Commit Graph

1093 Commits

Author SHA1 Message Date
Robbie Averill
231d6d9a9f FIX New members now receive the configured default locale, not the current locale 2018-09-28 16:25:10 +02:00
Loz Calver
f01473f1b3
Merge pull request #8390 from caffeineinc/bugfix/8389-login-attempt-performance-issues
Performance issues with BasicAuth and LoginAttempts
2018-09-24 10:24:29 +02:00
Robbie Averill
d11911d4dd
Merge pull request #8394 from littlegiant/pulls/4.2/http-status-codes
BUG Prevent error on valid response status codes
2018-09-21 13:19:29 +02:00
Andre Kiste
e8fd49b394
Merge pull request #8381 from open-sausages/pulls/4.2/sort-out-your-field
BUG Changes being detected on TreeMulti as values not sorted
2018-09-21 16:38:56 +12:00
Luke Edwards
4ac4cdc91b
Merge pull request #8348 from caffeineinc/bugfix/3357
BUG Add GridField Readonly Transformation (#3357)
2018-09-21 14:54:37 +12:00
Damian Mooyman
1d5ecd342e
BUG Prevent error on valid response status codes 2018-09-21 14:54:26 +12:00
Simon Gow
c269a987d5 Performance issues with BasicAuth and LoginAttempts
Two functions interact with the LoginAttempt object which when used in conjunction with BasicAuth result in significant performance degradation over time, as the LoginAttempts Table fills.

This fix adds an index to the lookup column EmailHashed and removes the Email filter part of getByEmail() so it can use the index resulting in a much faster query.

For more information see https://github.com/silverstripe/silverstripe-framework/issues/8389
2018-09-20 13:34:03 +12:00
Luke Edwards
3fc49dd4ce Lint fixes and allow a few other components by default 2018-09-20 13:32:52 +12:00
Luke Edwards
db63f55fbb BUG Changes being detected on TreeMulti as values not sorted 2018-09-18 13:24:55 +12:00
Robbie Averill
270aba4007 Merge branch '4.1' into 4.2 2018-09-06 13:26:31 +02:00
Robbie Averill
b6ff21f72a Merge branch '4.0' into 4.1 2018-09-06 13:26:13 +02:00
Ingo Schommer
f7d85fe794 Make sure that CMS requests disable caching
Original author: @dhensby

Forward port from 3.7 fix at https://github.com/silverstripe/silverstripe-framework/pull/8318
2018-09-05 11:38:41 +12:00
Robbie Averill
b922c0d732 FIX Check scheme is truthy before setting it to the request 2018-09-03 08:59:37 +02:00
Robbie Averill
94f5d32f41
Merge pull request #8351 from open-sausages/pulls/4.2/move-to-your-other-left
BUG Use classes for TinyMCE alignment buttons
2018-08-31 10:18:03 +12:00
Luke Edwards
234b795f89 BUG Use classes for TinyMCE alignment buttons 2018-08-31 09:02:17 +12:00
Simon Gow
4c3a068859 Issue 3357 - Add GridField Readonly Transformation
GridField doesn't have a valid readonly state if it's value is set to an Object
without `forTemplate()`. The default behaviour is to render a ReadonlyField,
but given GridField is a complex type this isn't suitable.

This bugfix provides a transformation method to render only components that are
whitelisted to provide a readonly state.

@see #3357 - https://github.com/silverstripe/silverstripe-framework/issues/3357
2018-08-29 14:47:06 +12:00
Maxime Rainville
dd3379e68f
Merge pull request #8075 from creative-commoners/pulls/4.0/remap-polymorphics
FIX Polymorphic relationship class columns have obsolete class names remapped
2018-08-28 17:03:39 +12:00
Robbie Averill
d651d0fbfc FIX Use base class (not remapping target class) when looking up whether object is versioned 2018-08-28 14:15:02 +12:00
Robbie Averill
37a266f2f0 Merge branch '4.1' into 4.2 2018-08-27 16:14:24 +12:00
Scott Hutchinson
4da5569232 FIX ensure createFromVariables takes correct params on CLIRequestBuilder 2018-08-27 16:12:52 +12:00
Robbie Averill
66c09afc9c Merge branch '4.0' into 4.1 2018-08-27 16:12:04 +12:00
Robbie Averill
3178fbf3bb
Merge pull request #8028 from andrewandante/pulls/4.0/unset_http_scheme_on_cli
unset http scheme on CLIRequestBuilder
2018-08-27 16:11:42 +12:00
Robbie Averill
a87165c299
Merge pull request #8326 from creative-commoners/pulls/4.2/remove-double-encoding
FIX Remove double escaping of HTML values in print views
2018-08-27 13:37:32 +12:00
Thomas Portelange
27ac001d5b FIX email rendering should not include requirements
If no body is defined, the email is rendered according to a template. Clearing requirements prevent unnecessary styles/scripts to be included in the html (and that needs to be processed/stripped down the line).
2018-08-23 14:01:27 +12:00
Robbie Averill
373326e49c
Merge pull request #8324 from creative-commoners/pulls/4.2/request-before-init
FIX Pass request to dummy controller before calling init
2018-08-21 12:08:14 +12:00
Daniel Hensby
aa153cb5c7
Merge pull request #8315 from open-sausages/pulls/4.2/changing-change
FIX Paginating a gridfield causing a change event
2018-08-20 17:59:50 +01:00
Robbie Averill
18fff5c16c Remove past tense for "log in" in expired token message 2018-08-20 22:31:23 +12:00
Robbie Averill
dbab696690 FIX Message when changing password with invalid token now contains correct links to login
The Security controller should be used to return these links rather than the
ChangePasswordHandler
2018-08-20 22:30:12 +12:00
Luke Edwards
9f5b0086cb FIX Paginating a gridfield causing a change event 2018-08-17 09:35:57 +12:00
Robbie Averill
0db594b2d3 FIX Remove double escaping of HTML values in print views
Print view uses the SilverStripe templating to render values which means that
values are safely escaped by default. This can be tested by chaing `$CellString`
to `$CellString.RAW` in the GridField_print.ss template to see this escaping
being disabled.

This pull request removes double escaping of HTML in strings.
2018-08-15 17:57:40 +12:00
Robbie Averill
953153500d FIX Polymorphic relationship class columns have obsolete class names remapped 2018-08-15 10:40:51 +12:00
Robbie Averill
873873dc30 FIX Pass request to dummy controller before calling init 2018-08-15 10:14:25 +12:00
Daniel Hensby
17dbb86257
Merge pull request #8293 from open-sausages/pulls/4.2/restore-default-delete-action-of-record-editor
FIX Restore default delete action on GridFieldConfig_RecordEditor
2018-07-30 17:00:09 +01:00
Daniel Hensby
ec5640cbd9
Merge tag '4.2.0' into 4.2
Release 4.2.0
2018-07-30 11:04:57 +01:00
Maxime Rainville
85b4b48fb5 FIX Restore default delete action on GridFieldConfig_RecordEditor 2018-07-27 17:19:09 +12:00
Daniel Hensby
ae00147de1
Merge pull request #8280 from open-sausages/pulls/4/simpler-vary-header
FIX: Remove X-Requested-With from default Vary header
2018-07-24 01:45:07 +01:00
Ingo Schommer
d12c2fe631
Properly deprecate HTTP.cache_control 2018-07-23 19:09:11 +01:00
Ingo Schommer
0f5420b6a5
Removed unused classes 2018-07-23 19:09:11 +01:00
Ingo Schommer
d426ecbb89
Add $maxAge arg for caching API
See https://github.com/silverstripe/silverstripe-framework/issues/8272
2018-07-23 19:09:10 +01:00
Sam Minnee
bde3121a33
FIX: Remove X-Requested-With from default Vary header
3.x forward port of https://github.com/silverstripe/silverstripe-framework/pull/8242
2018-07-23 14:18:05 +01:00
Daniel Hensby
ccbbcd45a2
FIX Fixed bug in config merging priorities so that config values set by extensions are now least important instead of most important 2018-07-23 14:15:24 +01:00
Daniel Hensby
6e1c7c2781
FIX remove personal information from password reset confirmation screen 2018-07-23 14:13:52 +01:00
Maxime Rainville
c77042aa8b
Fix linting. 2018-07-23 14:12:44 +01:00
Maxime Rainville
7fda52b2cd
Add a MERGE_AS_SUBMITTED_VALUE flag for Form::loadDataFrom 2018-07-23 14:12:43 +01:00
Maxime Rainville
3fa2c056d7
FIX Don't reload form session data using FormField::setSubmittedValue (#8056) 2018-07-23 14:12:43 +01:00
Ingo Schommer
74b655d3fc
Fix tests on unset session data
Thanks Robbie!
2018-07-23 14:09:42 +01:00
Ingo Schommer
76ac8465de
BUG Lazy session state (fixes #8267)
Fixes regression from 3.x, where sessions where lazy started as required:
Either because an existing session identifier was sent through with the request,
or because new session data needed to be persisted as part of the request execution.

Without this lazy starting, *every* request will get a session,
which makes all those responses uncacheable by HTTP layers.

Note that 4.x also changed the $data vs. $changedData payloads:
In 3.x, they both contained key/value pairs.
In 4.x, $data contains key/value, while $changedData contains key/boolean to declare isChanged.
While this reduces duplication in the class, it also surfaced a bug which was latent in 3.x:
When an existing session is lazily resumed via start(), $data is set back to an empty array.
In 3.x, any changed data before this point was *also* retained in $changedData,
ensuring it gets merged into existing $_SESSION data.
In 4.x, this clears out data - hence the need for a more complex merge logic.

Since isset($this->data) is no longer an accurate indicator of a started session,
we introduce a separate $this->started flag.

Note that I've chosen not to make lazy an opt-in (e.g. via start($request, $lazy=false)).
We already have a distinction between lazy starting via init(), and force starting via start().
2018-07-23 14:09:42 +01:00
Daniel Hensby
e37b3b95f4
FIX updateValidatePassword calls need to be masked from backtraces 2018-07-23 14:08:26 +01:00
Daniel Hensby
a3687147fe
State default should be state enabled (no-cache is an enabled state) 2018-07-23 14:07:10 +01:00
Daniel Hensby
9f1471332d
Make augmentState method more efficient 2018-07-23 14:07:10 +01:00