/03_CMS_Layout.md docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/06_Javascript_Development.md docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_CMS_Tree.md docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_Site_Reports.md docs/en/02_Developer_Guides/18_Cookies_And_Sessions/01_Cookies.md docs/en/04_Changelogs/3.1.9.md docs/en/05_Contributing/00_Issues_and_Bugs.md docs/en/05_Contributing/02_Release_Process.md docs/en/05_Contributing/03_Documentation.md filesystem/File.php filesystem/GD.php model/DataDifferencer.php model/Versioned.php security/BasicAuth.php security/Member.php tests/filesystem/FileTest.php tests/forms/uploadfield/UploadFieldTest.php tests/model/VersionedTest.php tests/security/BasicAuthTest.php	2015-01-15 18:52:46 +13:00
Will Rossiter	220bdf342c	Merge pull request #3577 from tractorcow/pulls/3.1/fix-basicauth-resetlogin BUG Fix BasicAuth not resetting failed login counts on authentication	2015-01-15 11:03:52 +13:00
Damian Mooyman	6baf63e18c	Merge remote-tracking branch 'origin/3.1' Conflicts: dev/install/install.php5 docs/en/changelogs/index.md security/Security.php	2014-11-19 11:16:46 +13:00
Damian Mooyman	2bdfd65e9b	BUG Security::findAnAdministrator doesn't always find an admin	2014-11-18 15:36:34 +13:00
Damian Mooyman	0b1f297873	Merge remote-tracking branch 'origin/3.1' Conflicts: .travis.yml README.md admin/code/LeftAndMain.php admin/css/screen.css admin/scss/screen.scss api/RestfulService.php conf/ConfigureFromEnv.php control/injector/ServiceConfigurationLocator.php control/injector/SilverStripeServiceConfigurationLocator.php core/ClassInfo.php core/Object.php css/AssetUploadField.css css/ComplexTableField_popup.css dev/CSSContentParser.php dev/DevelopmentAdmin.php docs/en/changelogs/index.md docs/en/misc/contributing/code.md docs/en/reference/execution-pipeline.md filesystem/GD.php filesystem/ImagickBackend.php filesystem/Upload.php forms/Form.php forms/FormField.php forms/HtmlEditorConfig.php forms/gridfield/GridFieldDetailForm.php forms/gridfield/GridFieldSortableHeader.php lang/en.yml model/Aggregate.php model/DataList.php model/DataObject.php model/DataQuery.php model/Image.php model/MySQLDatabase.php model/SQLQuery.php model/fieldtypes/HTMLText.php model/fieldtypes/Text.php scss/AssetUploadField.scss search/filters/SearchFilter.php security/Authenticator.php security/LoginForm.php security/Member.php security/MemberAuthenticator.php security/MemberLoginForm.php security/Security.php tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsFormsContext.php tests/control/HTTPTest.php tests/control/RequestHandlingTest.php tests/filesystem/UploadTest.php tests/forms/FormTest.php tests/forms/NumericFieldTest.php tests/model/DataListTest.php tests/model/DataObjectTest.php tests/model/TextTest.php tests/security/MemberAuthenticatorTest.php tests/security/SecurityDefaultAdminTest.php tests/view/SSViewerCacheBlockTest.php tests/view/SSViewerTest.php	2014-11-18 12:45:54 +13:00
Damian Mooyman	9d78eb7fe6	BUG Fix BasicAuth not resetting failed login counts on authentication	2014-10-24 14:19:12 +13:00
Damian Mooyman	53c40a94fa	API Enable re-authentication within the CMS if a user session is lost BUG Resolve issue with error redirection being ignored within CMS BUG Fix issue with invalid securityID being re-emitted on failure	2014-10-14 15:19:48 +13:00
Sean Harvey	0e07f1a7f5	Merge remote-tracking branch 'origin/3.0' into 3.1	2014-08-22 17:50:36 +12:00
Ingo Schommer	1661213e5b	FIX Opt-out pf form message escaping (fixes #2796 ) This fixes a limitation introduced through http://www.silverstripe.org/ss-2013-008-xss-in-numericfield-validation/. Form messages used to accept HTML, now they’re escaped by default, effectively removing the ability to pass in HTML and take care of escaping manually. We pass through HTML to message in core through the CTF system, so this needs to be fixed. It’s an alternative fix to https://github.com/silverstripe/silverstripe-framework/pull/2803.	2014-08-22 16:59:34 +12:00
Damian Mooyman	eb069e605d	Remove all redundant whitespace	2014-08-19 09:17:15 +12:00
Damian Mooyman	d8e9af8af8	API New Database abstraction layer. Ticket #7429 Database abstraction broken up into controller, connector, query builder, and schema manager, each independently configurable via YAML / Injector Creation of new DBQueryGenerator for database specific generation of SQL Support for parameterised queries, move of code base to use these over escaped conditions Refactor of SQLQuery into separate query classes for each of INSERT UPDATE DELETE and SELECT Support for PDO Installation process upgraded to use new ORM SS_DatabaseException created to handle database errors, maintaining details of raw sql and parameter details for user code designed interested in that data. Renamed DB static methods to conform correctly to naming conventions (e.g. DB::getConn -> DB::get_conn) 3.2 upgrade docs Performance Optimisation and simplification of code to use more concise API API Ability for database adapters to register extensions to ConfigureFromEnv.php	2014-07-09 18:04:05 +12:00
Damian Mooyman	1dcaf36c9b	Fix merge regressions	2014-04-22 13:28:44 +12:00
Damian Mooyman	982ad569b9	Merge remote-tracking branch 'origin/3.1'	2014-04-22 12:09:51 +12:00

1 2 3 4 5

215 Commits