Damian Mooyman
6ba00e829a
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt
2017-11-30 15:53:50 +13:00
Loz Calver
b31b22ac8e
Merge pull request #7635 from dhensby/pulls/3.5/update-pwd-encryption-on-change
...
FIX Update meber passwordencryption to default on password change
2017-11-27 09:05:43 +00:00
Damian Mooyman
bac5f4c8aa
Merge branch '3.5' into pulls/3.5/update-pwd-encryption-on-change
2017-11-27 14:42:32 +13:00
Daniel Hensby
f31caaa429
Merge pull request #7640 from kinglozzer/travis-firefox
...
Specify Firefox 31 for Travis Behat builds
2017-11-24 21:53:35 +00:00
Loz Calver
7b719d7b9d
Specify Firefox 31 for Travis Behat builds
2017-11-24 21:16:36 +00:00
Loz Calver
6ab9dba9c8
Merge pull request #7639 from dhensby/pulls/3.5/phpunit-warnings
...
Fix deprecated usage of getMock in unit tests
2017-11-24 15:16:26 +00:00
Daniel Hensby
09a003bc13
Fix deprecated usage of getMock in unit tests
2017-11-24 14:48:30 +00:00
Daniel Hensby
2ad3cc07d5
FIX Update meber passwordencryption to default on password change
2017-11-23 21:17:31 +00:00
Daniel Hensby
79bba8bfd1
Merge pull request #7632 from open-sausages/pulls/3.5/fix-director-cli-redirect
...
BUG Don't redirect in force_redirect() in CLI
2017-11-23 12:49:32 +00:00
Damian Mooyman
1053de7ec3
BUG Don't redirect in force_redirect() in CLI
...
Replaces #4025
2017-11-23 14:26:55 +13:00
Loz Calver
a7dfda2a85
Merge pull request #7628 from dhensby/pulls/3.5/travis-retry
...
Travis retry on imagick install
2017-11-22 17:04:01 +00:00
Daniel Hensby
a63bb12d92
Travis retry on imagick install
2017-11-22 13:25:26 +00:00
Daniel Hensby
2e76936878
Merge pull request #7345 from schellmax/patch-2
...
TreeDropdownField: replace onadd by onmatch
2017-11-22 12:37:11 +00:00
Daniel Hensby
0f2049d4d4
[SS-2017-008] Fix SQL injection in search engine
2017-11-21 14:45:36 +00:00
Damian Mooyman
a73f75ccc5
Merge pull request #7613 from dhensby/pulls/3.5/phpunit-loosen-constraint
...
Loosen PHPUnit constraints
2017-11-20 13:58:20 +13:00
Daniel Hensby
36bb28a41d
Loosen PHPUnit constraints
2017-11-17 11:48:24 +00:00
Loz Calver
13b02feed7
Merge pull request #7602 from dhensby/pulls/3.5/fix-filter-any-inner-join
...
FIX ManyMany link table joined with LEFT JOIN
2017-11-16 13:48:07 +00:00
Daniel Hensby
c96ed89cbe
Merge pull request #7607 from patricknelson/issue-7606-svg-image-tags
...
FIX: Prevent crash when saving page with <img> that has an SVG source.
2017-11-16 12:12:49 +00:00
Daniel Hensby
ce3fd370fb
FIX ManyMany link table joined with LEFT JOIN
2017-11-16 12:11:16 +00:00
Daniel Hensby
29e57d8015
Merge pull request #7608 from bummzack/patch-1
...
Fix HTTP::get_mime_type with uppercase filenames.
2017-11-16 11:48:11 +00:00
Daniel Hensby
4f3deb13e0
TEST filterAny on many_many relations return correct items
2017-11-16 11:10:12 +00:00
Patrick Nelson
52f0eadd3b
FIX for #7606 : Ensure the object we're handling is actually an Image instance before calling methods specific to that class (e.g. in case of using SVG's in <img> tag which may be File instances).
2017-11-16 11:08:06 +00:00
Daniel Hensby
3d3096485b
TEST Uppercase file extensions return correct mime type
2017-11-16 11:01:25 +00:00
Roman Schmid
dda14e8959
Fix HTTP::get_mime_type with uppercase filenames.
...
The fallback of `HTTP::get_mime_type` (that uses a lookup instead of `finfo`) doesn't ensure the extension is converted to lowercase before the lookup. A file named `Image.JPG` will return `'application/unknown'`.
This change fixes this issue.
2017-11-16 10:56:34 +00:00
Damian Mooyman
ef86b16854
Merge pull request #7514 from dhensby/pulls/3.5/composer-autoload
...
Add composer autloading to v3
2017-11-02 11:41:35 +13:00
Chris Joe
a3351589e6
Merge pull request #7118 from phptek/issue/7116
...
FIX: Fixes #7116 Improves server requirements docs viz: OpCaches.
2017-10-26 11:05:47 +13:00
Russell Michell
00f1ad5d69
FIX: Fixes #7116 Improves server requirements docs viz: OpCaches.
2017-10-26 09:22:07 +13:00
Daniel Hensby
cbac375590
FIX Helpful warning when phpunit bootstrap appears misconfigured
2017-10-25 17:48:35 +01:00
Daniel Hensby
32cef975ef
FIX Use self::inst() for Injector/Config nest methods
2017-10-25 17:48:35 +01:00
Daniel Hensby
8aad080516
Add composer autoloading support to 3.x
2017-10-25 17:48:34 +01:00
Damian Mooyman
59cc45565b
Merge pull request #7503 from andrewandante/patch-4
...
Spelling in DataQueryTest
2017-10-24 12:04:41 +13:00
Andrew Aitken-Fincham
c4a50a3d10
Spelling in DataQueryTest
2017-10-20 12:00:35 +01:00
Damian Mooyman
2b09216b0c
Merge pull request #7270 from robbieaverill/pulls/3.6/fix-trailing-period-on-duplicate-folder-name
...
FIX Files without extensions (folders) do not have a trailing period added
2017-10-18 10:26:05 +13:00
Robbie Averill
2f579b64cb
FIX Files without extensions (folders) do not have a trailing period added
2017-10-18 09:25:27 +13:00
Damian Mooyman
7f5ca56e36
Merge pull request #7455 from dhensby/pulls/fix-circular-ref-issue
...
FIX Dont use var_export for cache key generation
2017-10-10 10:16:16 +13:00
Daniel Hensby
264cec1239
FIX Dont use var_export for cache key generation as it fails on circular references
2017-10-09 10:13:39 +01:00
Daniel Hensby
f745442a55
Merge tag '3.5.5' into 3.5
...
Release 3.5.5
2017-09-28 17:16:31 +01:00
Daniel Hensby
393d1a9be6
Added 3.5.5 changelog
2017-09-28 15:37:07 +00:00
Daniel Hensby
6e78b9f8d2
Merge pull request #7406 from NightJar/patch-2
...
Fix ArrayList sort error with old (supported) PHP
PHP 5.3 at least (the reported and tested against version) requires arguments to `call_user_func_array` to be passed by reference. There exists a note as a comment in the code, but was unfortunately overlooked in a previous commit to fix case sensitive sorting 4998b80#diff-6ba746c3d31fd6b4c4a99d7efe35eb21L442
To solve this issue we simply first assign the constant to a variable, so we can then pass that by reference. This has no functional impact, however fixes an issue for users locked in to old PHP versions which we still list as supported (https://docs.silverstripe.org/en/3/getting_started/server_requirements/#web-server-software-requirements ).
2017-09-28 15:46:38 +01:00
Dylan Wagstaff
ebe1de8d8b
Fix ArrayList sort error with old (supported) PHP
...
PHP 5.3 at least (the reported and tested against version) requires arguments to `call_user_func_array` to be passed by reference. There exists a note as a comment in the code, but was unfortunately overlooked in a previous commit to fix case sensitive sorting 4998b80445 (diff-6ba746c3d31fd6b4c4a99d7efe35eb21L442)
To solve this issue we simply first assign the constant to a variable, so we can then pass that by reference. This has no functional impact, however fixes an issue for users locked in to old PHP versions which we still list as supported (https://docs.silverstripe.org/en/3/getting_started/server_requirements/#web-server-software-requirements ).
2017-09-28 15:29:54 +01:00
Daniel Hensby
1209b2ae13
Added 3.5.5-beta2 changelog
2017-09-20 13:41:04 +00:00
Daniel Hensby
72702dbd50
Merge pull request #43 from silverstripe-security/pulls/3.5/member-enumeration-timing-attack
...
[SS-2017-005] User enumeration via timing attack mitigated
2017-09-20 11:39:39 +01:00
Daniel Hensby
6b198336a8
Merge pull request #44 from silverstripe-security/patch/3.5/authenticator-fix
...
FIX Authenticators are more resilient to incomplete configuration
2017-09-20 11:38:38 +01:00
Daniel Hensby
f0262a8fd9
[SS-2017-005] User enumeration via timing attack mitigated
2017-09-20 11:33:22 +01:00
Daniel Hensby
1f256cf2d2
Added 3.5.5-beta1 changelog
2017-09-19 15:25:41 +00:00
Matthias Schelling
eacfe280c1
TreeDropdownField: replace onadd by onmatch
...
Makes TreeDropdownField work in situations where it's moved around in the DOM (e.g. when inside a drag'n'drop container)
2017-09-15 12:02:18 +01:00
Daniel Hensby
091d99f599
FIX Authenticators are more resilient to incomplete configuration
2017-09-12 15:57:03 +01:00
Damian Mooyman
c0003bca3d
Merge pull request #7319 from open-sausages/pulls/3.5/no-combining-requirements
...
Fix add combinedFiles to clear logic - ss3
2017-08-29 13:47:52 +12:00
Christopher Joe
7b200a2a64
Fix add combinedFiles to clear logic
2017-08-29 12:57:41 +12:00
Daniel Hensby
9d2503c3da
Merge pull request #7274 from PapaBearNZ/patch-1
...
Fix Truncate Error Issue when using views in a Unittest.
2017-08-25 11:51:36 +01:00