Commit Graph

19759 Commits

Author SHA1 Message Date
Damian Mooyman
22314de559 DOCS Update security release docs / satis instructions (#7681)
* DOCS Update security release docs / satis instructions

* Update based on testing
2018-12-13 15:50:50 +13:00
Aaron Carlino
00e996f164 Add changelog 2018-12-12 13:47:17 +13:00
Aaron Carlino
fed9afb046 Update translations 2018-12-12 12:21:17 +13:00
Robbie Averill
48bd335648 [SS-2018-020] Ensure that table names are escaped to prevent possible SQL injection 2018-12-11 20:55:58 +13:00
Guy Marriott
6edcbe9086
Merge pull request #8592 from open-sausages/pulls/4.0/tree-multiselect-null
FIX TreeMultiselectField passes value 'unchanged' as null to ORM
2018-12-06 14:23:48 +13:00
Serge Latyntcev
4ee63eb4e7 TreeMultiselectFieldTest / make scrutinizer happy 2018-11-29 12:13:56 +13:00
Serge Latyntcev
38f8217f01 TreeMultiselectFieldTest / setUp is protected in PHPUnit5 2018-11-29 09:55:28 +13:00
Serge Latyntcev
f526c794fc Minor / Refactor php tests for TreeMultiselectField 2018-11-23 16:03:44 +13:00
Serge Latyntcev
9ce6d91b76 FIX / TreeMultiselectField::objectForKey handles list of IDs correctly 2018-11-22 12:11:18 +13:00
Serge Latyntcev
80885fc231 ADD php test TreeMultiselectField::testEmptyChoiceReadonly 2018-11-20 16:45:23 +13:00
Robbie Averill
c181a17790
Merge pull request #8610 from kinglozzer/urltoken-redirect-loop
FIX: Redirect loop with multiple confirmation tokens present (fixes #8607)
2018-11-15 13:38:21 +02:00
Loz Calver
b5bae137bd FIX: Redirect loop with multiple confirmation tokens present (fixes #8607) 2018-11-15 10:59:42 +00:00
Serge Latyntcev
15aaf9db9f Fix a code style typo 2018-11-13 10:20:49 +13:00
Aaron Carlino
a843e136e8 Added 4.0.5 changelog 2018-11-09 11:09:07 +13:00
Aaron Carlino
1db568cdb6 Update translations 2018-11-08 16:25:41 +13:00
Serge Latyntcev
4b4fbabed5 FIX TreeMultiselectField passes value 'unchanged' as null to ORM for 'ID' column key 2018-11-08 15:41:46 +13:00
Robbie Averill
c3a52099e1
Merge pull request #8583 from wernerkrauss/fix-8572
Convert::memstring2bytes should return integer value
2018-11-07 19:33:40 +02:00
Werner M. Krauß
3f321f935a Convert::memstring2bytes should return integer value
bytes are by nature an integer

fixes #8572
2018-11-07 17:01:36 +01:00
Loz Calver
11fe5b3adf Implement ConfirmationTokenChain to handle multiple tokens at once 2018-11-07 11:33:24 +13:00
Robbie Averill
9aabe0a0f7 [SS-2018-018] Ignore arguments in mysqli::real_connect backtrace calls 2018-11-07 11:33:24 +13:00
Loz Calver
8d7c2dafab [SS-2018-019] Add confirmation token to dev/build 2018-11-07 11:33:24 +13:00
Robbie Averill
db425c76a3
Merge pull request #8573 from wernerkrauss/fix-8570
Convert::memstring2bytes should preserve -1
2018-11-06 11:02:23 +01:00
Werner M. Krauß
adafd73943 Convert::memstring2bytes should preserve -1
fixes #8570
2018-11-06 10:22:13 +01:00
Maxime Rainville
5172dcbb1e
Merge pull request #8561 from open-sausages/pullss/4.0/reference-ss-object-upgrade-yml
MINOR Add a reference to SS_Object in .upgrade.yml to allow upgrade from SS3.7
2018-11-02 09:14:13 +13:00
Maxime Rainville
46e4c19070 MINOR Add a reference to SS_Object in .upgrade.yml to allow upgrade from SS3.7 2018-11-01 22:38:26 +13:00
Loz Calver
536a1c08b3
Merge pull request #8358 from creative-commoners/pulls/4.0/check-scheme
FIX Check scheme is truthy before setting it to the request
2018-09-03 09:31:03 +01:00
Robbie Averill
b922c0d732 FIX Check scheme is truthy before setting it to the request 2018-09-03 08:59:37 +02:00
Maxime Rainville
dd3379e68f
Merge pull request #8075 from creative-commoners/pulls/4.0/remap-polymorphics
FIX Polymorphic relationship class columns have obsolete class names remapped
2018-08-28 17:03:39 +12:00
Robbie Averill
d651d0fbfc FIX Use base class (not remapping target class) when looking up whether object is versioned 2018-08-28 14:15:02 +12:00
Robbie Averill
3178fbf3bb
Merge pull request #8028 from andrewandante/pulls/4.0/unset_http_scheme_on_cli
unset http scheme on CLIRequestBuilder
2018-08-27 16:11:42 +12:00
Robbie Averill
953153500d FIX Polymorphic relationship class columns have obsolete class names remapped 2018-08-15 10:40:51 +12:00
Robbie Averill
88d3794828
Merge pull request #8321 from scott1702/patch-4
Fix indentation on pagination guide
2018-08-14 15:39:07 +12:00
Scott Hutchinson
3bd2cbf199 DOCS indentation on pagination guide [ci skip]
For all those copy + paste fiends
2018-08-14 15:36:52 +12:00
Loz Calver
f0e545ada8
Merge pull request #7971 from dhensby/pulls/4.0/fix-extension-config
FIX Config from extension should not override
2018-07-13 16:15:18 +01:00
Daniel Hensby
d80ef3d9e6
DOCS Update docs to reflect true config merge priorities 2018-07-13 15:43:56 +01:00
Daniel Hensby
4acec33562
FIX Fixed bug in config merging priorities so that config values set by extensions are now least important instead of most important 2018-07-12 00:55:39 +01:00
Robbie Averill
87159ea820
Merge pull request #7949 from martinduparc/patch-7
Use LimitWordCount instead of LimitWordCountXML
2018-06-19 21:36:36 +12:00
Robbie Averill
18fba211b0
Merge pull request #8165 from open-sausages/pulls/4.0/fix-duplicate-upgrade-keys
BUG Remove duplicate key
2018-06-13 09:29:28 +12:00
Damian Mooyman
7b04949caa
BUG Remove duplicate key 2018-06-12 15:00:22 +12:00
Robbie Averill
f256045020
Merge pull request #8158 from open-sausages/pulls/4.0/fix-cli-canonical-middleware
BUG Prevent canonical URL causing a redirect on CLI unless explicitly enabled
2018-06-12 10:53:37 +12:00
Robbie Averill
27e24a4728
Merge pull request #8142 from open-sausages/pulls/4.0/fix-injector-empty
BUG Safely handle empty injector factory responses
2018-06-11 15:20:24 +12:00
Damian Mooyman
2a51f34c3e
BUG Prevent canonical URL causing a redirect on CLI unless explicitly enabled
Replaces #8157
2018-06-11 13:54:27 +12:00
Nicolaas
8f03c7df05 PATCH: removing duplicate key (SS_TRUSTED_PROXY_HOST_HEADER) 2018-06-11 13:35:27 +12:00
Damian Mooyman
546c6c3e22
Merge pull request #8125 from open-sausages/pulls/4/date-field-tweaks
Remove legacy logic from DateField_Disabled
2018-06-11 09:23:33 +12:00
Daniel Hensby
cfe93b7f23
Merge branch '3.6' into 4.0 2018-06-08 14:41:04 +01:00
Maxime Rainville
582c69d32f
BUG Fix issue with Disabled DateField always display (not set). 2018-06-08 13:51:22 +01:00
Daniel Hensby
e1450b5e82
Merge pull request #8147 from kinglozzer/mysql-pdo-attr
FIX: Only set MYSQL_ATTR_INIT_COMMAND when using mysql driver (fixes #8103)
2018-06-08 13:06:03 +01:00
Ingo Schommer
510b0f7759
Merge pull request #8150 from open-sausages/pulls/4.0/fix-postgres-duplication-issue
BUG Fix test that relies on implicit ID order breaking postgres
2018-06-08 12:58:43 +12:00
Damian Mooyman
29f9b1c18f
Fix linting issues 2018-06-08 11:38:36 +12:00
Damian Mooyman
e37e3e1746
BUG Fix test that relies on implicit ID order breaking postgres 2018-06-08 11:23:24 +12:00