Andrew O'Neil
becdd85421
BUGFIX: Fix checking for flawed blowfish encryption
2012-05-16 16:40:12 +12:00
Stig Lindqvist
bbe3879eaa
BUGFIX: Member::mapInGroups() throws SQL error
...
Renamed the Member::mapInGroups() to Member::map_in_groups() since it's a static method and throws deprecation message if using the old variant.
Rewrote the mapInGroups to use a more ORMy way of fetching Members for a set of groups and included a test for.
2012-05-10 13:53:54 +12:00
Ingo Schommer
15e8e10f5e
Merge pull request #411 from ajoneil/blowfish
...
MINOR: Fix coding conventions
2012-05-07 15:56:03 -07:00
Andrew O'Neil
0c0a91e3c1
MINOR: Fix coding conventions
2012-05-08 10:33:03 +12:00
Stig Lindqvist
a16b75d459
Merge pull request #405 from halkyon/member_changes2
...
API CHANGE Removed Member_SignupEmail and deprecate sendInfo() on Member
2012-05-06 21:47:05 -07:00
Andrew O'Neil
f6c98b1992
BUGFIX: Increase size of varchar fields on MemberPassword to match those defined in Member. This fixes issues when the password hash is longer than 50 characters, and was being truncated when saved in MemberPassword.
2012-05-07 15:04:25 +12:00
Andrew O'Neil
5cf3720bf0
ENHANCEMENT: Use the best blowfish encryption available - this fixes fragility between PHP versions and system installations
2012-05-07 15:04:09 +12:00
Andrew O'Neil
89fc8e5fdd
APICHANGE: PasswordEncryptor::check() allows for more powerful password checking, deprecating PasswordEncryptor::compare()
2012-05-07 15:03:53 +12:00
Sean Harvey
d4154dae9e
API CHANGE Deprecate Member::sendInfo(), use Member_ChangePasswordEmail and Member_ForgotPasswordEmail class directly instead.
2012-05-05 10:04:46 +12:00
Sean Harvey
fd0ec1c47f
API CHANGE Removed Member_SignupEmail, use your own custom sign up Email class instead.
2012-05-05 10:04:23 +12:00
Sam Minnee
de4a865fb8
BUGFIX: Fixed blowfish encryption for PHP < 5.3.7 ( #7276 )
2012-05-04 11:50:26 +12:00
Ingo Schommer
68051fdb96
Merge pull request #371 from halkyon/sapphire
...
---
Dont start the session until its actually necessary, which is to say there is a cookie available with the current PHP session name (or a request variable with the session_name() - typically PHPSESSID.) The latter allows for passing session ID through as an alternative to cookies.
2012-05-03 14:58:09 +02:00
Sean Harvey
151abde17d
Merge pull request #388 from chillu/trac/7170-i18n-sprintf-injections
...
#7170 i18n sprintf injections
2012-05-02 16:18:30 -07:00
Sean Harvey
6483cdd204
Merge pull request #382 from chillu/trac/7217-group-default-on-member
...
Group default on member (#7217 )
2012-05-01 21:43:05 -07:00
Andrew O'Neil
a2e9c001d7
MINOR: Fix style according to style guidelines, and add a comment about use of "$2y" instead of "$2a"
2012-05-02 14:59:39 +12:00
Andrew O'Neil
fa60f9e8b2
ENHANCEMENT: Implement blowfish encryption and use it by default. ( #7111 )
2012-05-02 13:51:29 +12:00
Ingo Schommer
7b18d9d0da
MINOR Switching _t() calls from sprintf() to using injection parameters ( #7170 )
2012-05-01 22:17:00 +02:00
Sean Harvey
0882741f54
API CHANGE Renamed setModel for DataModel instances to setDataModel for
...
semantics, and also to allow a field name called "Model"
2012-05-01 14:45:44 +12:00
Ingo Schommer
f873707e9d
ENHANCEMENT Prepopulating group on new members ( fixes #7217 )
2012-04-30 14:35:25 +02:00
Ingo Schommer
ffe698ca1e
MINOR Placeholder text for adding a group in Member->getCMSFields() ( fixes #7217 )
2012-04-30 10:29:09 +02:00
Sean Harvey
f63d137d49
ENHANCEMENT Session::start() now only called when there is changed
...
session data to be saved, and started on Director::direct() when there
is a cookie (or request var) containing the current PHP session name.
2012-04-27 16:28:46 +12:00
Sean Harvey
8a6671d72e
BUGFIX Member::onChangeGroups() should allow ADMIN permission grant if the logged in user is an ADMIN
2012-04-27 12:27:46 +12:00
Ingo Schommer
7f62ad0f3e
Merge branch 'master' into 7094-combine-tree-edit-view
2012-04-18 14:19:55 +02:00
Sean Harvey
926daa29e2
BUGFIX Revert remove of function_exists() check for mcrypt in
...
7d84aff01e
, as we don't expect mcrypt to actually be available,
since fallbacks in RandomGenerator are available.
2012-04-18 18:44:33 +12:00
Andrew O'Neil
14c0796617
MINOR: Remove checks for PHP < 5.3.2, as it's no longer supported
2012-04-18 10:38:09 +12:00
Ingo Schommer
65fc81fd68
MINOR Removed Group->CMSTreeClasses(), no longer shown as a tree
2012-04-17 22:34:24 +02:00
Andrew O'Neil
a89228e934
MINOR: Fix deprecation notice when saving user settings
2012-04-16 14:13:21 +12:00
Ingo Schommer
d44f6b3e1f
MINOR Removed deprecated usage of $priority argument in _t() calls
2012-04-15 17:17:17 +02:00
Simon Welsh
f07258f3cf
MINOR Update @package values to match renaming sapphire
2012-04-15 10:50:19 +12:00
Simon Welsh
3a6341a251
API-CHANGE sapphire folder can now be renamed.
2012-04-15 10:50:19 +12:00
Simon Welsh
f8082e4814
MINOR Add newline to end of files without one
2012-04-15 10:50:19 +12:00
Ingo Schommer
8ba9c3ca6b
API CHANGE Removed $params argument to DataObject->getCMSFields(), please use FormScaffolder directly ( fixes #7135 )
2012-04-13 15:46:47 +02:00
Sean Harvey
fd3de5158d
BUGFIX Use of Link() in security classes now refers to $this->controller
...
instead of calling the instance method Link statically (which isn't
allowed for E_STRICT compliance.)
2012-04-12 12:09:39 +12:00
Ingo Schommer
a3d99b082d
MINOR Resetting Security::$database_is_ready state during tests (regression from a9509a610d
)
2012-04-11 17:22:55 +02:00
Ingo Schommer
ac45e5b9c0
Merge branch 'integration'
...
Conflicts:
admin/css/ie8.css
admin/css/screen.css
admin/scss/_style.scss
dev/install/config-form.html
dev/install/install.css
dev/install/php5-required.html
2012-04-11 16:31:12 +02:00
Ingo Schommer
aed5e93da2
Merge pull request #301 from stojg/database-is-ready-checks
...
MINOR Security::database_is_ready() check are doing duplicate DB queries...
2012-04-11 06:38:22 -07:00
Ingo Schommer
6cd91ff449
Merge pull request #299 from ajoneil/sapphire
...
---
Conflicts:
forms/NumericField.php
2012-04-11 15:36:35 +02:00
Stig Lindqvist
a9509a610d
MINOR Security::database_is_ready() check are doing duplicate DB queries for Members.
...
The will make sure that if the database has been ready once, it is ready for the rest of the request
2012-04-12 00:29:35 +12:00
Andrew O'Neil
4be59a8d45
MINOR: Ensure all form fields Field() method has the same signature as FormField::Field(). Fixes E_STRICT warnings.
2012-04-11 17:33:36 +12:00
Andrew O'Neil
daab8f4cbc
MINOR: Consistently use DataObjectInterface for saveInto() on FormField subclasses. Fixes E_STRICT notice
2012-04-11 17:00:57 +12:00
Ingo Schommer
8c5e56fe31
Merge branch 'master' into integration
...
Conflicts:
admin/css/screen.css
dev/install/php5-required.html
2012-04-09 21:10:08 +02:00
Stig Lindqvist
0d031a5045
API CHANGE Use Config for registering default password encryptors
...
Using the config system for registering password encryptors
Remove the eval on password encryptor construction by using reflection
Throws deprecation messages when using static register / unregister
2012-04-07 19:14:00 +12:00
Ingo Schommer
40d73127ae
MINOR Using late static binding instead of Object::create() calls
2012-04-04 17:10:31 +02:00
Felipe Skroski
7740bb326a
ENHANCEMENT SSF-168 moved print and csv export buttons to the top of the grid
2012-04-04 14:09:52 +12:00
Normann Lou
2f3949ac6e
MINOR add 'print button' to Member list and data list of ModelAdmin
2012-04-04 10:35:41 +12:00
Ingo Schommer
d0d23dc591
Merge pull request #271 from halkyon/group_changes
...
BUGFIX Nested Group records should be removed, along with the parent.
2012-03-28 02:52:52 -07:00
Sean Harvey
bd95bcaf61
BUGFIX Nested Group records should be removed, along with the parent.
2012-03-28 22:49:58 +13:00
Sean Harvey
e097f6e1a8
MINOR Fixes to method arguments in core classes for E_STRICT support.
...
API CHANGE Remove abstract static function and just use static functions
in Authenticator (PHP 5.3+ doesn't support abstract static functions)
2012-03-28 22:41:42 +13:00
Ingo Schommer
cbb0259dd7
Merge branch 'integration-merge27march'
2012-03-27 18:07:21 +02:00
Ingo Schommer
efc30fd39e
MINOR Removed setRightTitle() special case (and too specific styling) from Group->getCMSFields(), implemented title attribute for chosen.js drop downs instead (to be styled with more friendly title popovers)
2012-03-27 17:07:50 +02:00
Sean Harvey
b92e4e01a9
MINOR Removed PHP 5.1 check for PasswordEncryptor, use hash() always as PHP 5.1 is no longer supported.
2012-03-27 20:09:36 +13:00
Andrew O'Neil
86ef281d8f
BUGFIX: #7019 Fix SQL error when building database after adding a Member DataExtension in non-dev mode
2012-03-21 11:53:38 +13:00
Sam Minnee
6c35588eda
API CHANGE: Rename 'PastMember' to 'IsRepeatMember' in templates.
...
API CHANGE: Move Controller::PastMember() to Member::is_repeat_member() in code.
API CHANGE: Removed Controller::CurrentMember(), it was only ever intended as a template global provider.
2012-03-16 15:05:28 +13:00
Normann Lou
aed91931a7
MINOR SSF-53 : code convention, use "-" instead of "_" for html class property value
2012-03-12 09:35:25 +01:00
Ingo Schommer
01b24daace
API CHANGE Removed Member::isAdmin(), use Permission::check('ADMIN') instead
...
API CHANGE Removed Member->setByCheckboxes()/setByCheckboxSetField(), Use setByIdList() and/or a CheckboxSetField instead
API CHANGE Removed Member->addManyByGroupID(), Use DataList->addMany() instead.
API CHANGE Removed Member->removeManyByGroupID(). Use DataList->removeMany() instead.
API CHANGE Removed Member->getGroupsFromIDs(). Use DataObject::get("Group")->byIds() instead.
API CHANGE Removed Member->addManyByCodename()/removeManyByCodename(). Don\'t rely on codename
2012-03-09 21:33:52 +01:00
Ingo Schommer
4216a09177
API CHANGE Removed BasicAuth::enable()/disable(), use protect_entire_site()
2012-03-09 21:20:20 +01:00
Sean Harvey
d28da56e19
BUGFIX Fixed regression where Member::PasswordEncryption field wouldn't be set to the default
2012-03-09 17:29:57 +13:00
Sean Harvey
2644cbb6e9
BUGFIX Remove use of encryptPasswords; use PasswordEncryptor_None
...
instead
2012-03-09 15:31:33 +13:00
Sean Harvey
d0a0df0b8e
API CHANGE Removed Security::$useSalt static, please use a custom PasswordEncryptor instead
2012-03-09 15:06:12 +13:00
Sean Harvey
0d8151fd3d
Merge remote-tracking branch 'upstream/master' into deprecation_fixes
2012-03-09 15:03:43 +13:00
Sean Harvey
aca2b2f3b5
API CHANGE Removed deprecated Security::get_encryption_algorithms() - please use PasswordEncryptor::get_encryptors() instead
2012-03-09 14:51:34 +13:00
Sean Harvey
6e58026c27
API CHANGE Removed deprecated Security::encrypt_passwords() - please use PasswordEncryptor_None instead.
2012-03-09 14:50:14 +13:00
Sam Minnee
a071456837
Merge branch 'master' of github.com:silverstripe/sapphire
...
Conflicts:
tests/forms/gridfield/GridFieldDetailFormTest.php
tests/forms/gridfield/GridFieldPopupFormsTest.yml
2012-03-09 14:37:32 +13:00
Stig Lindqvist
8b82dae06c
API CHANGE: Renaming of gridfield components #6921
2012-03-09 12:54:02 +13:00
Sean Harvey
9f3344b355
API CHANGE Removed built-in behaviour.js client-side form validation.
...
This is no longer supported. Please use custom client-side validation instead. (see 3.0.0 changelog
for more information)
2012-03-09 12:19:57 +13:00
Ingo Schommer
e4a6dd5850
Merge branch 'integration'
...
Conflicts:
forms/gridfield/GridField.php
2012-03-08 20:25:21 +01:00
Ingo Schommer
c117ef58cf
API CHANGE Removed LeftAndMain->RootForm(), concept no longer applies in 3.0 UI. Use EmptyForm() or EditForm()
2012-03-08 18:22:30 +01:00
Normann Lou
1de30d5bf2
ENHANCEMENT SSF-53 : remove literal field for explanation text of Parent dropdown, use a right title for it, instead
2012-03-08 10:47:06 +13:00
Ingo Schommer
79d420f941
ENHANCEMENT Member->DirectGroups() (to complement Group->DirectMembers(), and aid with relationship saving through Member->getCMSFields())
2012-03-07 01:23:40 +01:00
Ingo Schommer
723a8488ac
BUGFIX Fixed Group->Members() overloaded relation getter to avoid filtering on zero-value foreign keys, producing empty rather than inherited results (important for the GridField used in Group->getCMSFields())
2012-03-06 15:50:07 +01:00
Ingo Schommer
18932b5be5
MINOR Enforcing SecurityAdmin::$hidden_permissions, refactoring error
2012-03-06 01:23:35 +01:00
Ingo Schommer
1201f6c8bb
BUGFIX Saving records in ListboxField->saveInto() and PermissionCheckboxSetField->saveInto() so we have a database ID to relate to (was previously customised in MemberTableField->saveComplexTableField(), which is now deprecated)
2012-03-06 01:23:34 +01:00
Ingo Schommer
bb6d4c506e
BUGFIX Fixed HasManyList and ManyManyList queries for relationships on new records (was returning all available records due to the SQL filtering ignoring ID=0)
2012-03-06 01:23:34 +01:00
Hamish Friedlander
374ed19406
API CHANGE: Change variable expose method in TemplateGlobalProvider and TemplateIteratorProvider to (a) not clash with each other and, (b) be less generic
2012-03-06 09:31:57 +13:00
Hamish Friedlander
fb246bdd08
APICHANGE: Rename getExposedVariables to match coding conventions
2012-03-06 09:31:56 +13:00
Hamish Friedlander
927dbbe717
API-CHANGE: Global template variables can now be called directly using SSViewer_DataPresenter instead of needing to inherit off ViewableData
2012-03-06 09:11:46 +13:00
Ingo Schommer
6f71186e2c
ENHANCEMENT Replaced SecurityAdmin tree view for groups with three top-level tabs: "Users", "Groups" and "Roles"
2012-03-05 18:31:52 +01:00
Ingo Schommer
f9f659672a
MINOR Re-instating Member_Validator in SecurityAdmin->RootForm() and Groups->getCMSFields() with new GridField implementation
2012-03-05 17:41:50 +01:00
Ingo Schommer
2abb021efb
BUGFIX Restored old permission code model, broken due to new controller structure. Introduced LeftAndMain::$required_permission_codes as a way to control permissions independently of subclasses, and "cluster" multiple classes under a single code.
2012-03-05 17:41:49 +01:00
Ingo Schommer
ad5cf1ebf1
ENHANCEMENT Using ListboxField/chosen.js to assign roles in Group->getCMSFields(). Improved explanation of groups in the user interface.
2012-03-05 17:41:47 +01:00
Ingo Schommer
0762be9927
ENHANCEMENT Renamed GridFieldConfig_ManyManyEditor to GridFieldConfig_RelationEditor, to be more in line with underlying component naming, and more accurate (as it allows editing has_many relations as well). Removed $fieldToSearch argument from its constructor to keep config API consistent, should use getComponentByType() for configuration. Added GridFieldConfig_RecordEditor
2012-03-05 12:26:02 +01:00
Ingo Schommer
e8ad2c2173
MINOR Using ListboxField instead of CheckboxSetField in Member->getCMSFields() for group assignment
2012-03-05 10:55:32 +01:00
Sam Minnee
adfdd068e2
Merge branch 'ereg-to-preg' of https://github.com/AngryPHPNerd/sapphire
...
Conflicts:
model/fieldtypes/Date.php
2012-03-05 13:54:20 +13:00
Ingo Schommer
46628721fe
ENHANCEMENT Using chosen.js for group selection in Member->getCMSFields()
2012-03-02 20:46:22 +01:00
Normann Lou
45927b98c4
ENHANCEMENT SSF-53: add customised class to Member's GridField in SecurityAdmin
2012-03-02 16:28:47 +13:00
Normann Lou
5548c66a49
ENHANCEMENT SSF-53 reordering the components that added to group GridField in CMS so that it appears same as the landing view of SecurityAdmin
2012-03-02 16:03:23 +13:00
Ingo Schommer
c4e04899b6
MINOR Added GridFieldTitle to Group->getCMSFields() to allow addition of new records (currently that button is hardcoded in the title component)
2012-03-02 00:29:09 +01:00
Ingo Schommer
424da6abe1
API CHANGE Moved NZGovtPasswordValidator to new 'securityextras' module
2012-03-02 00:28:22 +01:00
Ingo Schommer
0ab43cdcb8
API CHANGE Moved "IP Address restrictions for groups" feature to a new "ipaddress-restriction" module (SSF-53)
2012-03-01 21:36:01 +01:00
Ingo Schommer
4bd5333b56
MINOR Editing and relation adding on SecurityAdmin groups (both root and group instances) (SSF-53)
2012-03-01 21:35:48 +01:00
Ingo Schommer
bcc73de85e
Merge branch '106-add-edit-records-rc'
...
Conflicts:
admin/code/LeftAndMain.php
admin/css/screen.css
admin/scss/_style.scss
admin/templates/Includes/LeftAndMain_EditForm.ss
css/GridField.css
filesystem/Folder.php
forms/gridfield/GridField.php
forms/gridfield/GridFieldDefaultColumns.php
forms/gridfield/GridFieldPopupForms.php
2012-02-27 23:58:10 +01:00
Ingo Schommer
8ff8d32764
MINOR Adding GridFieldPopupForms to default GridFieldConfig_ManyManyEditor settings
2012-02-27 23:52:49 +01:00
Ingo Schommer
ba0d1c60cb
MINOR Don't require controller on instanciation of GridFieldPopupForms, as it can't be reliably determined e.g. during a getCMSFields() call. Should use existing FormField/Form API to retrieve controller when its required.
...
MINOR Renamed GridFieldPopupForms->popupFormName to $name to make it clearer that its the component name (which is optional now).
2012-02-27 23:52:48 +01:00
AngryPHPNerd
0e2cbb0b88
Replace ereg with preg_*
2012-02-27 22:14:02 +01:00
Ingo Schommer
abfa16fa70
ENHANCEMENT Using native jQuery UI buttons and icon styling for a less coupled implementation (e.g. assuming that a "constructive" button always has a specific icon, or one at all). All CMS UI buttons switched to use <button> markup, which allows for inline icons and correctly aligned multi-line button labels.
2012-02-17 15:58:32 +01:00
Ingo Schommer
5911abc0f6
API CHANGE Removed prototype.js style $() alias usage for document.getElementById() to avoid confusion with the more common jQuery() alias.
...
API CHANGE Removed several unsed JavaScript globals: sprintf(), Number.prototype.CURRENCIES, Number.prototype.toCurrency(), String.prototype.ucfirst(), jQuery.fn.clearFields(), jQuery.fn.clearInputs()
MINOR Removed prototype_improvements.js and jquery_improvements.js files, now contained in individual component code (or removed altogether)
2012-02-16 12:27:47 +01:00
Fred Condo
d370423825
Clean up trailing ?> per coding standard
...
All sapphire but the lang directory
2012-02-12 12:40:16 -08:00
Stig Lindqvist
6f2e8893a5
MINOR Groups in SecurityAdmin was not using Autosuggestion field for adding members to group.
2012-01-24 19:16:23 +01:00
Sam Minnee
2d898cab63
API CHANGE: Added GridFieldExporter, a GridField component that adds export functionality, and added it to the security admin.
2012-01-30 19:49:10 +13:00
Russell Michell
0090009703
BUGFIX: Added default args to GridFieldPopupForms for AssetAdmin which was casing errors
...
BUGFIX: Added GridFieldFilter() to new GridFieldConfig whuch adds filters and fixes the display
MINOR: Added gridfield specific margins to form div to push GridField display down-page (due to GF's sort-fields which will be refactored from new designs)
2012-01-30 09:26:39 +13:00