Commit Graph

245 Commits

Author SHA1 Message Date
Ingo Schommer
3a11c690ed MINOR Updated security documentation (phpdoc and markdown) around new DataList and SQLQuery APIs, additional automatic escaping on some stricter inputs like column names 2012-05-16 11:59:22 +02:00
Ingo Schommer
9326d9e60e BUGFIX Fixing SQLQuery->getFilter() usage of non-existent method (removed during refactoring of pull request), more accurate deprecation notice 2012-05-15 21:29:43 +02:00
Sean Harvey
b1104dac25 BUGFIX Don't try lazy loading fields when the record ID is set to something non-numeric, otherwise you'll get a SQL error. 2012-05-15 17:18:50 +12:00
Sean Harvey
a53cca8932 MINOR Renaming getFieldSet with getFieldList in FormScaffolder 2012-05-14 15:03:22 +12:00
Sean Harvey
0fe0d87d9f Merge pull request #434 from halkyon/using_non_deprecated_template_controls
Replacing use of deprecated <% control %> with <% with %> or <% loop %> as necessary
2012-05-11 15:08:16 -07:00
Ingo Schommer
13c9011082 Merge pull request #430 from halkyon/getallfields_fixes
MINOR Fixing use of deprecated getAllFields(), mark field as deprecated ...
2012-05-11 01:04:38 -07:00
Sean Harvey
6f672e5f36 MINOR Fixing use of <% control %> with <% with %> or <% loop %> as necessary. 2012-05-11 13:49:20 +12:00
Sean Harvey
46f51d5653 MINOR Fixing deprecated use of SQLQuery 2012-05-11 11:39:06 +12:00
Sean Harvey
1859070fa9 MINOR Fixing use of deprecated getAllFields(), mark field as deprecated properly. 2012-05-11 11:23:24 +12:00
Sean Harvey
56e75b4486 MINOR Revert changes for 5.4 2012-05-10 14:11:33 +12:00
Sean Harvey
f30a3bd760 BUGFIX Database::doesSchemaNeedUpdating() if schemaUpdateTransaction is NULL, then return FALSE. If schemaUpdateTransaction is an array, then return TRUE. This replaces the automatic casting which is not clear. 2012-05-10 13:58:29 +12:00
Ingo Schommer
8281678d4c BUGFIX Urlencode paths in URLSegmentFilter when $allowMultibyte=true to avoid creating invalid URLs (and breaking assumptions based on ascii-only URLs, such as static publishing filename creation) 2012-05-08 15:32:15 +02:00
Ingo Schommer
59d31c2fc2 MINOR Removed mbstring support checks, its an installation requirement 2012-05-08 15:32:15 +02:00
Sean Harvey
7c272d3139 MINOR SQLQuery doc cleanup 2012-05-07 17:11:10 +12:00
Sean Harvey
3bc1da0543 MINOR Tidy up of SQLQuery constructor docs and default args, limit is
stored internally as an array, not a string.
2012-05-07 17:07:30 +12:00
Sean Harvey
bb9ffd2eb1 ENHANCEMENT SQLQuery::selectField() returns a SQLQuery object to be
consistent with how the other add/set methods work.
MINOR Fixing DbDatetimeTest to use the correct selectField to select an
alias
2012-05-07 16:59:42 +12:00
Sean Harvey
e50f90bf8e BUGFIX Ensure end bracket for HAVING clause is put in the right place 2012-05-07 16:36:05 +12:00
Sean Harvey
051d9de482 API CHANGE Deprecated internal access to SQLQuery properties, update core code to reflect these changes.
Using set/add instead in accessor methods, and use Database::sql*ToString() to allow easier per-database adapter SQL overloading.
2012-05-07 14:21:44 +12:00
Ingo Schommer
68051fdb96 Merge pull request #371 from halkyon/sapphire
---

Dont start the session until its actually necessary, which is to say there is a cookie available with the current PHP session name (or a request variable with the session_name() - typically PHPSESSID.) The latter allows for passing session ID through as an alternative to cookies.
2012-05-03 14:58:09 +02:00
Sean Harvey
37369abf1d BUGFIX Fixing SortColumn alias to be recognised by MSSQL/PGSQL 2012-05-03 12:02:21 +12:00
Sean Harvey
151abde17d Merge pull request #388 from chillu/trac/7170-i18n-sprintf-injections
#7170 i18n sprintf injections
2012-05-02 16:18:30 -07:00
Sam Minnée
a004acfb59 Merge pull request #381 from AngryPHPNerd/patch-2
MINOR: Colliding field check runs twice
2012-05-02 14:14:40 -07:00
Ingo Schommer
7b18d9d0da MINOR Switching _t() calls from sprintf() to using injection parameters (#7170) 2012-05-01 22:17:00 +02:00
Ingo Schommer
2288d80c30 Merge pull request #387 from sminnee/sapphire
---

The primary goal of this branch was to fix the sort bugs in AssetAdmin, however, it started a bit of a yak shave in that the API around SQLQuery was poor.  The biggest change that this pull request makes is it changes the format of SQLQuery::$select to contain aliases as array keys (and consistently puts the "implicit alias" in there to assist with various query generation logic), but it also makes a bunch of changes to avoid direct access of that property.
2012-05-01 17:57:03 +02:00
Sam Minnee
2207e3d978 API CHANGE: Add SQLQuery::prepareSelect(), to further remove the need for direct property access.
API CHANGE: Change the format of SQLQuery::$select to use aliases as keys.
2012-05-01 18:15:11 +12:00
Sam Minnee
a8e8a6060a BUGFIX: Fixed errors caused by complex raw SQL sort() calls. (#7236) 2012-05-01 18:15:08 +12:00
Sam Minnee
5abf8cf0f3 BUGFIX: Don't select *any* column() in DataQuery::initialiseQuery(); leave that until finaliseQuery(). It shouldn't be necessary and just risks field collisions. 2012-05-01 17:57:44 +12:00
Sam Minnee
8661164c19 API CHANGE: Add SQLQuery::clearSelect(), SQLQuery::selectField() and SQLQuery::itemisedSelect() to make it easier for other subsystems to use SQLQuery without resorting to direct property access.
API CHANGE: Remove DataQuery::select() in place of DataQuery::selectField().
BUGFIX: Remove direct property access to SQLQuery::$select
2012-05-01 17:57:39 +12:00
Sean Harvey
0882741f54 API CHANGE Renamed setModel for DataModel instances to setDataModel for
semantics, and also to allow a field name called "Model"
2012-05-01 14:45:44 +12:00
Sean Harvey
c84254c5b1 API CHANGE Rename SQLQuery prepareSelect to prepareWhere 2012-05-01 12:04:11 +12:00
Dominik Beerbohm
fdd5e71ba9 ENHANCEMENT: Remove unnecessary NULL check. 2012-04-30 13:44:31 +03:00
Robert Curry
ff6909df97 ENHANCEMENT: Add lazy loading to DataQuery. 2012-04-30 16:12:15 +12:00
Sean Harvey
80575a0e5e MINOR Re-adding getFilter as a deprecated method instead of removing it 2012-04-27 16:56:07 +12:00
Sean Harvey
f63d137d49 ENHANCEMENT Session::start() now only called when there is changed
session data to be saved, and started on Director::direct() when there
is a cookie (or request var) containing the current PHP session name.
2012-04-27 16:28:46 +12:00
Will Rossiter
9938b64cf6 FEATURE: implement SS_Sortable->reverse()
API CHANGE: SQLQuery:: now an array object rather than string. Existing strings will continue to work
2012-04-27 15:54:14 +12:00
Mateusz Uzdowski
6469d83569 API CHANGE: add a remote relation class getter to DataObject 2012-04-23 15:01:55 +12:00
Sean Harvey
1683299d81 MINOR Ignore any values that come through as arrays in DataObject::cache_composite_fields() 2012-04-20 15:25:52 +12:00
Sam Minnee
8e48e6e231 API CHANGE: Allow <classname>::get(), eg, Member::get()->byID(5) 2012-04-20 14:58:24 +12:00
Will Rossiter
585417d141 Merge pull request #343 from halkyon/object_static_remove_deprecation
BUGFIX Remove calls to deprecated Object static methods, update ConfigTest
2012-04-19 14:41:45 -07:00
Ingo Schommer
a1327faae4 Merge pull request #344 from halkyon/remove_deprecated_extrastatics_usage
ENHANCEMENT Remove use of deprecated extraStatics in core files
2012-04-18 15:42:51 -07:00
Sean Harvey
4cf8db3ee4 ENHANCEMENT Remove use of deprecated extraStatics in core files 2012-04-19 08:37:51 +12:00
Ingo Schommer
7f62ad0f3e Merge branch 'master' into 7094-combine-tree-edit-view 2012-04-18 14:19:55 +02:00
Sean Harvey
4c6be2931b BUGFIX Removing use of deprecated Object static functions like
get_static(), set_static(), uninherited() etc. Replace with equivalent
Config system get(), update()
2012-04-18 23:10:57 +12:00
Sean Harvey
7d84aff01e Merge pull request #339 from ajoneil/remove-pre-53-support
Remove pre 5.3 support
2012-04-17 16:19:23 -07:00
Andrew O'Neil
fb3b03f38b MINOR: Remove support for PHP <5.3.2 2012-04-18 11:01:03 +12:00
Mateusz Uzdowski
be97535b1e ENHANCEMENT: add an infinite-loop check as validation in Hierarchy (os4399)
Check only when the parent has changed - hierarchy traversal is
expensive operation, so we do it only when it is needed.
2012-04-18 10:50:35 +12:00
Mateusz Uzdowski
42e6ae2cdf APICHANGE: add validation extension hook to DataExtension 2012-04-18 09:25:48 +12:00
Ingo Schommer
761bae3418 ENHANCEMENT Support for anonymous functions instead of eval() in Hierarchy->getSiteTreeAsUL() 2012-04-17 22:29:38 +02:00
Mateusz Uzdowski
59663f9289 BUGFIX: fix up some E_STRICT errors 2012-04-17 11:51:55 +12:00
Ingo Schommer
d44f6b3e1f MINOR Removed deprecated usage of $priority argument in _t() calls 2012-04-15 17:17:17 +02:00