Commit Graph

358 Commits

Author SHA1 Message Date
Florian Thoma
fbcf7dc3e7
API Normalise trailing slashes for all paths
NOTE: There will be additional related PRs required for at least
silverstripe/cms and silverstripe/admin.

Co-authored-by: Guy Sartorelli <guy.sartorelli@silverstripe.com>
2023-01-20 10:31:14 +13:00
Maxime Rainville
b6b0bcea9f Merge branch '4' into 5 2023-01-18 22:16:45 +13:00
Guy Sartorelli
5bf6835b3e
Merge pull request #10614 from creative-commoners/pulls/5/php82
ENH PHP 8.2 support
2022-12-21 15:39:32 +13:00
Steve Boyd
c1a773310d ENH PHP 8.2 support 2022-12-21 14:44:47 +13:00
Guy Sartorelli
0d662ba95f
Merge branch '4.12' into 4 2022-12-19 01:38:09 +00:00
Guy Sartorelli
b14de847a5
API Make the public directory mandatory (#10617) 2022-12-14 16:08:47 +13:00
Sabina Talipova
53c0147f11
API Remove deprecated code (#10594) 2022-12-08 10:44:47 +13:00
Sabina Talipova
a52c7795c7 Merge branch '4' into 5 2022-11-22 11:41:53 +13:00
Steve Boyd
cb76f312a4 Merge branch '4.11' into 4.12-release 2022-11-21 13:44:23 +13:00
Steve Boyd
dc98cad48a Merge branch '4.10' into 4.11 2022-11-21 13:43:59 +13:00
Steve Boyd
fe13856769 [CVE-2022-37429] Sanitise XSS 2022-11-21 13:06:40 +13:00
Steve Boyd
4308a93cc8 [CVE-2022-38148] Validate SortColumn exists 2022-11-21 13:01:32 +13:00
Steve Boyd
137ebcebec API Stop using deprecated API 2022-11-15 18:20:54 +13:00
Steve Boyd
a57c7315a2 API Strongly-type action method signatures 2022-10-17 17:58:20 +13:00
Guy Sartorelli
ef8a02dfdc
FIX Update config to support tinymce6 2022-09-30 10:40:52 +13:00
Steve Boyd
2b5420ee7d [CVE-2022-37430] Sanitise mixed case javascript 2022-08-23 15:36:48 +12:00
Guy Sartorelli
a57eeb614b MNT Fix broken unit test 2022-08-03 15:47:14 +12:00
Steve Boyd
c466ca5ca5
Merge pull request #9341 from unclecheese/pulls/4/come-on-baby-make-it-search-so-good
NEW: Allow search field customisation
2022-08-02 11:59:55 +12:00
Guy Sartorelli
11595952f4
NEW Search across multiple searchable fields by default (#10382)
* NEW Search across multiple searchable fields by default

* ENH Split search query and search each term separately.
2022-08-01 12:19:02 +12:00
Guy Sartorelli
c7504aa337
Merge pull request #10331 from creative-commoners/pulls/4/gridfield-keep-state
ENH Restore gridfield state from get vars (POC)
2022-07-29 11:33:19 +12:00
Sabina Talipova
7a9bc7f577 ENH Keep Request in URL 2022-07-28 10:14:43 +12:00
Aaron Carlino
07a6c1191a NEW: Allow search field customisation in GridFieldFilterHeader 2022-07-25 17:33:09 +12:00
Steve Boyd
b62c4a9f53 Merge branch '4.11' into 4 2022-07-08 17:13:31 +12:00
Sabina Talipova
babc811381 FIX Remove unexpected message 2022-07-04 16:05:57 +12:00
Steve Boyd
4d662d2dea Merge branch '4.11' into 4 2022-06-28 17:42:07 +12:00
Steve Boyd
98b985fb91 Merge branch '4.10' into 4.11 2022-06-28 17:41:49 +12:00
Guy Sartorelli
d2c58f3bbc [CVE-2022-28803] Block XSS in links and iframes. 2022-06-28 17:01:53 +12:00
Guy Sartorelli
5436df57e4 FIX Add polymorphic class on new records for use in forms. 2022-05-11 14:04:52 +12:00
Steve Boyd
511b3bb060 ENH PHP 8.1 compatibility 2022-04-14 13:12:59 +12:00
Steve Boyd
f1678781a2 ENH Various fixes for PHP 8.1 compatibility 2022-04-11 17:22:22 +12:00
Maxime Rainville
3e5a74c6b2
Merge pull request #10273 from creative-commoners/pulls/4/remove-ini-setting
ENH Fix deprecation issues for PHP 8.1 compatibility
2022-04-07 13:25:24 +12:00
Steve Boyd
814c5b2fd0 ENH Fix deprecation issues for PHP 8.1 compatibility 2022-04-06 11:34:34 +12:00
Steve Boyd
3202ef7c52 Merge branch '4.10' into 4 2022-04-06 10:42:58 +12:00
Steve Boyd
740d087e97 FIX Default GridField search fields with an index of 0 to use StartWithFilter 2022-03-22 16:17:37 +13:00
Steve Boyd
fc707cc10d
MNT Refactor out missing assertArraySubset (#10208) 2022-01-20 12:24:25 +13:00
Steve Boyd
511b8a4c71 Merge branch '4.10' into 4 2022-01-19 16:03:42 +13:00
Steve Boyd
94f976d985
Merge pull request #9894 from brettt89/fix/single-select-empty-default
Move hasEmptySchema and emptyString to DataSchema on SingleSelectField
2022-01-18 11:11:17 +13:00
Mojmir Fendek
3db1435df7
NEW: Allow DateTime to be immutable (#10125)
* BUG: Datetime modify() returns a new field instance.
* PR fixes.
* PR fixes.
2022-01-18 09:41:11 +13:00
Loz Calver
cb37e5fb87 FIX: Ensure extra classes are copied over to readonly/disabled fields 2021-12-17 09:16:43 +00:00
Lukas
552cf5944d
MNT Fix various typos with codespell (#10177) 2021-12-13 21:05:33 +13:00
Steve Boyd
e53c18528c MNT Remove polyfill 2021-11-05 12:06:55 +13:00
GuySartorelli
fc349db511
API Add a way to check if a form or form field has an extra css class (#10112)
Required for silverstripe/silverstripe-admin#1252
2021-11-01 17:01:17 +13:00
Steve Boyd
cd076542f4
API Upgrade SapphireTest to work with phpunit 9 (#10028) 2021-10-27 15:39:47 +13:00
GuySartorelli
49a7f08c07
ENH: Display validation messages for GridFields (#10015)
* FIX: Display validation messages for GridFields
* ENH: Add test for GridField validation messages.
2021-10-19 12:03:40 +13:00
Michal Kleiner
38fe326262 MNT Fix minor typos 2021-09-25 00:23:43 +12:00
Michal Kleiner
7226d7fab6 ENH Add tests for Hierarchy extension when applied to a subclass 2021-09-25 00:23:43 +12:00
Steve Boyd
a90d46dbc4 NEW Title tips for form fields 2021-07-31 14:45:24 +12:00
Steve Boyd
22f809840a MNT Update unit test to expect loading attribute 2021-07-06 17:27:54 +12:00
Loz Calver
5bb5ef80ed FIX: Form::defaultAction() didn't work if actions were in CompositeFields (fixes #9975) 2021-06-09 17:26:43 +01:00
Steve Boyd
9463aaf571 Merge branch '4.8' into 4 2021-06-08 11:49:01 +12:00
Steve Boyd
8024551376 [CVE-2020-26138] Validate custom multi-file uploads 2021-06-02 16:24:23 +12:00
Ingo Schommer
196752566f
Merge pull request #9655 from sminnee/pulls/9647-find-lost-records
NEW: Add GridFieldDetailForm::setRedirectMissingRecords()
2021-05-21 13:53:18 +12:00
Sam Minnee
8883413ba7 NEW: Add GridFieldDetailForm::setRedirectMissingRecords()
This new opt-in setting will let grid field detail forms redirect to the
“Correct” URL of a GridField if it’s not found in the current list.

This works by:
 * Looking for the item in the database
 * If it exists, check for a CMSEditLink() method that returns a value
 * If so, redirect to that

This is useful if you have a number of grid fields that each show a
partial list of records, and it’s possible for the user to make changes
such the item no longer appears in the list, but does appear in another
list.

It’s an opt-in feature as I think all changes like this should be
opt-in, based on previous experiences improving GridField and in turn
breaking SecurityAdmin and slowing versioned-data-browsing down. ;-)
2021-05-21 13:16:00 +12:00
Ingo Schommer
ad4e488dcf
Merge pull request #9192 from sminnee/fix-9163
NEW: Support dot syntax in form field names
2021-05-21 10:34:15 +12:00
Guy Marriott
766df06f23
Merge pull request #9631 from open-sausages/pulls/4/custom-sort-gridfield-autocompleter 2021-05-20 14:02:44 -07:00
Ingo Schommer
7a0d354529 Linter fixes 2021-05-21 08:30:43 +12:00
Ingo Schommer
8806b3befc Fixes required for dot notation support in fields
See #9163
2021-05-20 20:32:25 +12:00
Steve Boyd
a6ccc86f94 Merge branch '4.7' into 4.8 2021-05-03 14:21:37 +12:00
Steve Boyd
e6aeff6468 Merge branch '4.6' into 4.7 2021-05-03 14:21:20 +12:00
Maxime Rainville
440c7cad35 MNT Add test to cover TreeDropdownField::TreeBaseId 2021-04-23 17:53:54 +12:00
Brett Tasker
600f8e5b86 Move hasEmptySchem and emptyString to DataSchema on SingleSelectField 2021-03-23 21:53:30 +13:00
Maxime Rainville
0dd59a1e7b
BUG Reset GridFieldFilterHeader grid state when search is cleared (#9829) 2021-01-21 13:47:40 +13:00
Maxime Rainville
54bdabd203 Merge branch '4.7' into 4 2021-01-20 12:57:01 +13:00
Maxime Rainville
17c6f98ba2 BUG Fix PostgreSQL issue in TreeMultiselectField where field would try to filter list by a blank ID 2021-01-20 12:23:09 +13:00
Steve Boyd
76ae5bc38a FIX Type checking in objectForKey() to fix postgres bug 2021-01-08 15:25:38 +13:00
Andre Kiste
460715197d
Merge pull request #9190 from open-sausages/pulls/4/test-state
Don't include default value in url grid state
2020-11-18 12:31:50 +13:00
Sam Minnée
c5d676fa4e
FIX Avoid test failure on use of narrow-NBSP (#9725)
For whatever reason (different locale version) my local dev env uses
narrow-NBSPs (Unicode 8239) rather than regular NBSP in its localised
strings. This patch makes the tests robust against this difference.

Note that this occurred running the tests in Lando.

Co-authored-by: Robbie Averill <robbie@averill.co.nz>
2020-10-09 10:33:51 +13:00
Robbie Averill
ae1e17edec Update exception assertions in tests and remove deprecated annotations 2020-09-25 10:06:49 -07:00
Dan Hensby
ae0ece2b02
Merge pull request #9665 from creative-commoners/pulls/4/php8-fqcn-token 2020-09-18 20:44:22 +01:00
Sam Minnee
b3dd27953b NEW: Allow league/csv ^9
Hopefully this has better PHP 8 support.
2020-09-15 17:40:42 +12:00
Steve Boyd
015ea8cfc8 Merge branch '4.6' into 4 2020-09-11 11:54:23 +12:00
Damian Mooyman
ac6f34846e
BUG Resolve issue where TreeMultiSelectField would error loading its value (#9604)
* BUG Resolve issue with TreeMultiSelectField not retaining value in some situations
E.g. in an elemental form
2020-09-11 11:52:36 +12:00
Steve Boyd
00a60432f6 Backport fix to GroupedDropdownFieldTest 2020-08-19 11:21:46 +12:00
Maxime Rainville
5226d961e8 Fix unit test 2020-08-18 10:29:57 +12:00
Maxime Rainville
a43414dedb Make sure GridState always outputs a JSON Object string 2020-08-17 23:23:42 +12:00
Maxime Rainville
70ffb3297a API Only include gridfield state value that differ from the expected default 2020-08-17 12:11:56 +12:00
Maxime Rainville
e31565cb71 BUG Fix GroupedDropdownFieldTest::testReadonlyValue 2020-08-06 22:50:40 +12:00
Ingo Schommer
9d03a6856c FIX Retain custom sort on custom lists in GridFieldAddExistingAutoCompleter
Forcing sort by the first search field isn't always appropriate.
When a custom search list is used, we can set the expectation that custom sorting is intended as well.
As an example, this can be used to autocomplete based on FULLTEXT indexes,
and sort based on relevancy.
2020-08-04 22:02:20 +12:00
Steve Boyd
8287fad24d Merge branch '4.6' into 4 2020-07-29 11:38:49 +12:00
Martin Heise
404f450ac3 BUG Readonly version of GroupedDropdownField
GroupedDropdownField was showing empty values in Readonly mode due to not correctly handling the hierarchical source array.
Uses flattened source now in GroupedDropdownField->performReadonlyTransformation()
2020-07-21 09:23:30 +02:00
cpenny
f72491f7f4 Linting fix 2020-06-08 09:35:00 +12:00
cpenny
d4165db690 Update getter name to getCMSCompositeValidator 2020-05-28 12:23:35 +12:00
cpenny
2765b65f42 Use ReflectionClass for CompositeValidator tests 2020-05-28 11:18:46 +12:00
cpenny
bca4be77ed Update name to CompositeValidator. Add docblocks 2020-05-28 11:18:46 +12:00
cpenny
b45a3561df Implemented PR feedback. Added some initial test cov 2020-05-28 11:18:46 +12:00
Maxime Rainville
acccdd8a1c Merge branch '4.5' into 4 2020-05-26 14:31:06 +12:00
Maxime Rainville
42bb28965c Merge branch '4.4' into 4.5 2020-05-26 14:30:27 +12:00
Maxime Rainville
395893b559 Merge branch '4.3' into 4.4 2020-05-26 14:30:02 +12:00
Maxime Rainville
86fcb9e29c Merge branch '4.2' into 4.3 2020-05-26 14:29:16 +12:00
Dan Hensby
33b0b6985a
Update file paths for autoloading compatibility 2020-04-25 10:28:28 +01:00
Daniel Hensby
237b2d5f74
Convert array delcarations to short array syntax 2020-04-20 18:58:09 +01:00
mattclegg
e968f5cb86
DOCS: Remove outdated TODO 2020-04-14 15:00:08 +05:45
Steve Boyd
687435a2f1 Merge branch '4.4' into 4.5 2020-03-06 10:52:22 +13:00
UndefinedOffset
bba0f2f72f
BUGFIX: Fixed issue where TimeField_Readonly would only show "(not set)" instead of the value 2020-02-24 09:59:00 -04:00
Maxime Rainville
acd7d94167 Merge branch '4.4' into 4.5 2020-02-17 13:07:26 +13:00
Serge Latyntcev
ad1b00ec7d [CVE-2019-19325] XSS through non-scalar FormField attributes
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
2020-02-17 09:58:29 +13:00
Serge Latyntcev
91e4aa90f1 Merge branch '4.4' into 4.5 2019-11-20 11:09:23 +13:00
Serge Latyntcev
8219491705 Merge branch '4.3' into 4.4 2019-11-20 11:08:35 +13:00
Garion Herman
ea2a2b4786 FIX Adjust HTMLEditorField tests to support alt attr changes in assets
The default behaviour of the alt attribute has changed from using the
filename to applying an empty value.
2019-11-14 12:04:37 +13:00
Damian Mooyman
e76601e5c8
BUG FormAction title property cannot be set if useButtonTag is false 2019-10-29 17:21:45 +13:00