tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-28 07:29:26 +02:00
Code Issues Projects Releases Wiki Activity
16,393 Commits 29 Branches 516 Tags 147 MiB
1e5592a3d9
Commit Graph

1143 Commits

Author SHA1 Message Date
Daniel Hensby
1e5592a3d9
Merge branch '3.5' into 3.6 2017-06-27 13:14:39 +01:00
Daniel Hensby
a5c84b12ab
FIX Order of conditionals for getting default admin 2017-06-12 11:54:05 +01:00
Daniel Hensby
cda7e8dc39
Merge remote-tracking branch 'security/3.5.4' into 3.6.0 2017-05-29 01:29:05 +01:00
Daniel Hensby
24166700e8
Merge remote-tracking branch 'security/3.4.6' into 3.5.4 2017-05-29 01:02:35 +01:00
Daniel Hensby
447ce0f84f
[SS-2017-002] FIX Lock out users who dont exist in the DB 2017-05-25 16:14:52 +01:00
Loz Calver
05a737c5fc Allow RandomGenerator to use random_bytes() in PHP 7 2017-04-05 11:05:28 +10:00
Joe Harvey
0d0d18612d Adding extension hooks to Member isLockedOut() and registerSuccessfulLogin() 2017-03-30 11:07:51 +01:00
Robbie Averill
2f6f5b5eff Do not send the header if it is not defined 2017-01-11 08:26:04 +13:00
Robbie Averill
cb2dcc75f1 Add X-Robots-Tag noindex,nofollow header from Security controller to prevent indexing 2017-01-09 16:13:39 +13:00
Daniel Hensby
69974d940a
Merge branch '3.3' into 3.4 2016-11-18 11:33:39 +00:00
Daniel Hensby
0ae4b57754
Merge branch '3.2' into 3.3 2016-11-18 11:32:36 +00:00
Daniel Hensby
5df077f24d
Merge branch '3.1' into 3.2 2016-11-18 11:29:19 +00:00
Daniel Hensby
8e5f786b8d
Merge branch '3.4' into 3.5.0 2016-11-15 11:43:16 +00:00
Daniel Hensby
3f4445641d
Merge branch '3.3' into 3.4 2016-11-15 11:35:38 +00:00
Daniel Hensby
c7778a1e9a
Merge branch '3.2' into 3.3 2016-11-15 11:19:27 +00:00
Daniel Hensby
06d0210233
Merge branch '3.1' into 3.2 2016-11-15 11:18:46 +00:00
Daniel Hensby
17097a4d11
[SS-2016-016] FIX Properly escape backURL for template injection 2016-11-10 17:00:03 +00:00
Daniel Hensby
5a7cde0e10
Merge branch '3.4' into 3.5.0 2016-11-09 16:14:40 +00:00
Loz Calver
6bf36fbd30
FIX: Correct return type for Member::currentUser() 2016-11-09 14:20:44 +00:00
Daniel Hensby
beeed8155a
Merge branch '3.4' into 3 2016-09-16 11:56:01 +01:00
Thomas Portelange
995d07756d cache currentUser query (#6007) 
* cache currentUser query

Various modules can call a lot of time Member::currentUser(). We can avoid querying the database multiple times. Cache is implemented as a static array inside the method and store the data byID, in case the currentUserID changes within the same request (not very likely, but..)
 2016-09-15 15:45:40 +01:00
Daniel Hensby
3fd9fe3aa0
Merge branch '3.4' into 3 2016-09-07 09:22:06 +01:00
Daniel Hensby
060bf6b327
Merge branch '3.3' into 3.4 2016-08-22 16:22:37 +01:00
Daniel Hensby
088d88e978
Merge branch '3.2' into 3.3 2016-08-22 16:22:02 +01:00
Daniel Hensby
229a2b9217
Merge pull request #4133 from nimeso/patch-1 2016-08-22 11:52:47 +01:00
Damian Mooyman
d88516203c Merge 3.4 into 3 2016-08-15 19:05:20 +12:00
Daniel Hensby
d1163d87b7 [SS-2016-014] FIX Autologin cookies are ignored if autologin is disabled 2016-08-15 15:52:10 +12:00
Daniel Hensby
8bbf1caae6 [SS-2016-013] FIX Uncasted member name 2016-08-15 15:52:04 +12:00
Daniel Hensby
782c18fd13 [SS-2016-011] ChangePasswordForm does not check $member->canLogin before login 2016-08-15 15:51:53 +12:00
Daniel Hensby
08384bb4d6 [SS-2016-008] Reset Member::Salt on password change 2016-08-15 15:50:56 +12:00
Daniel Hensby
fa7f5af861 [SS-2016-014] FIX Autologin cookies are ignored if autologin is disabled 2016-08-15 15:02:53 +12:00
Daniel Hensby
83e3302c04 [SS-2016-013] FIX Uncasted member name 2016-08-15 15:02:47 +12:00
Daniel Hensby
6d41db77fa [SS-2016-011] ChangePasswordForm does not check $member->canLogin before login 
This could be used as a way to circumvent login restrictions by using the change password feature to log users in that are unable to login for reasons other than too many password attempts
 2016-08-15 15:02:41 +12:00
Daniel Hensby
f85dea2e6d [SS-2016-008] Reset Member::Salt on password change 2016-08-15 15:02:36 +12:00
Daniel Hensby
b1f449762b [SS-2016-014] FIX Autologin cookies are ignored if autologin is disabled 2016-08-15 14:07:57 +12:00
Daniel Hensby
281b0de571 [SS-2016-013] FIX Uncasted member name 2016-08-15 14:07:51 +12:00
Daniel Hensby
2b30ade44d [SS-2016-011] ChangePasswordForm does not check $member->canLogin before login 
This could be used as a way to circumvent login restrictions by using the change password feature to log users in that are unable to login for reasons other than too many password attempts
 2016-08-15 14:07:40 +12:00
Daniel Hensby
dc47f7ec9a [SS-2016-008] Reset Member::Salt on password change 2016-08-15 14:07:24 +12:00
Daniel Hensby
1c7d5de51b [SS-2016-014] FIX Autologin cookies are ignored if autologin is disabled 2016-08-15 13:24:06 +12:00
Daniel Hensby
6817c57f64 [SS-2016-013] FIX Uncasted member name 2016-08-15 13:21:14 +12:00
Daniel Hensby
6606d98663 [SS-2016-011] ChangePasswordForm does not check $member->canLogin before login 
This could be used as a way to circumvent login restrictions by using the change password feature to log users in that are unable to login for reasons other than too many password attempts
 2016-08-15 13:20:02 +12:00
Daniel Hensby
298f61521c [SS-2016-008] Reset Member::Salt on password change 2016-08-15 13:19:02 +12:00
Damian Mooyman
3c1a5d2a46 Merge pull request #5872 from dhensby/pulls/3/injector-for-cmslogin 
FIX Use create syntax for CMSMemberLoginForm remember me form
 2016-08-12 14:10:56 +12:00
Daniel Hensby
86add3e021
FIX Use create syntax for CMSMemberLoginForm remember me form 2016-08-07 20:20:20 +01:00
Damian Mooyman
7de5b998e1 Merge 3.4 into 3 2016-08-05 19:12:25 +12:00
Damian Mooyman
ca754eb887 Merge 3.3 into 3.4 
# Conflicts:
#	admin/javascript/lang/fa_IR.js
#	admin/javascript/lang/it.js
#	admin/javascript/lang/src/fa_IR.js
#	admin/javascript/lang/src/it.js
#	lang/cs.yml
#	lang/eo.yml
#	lang/fa_IR.yml
#	lang/fi.yml
#	lang/it.yml
#	lang/sk.yml
 2016-08-05 16:48:26 +12:00
Damian Mooyman
0d5ae23f2b Merge 3.2 into 3.3 2016-08-05 14:36:35 +12:00
Andrew Aitken-Fincham
66f2e6811b modify getAuthenticator to fall back to get_default_authenticator 2016-08-03 10:36:43 +12:00
Damian Mooyman
d08ab6ac81
API Allow X-Frame-Options to be configured 
Fixes #2970
 2016-07-15 14:08:14 +12:00
Daniel Hensby
a449045b09
Merge branch '3.4' into 3 2016-07-04 23:54:27 +01:00