Commit Graph

11205 Commits

Author SHA1 Message Date
Ingo Schommer
3e88c98ca5 API Restrict MemberLoginForm to POST requests for increased security
CVE-2013-2653 - Thanks to Fara Rustein of Deloitte Argentina for reporting.
2013-05-08 10:25:28 +02:00
Ingo Schommer
14c59be85e API Form::setStrictFormMethodCheck() and strict argument to setFormMethod()
Thanks to @sminnee for getting this started
2013-05-08 10:25:13 +02:00
Josua2012
59be4a3be0 Allow custom ChangePasswordForm form
With this modification we can use Object::useCustomClass() to create a
custom ChangePasswordForm form:
Object::useCustomClass('ChangePasswordForm',
'CustomChangePasswordForm');
2013-05-08 09:39:39 +02:00
Josua2012
e3b6feba2a Sometimes $parent->parentNode is null and fails. 2013-05-08 09:39:35 +02:00
Loz Calver
429ac17a0f NEW Allow setting of ASSETS_DIR in _ss_environment.php 2013-05-07 10:06:34 +02:00
Ingo Schommer
1a52a51195 DataObject->duplicate() test
Advanced relationship copying is already tested further down,
but doesn't cover the same basics. Triggered by a CMS bug
which turned out to be unrelated (https://github.com/silverstripe/silverstripe-cms/issues/689)
2013-05-07 10:06:15 +02:00
Sean Harvey
677122256e Merge pull request #1837 from simonwelsh/short-array-parse
FIX Handle PHP 5.4's short array notation everywhere arrays are parsed.
2013-05-06 20:32:51 -07:00
Simon Welsh
7b997a698d Merge pull request #1840 from halkyon/archive_versions_table_without_versions
BUG Fixing queries on non-existent table breaking archive site
2013-05-06 18:01:20 -07:00
Sean Harvey
f1a4e7203e BUG Fixing queries on non-existent table breaking archive site
With a many to many relation, e.g. SiteTree_MyRelation, and listing
them in your template then adding ?archiveDate=x in the URL, a SQL
error is shown because Versioned::augmentSQL() tries to query the
non-existent table "SiteTree_MyRelation_versions" assuming there's
versioning setup, but there isn't.
2013-05-07 12:34:46 +12:00
Simon Welsh
8930304dfc Only set GridField state in request if a value is submitted 2013-05-07 08:15:27 +12:00
Sam Minnee
b5a83878dd Added docs for i81n.moduole_priority. 2013-05-06 12:51:46 +12:00
Hamish Friedlander
efea4dbe94 NEW Allow specifying priority for translations
Priority for translations was hardcoded, and hardcoded the project name as "mysite".

This takes the order from a configuration property "module_prority". You can
use standard config fragment before and after rules to make a module less or
more important than anything else, with these tweaks:

 - Unless it has it's order explicitly defined, the "project" module (normally mysite)
   will be considered highest priority

 - There is an "other_modules" value in the order list which will be replaced by
   all the modules (except the project module) that don't have their order
   explicitly defined.
2013-05-06 12:51:46 +12:00
Simon Welsh
835aefbe83 FIX Handle PHP 5.4's short array notation everywhere arrays are parsed. 2013-05-05 13:27:42 +12:00
Will Rossiter
fe2663a140 Merge pull request #1836 from simonwelsh/remove-dup
Remove duplicate parse_class_spec method.
2013-05-04 17:38:07 -07:00
Simon Welsh
cb0977ce9f Remove duplicate parse_class_spec method. 2013-05-05 11:43:56 +12:00
Sean Harvey
7fbb9e3a96 Merge pull request #1826 from uniun/patch-2
The MAX_FILE_SIZE field must precede the file input field.
2013-05-02 14:05:32 -07:00
uniun
c48eca1615 The MAX_FILE_SIZE field must precede the file input field.
More here: http://php.net/manual/en/features.file-upload.post-method.php
2013-05-02 11:15:55 +03:00
Will Rossiter
131e21d777 Merge pull request #1823 from tractorcow/3.1-htmltext-testcase
Updated HTMLTextTest to test for correct testFirstSentence
2013-04-30 22:46:45 -07:00
Damian Mooyman
4d5bd451bb Updated HTMLTextTest to test for correct testFirstSentence, specifically a past failing test case. fixes #1422 2013-05-01 16:03:58 +12:00
Ingo Schommer
284245c3de Merge pull request #1818 from PutmanMedia/pulls/themed-main-templates
FIX Template discovery on themed Layout templates
2013-04-30 06:42:25 -07:00
Ingo Schommer
5efae23cb2 FIX Template discovery on themed Layout templates
Was failing when 'main' template only exists in theme,
but 'Layout' template only exists in module.
2013-04-30 15:41:26 +02:00
Ingo Schommer
cef955c8b9 Removed stray ampersand in Requirements (fixes #1809)
Only happens with suffix_requirements=true
2013-04-30 00:35:25 +02:00
Ingo Schommer
caaf5a2d78 Fixed BBCodeParser config API usage 2013-04-29 23:31:23 +02:00
Will Rossiter
36855b89e0 Merge pull request #1810 from uniun/fix-col-buttons
FIX: Column with buttons in GridField is too wide
2013-04-29 01:20:57 -07:00
Ingo Schommer
5ca9db5e5e Limit HtmlEditorField HTMLText casting note to existing fields
This prevents it from failing for proxied values
like BlogEntryForm, where the field name doesn't exist,
and rather gets processed and saved into a different field.
2013-04-29 09:32:05 +02:00
Will Morgan
8f6451612b Use correct config variable name in encrypt_password
Use correct config variable name in encrypt_password
Fixes https://github.com/silverstripe/sapphire/issues/1709
2013-04-28 09:58:42 +12:00
Elvinas
084341cc04 FIX: Column with buttons in GridField is too wide
Tested on FF18, IE9-IE10, C26 and O12.15 on Windows8.
2013-04-27 10:48:38 +03:00
Ingo Schommer
9b99eb9339 Merge pull request #1804 from chillu/pulls/shortcode-quoting
FIX Unquoted shortcodes weren't parsed (fixes #680)
2013-04-25 16:33:56 -07:00
Ingo Schommer
0e5b099287 FIX Unquoted shortcodes weren't parsed (fixes #680)
Since that used to be the default shortcode notation
for our core "insert media" functionality, its important
to have this fixed and keep supporting "legacy" content
created with 3.0.
2013-04-26 01:00:13 +02:00
Will Rossiter
a6b0807b9f Merge pull request #1800 from willmorgan/patch-1
Define ConfirmedPassword::$children as a public variable
2013-04-24 16:18:44 -07:00
Ingo Schommer
1b4d7fae24 Merge pull request #1801 from willmorgan/patch-2
Fixing typo on Validator exception message
2013-04-24 14:14:17 -07:00
Will Morgan
9732a7fb3b Fixing typo on Validator exception message 2013-04-24 18:50:40 +02:00
Will Morgan
676aa8de05 Defining $children as a public variable
Defining $children as a public variable (it was previously defined on-the-fly)
2013-04-24 16:25:13 +02:00
Ingo Schommer
59dbdcfc55 Merge pull request #1793 from Zauberfisch/3.1
API: made more robust SSTemplateParser->includeDebuggingComments()
2013-04-22 12:20:08 -07:00
Zauberfisch
809e0e547a MINOR: updated and extended Tests 2013-04-22 18:17:31 +00:00
Zauberfisch
034f575003 MINOR: if no doctyle is set, include comments inside <html>
MINOR: if <html> tag is inside a html comment do not add a comment
2013-04-22 18:16:09 +00:00
Zauberfisch
94b37f9c85 MINOR: moved includeDebuggingComments logic into own method to allow separated tests 2013-04-22 14:12:43 +00:00
Zauberfisch
7c66e8e7a2 API: try to place source_file_comments after doctype instead of html 2013-04-22 13:53:20 +00:00
Ingo Schommer
faa3e58468 Allow SS_DATABASE_NAME in _ss_environment.php configuration
Makes setups which are completely driven by that file a bit easier
to automate, particularly if the same codebase is deployed
multiple times (e.g. to a staging and live instance)
2013-04-22 14:11:37 +02:00
Sean Harvey
8278181b92 Merge branch '3.0' into 3.1 2013-04-22 17:14:45 +12:00
Ingo Schommer
53e3e6d2b4 Merge pull request #1781 from jedateach/csvloader-duplicatecheck-fix
FIX: CSVBulkLoader duplicate check can now check more than one field
2013-04-21 12:45:06 -07:00
Jeremy Shipman
c4eac5310e FIX: Instead of CsvBulkLoader->findExistingRecord out right failing (i.e. no duplicate found) when the duplicate check field is empty, it will now continue on to check other duplicateCheck fields.
Added extra testing data to CSVBulkLoaderTest so that it fails.
2013-04-19 16:52:39 +12:00
Che Van Lawrence
d07fb4355d Merge pull request #1770 from kinglozzer/config-dir-detection-fix
FIX: _config/ directories are now correctly detected as modules (fixes #1762)
2013-04-18 14:48:55 -07:00
Sean Harvey
6e0fa5db45 Merge pull request #1768 from tractorcow/3.1-http-mail-fixes
BUG HTTP incorrectly converts mailto links to absolute urls
2013-04-18 14:46:10 -07:00
Ingo Schommer
6e3a150424 3.1.0-beta3 changelog 2013-04-18 19:28:13 +02:00
Ingo Schommer
d877c1063d Updated changelog, moved "statics in Page.php" to top
Its going to be a fatal error on every upgrade unless tended to,
so we need to ensure people don't overlook it in the guide.
2013-04-18 18:28:09 +02:00
Ingo Schommer
7f6671628d "UploadFieldFileButtons" casting (regression from casting changes)
Caused the UploadField rows to show "[Object object]" because
it tried to pass through a PHP object to JS without string casting
(the return used to be a string).
2013-04-18 17:09:56 +02:00
Loz Calver
0384369acb FIX: _config/ directories are now correctly detected as modules (fixes #1762)
DO NOT MERGE: to be reviewed. Only i18n & Deprecation classes use
->getModules() as far as I can see. Given that the method still simply
returns an array of modulename => modulepath, I don't think it's really
an API change
2013-04-18 14:08:03 +01:00
Will Rossiter
e13ce9b98f Merge pull request #1774 from SticksTucker/patch-1
Include AllPages() form method to $allowed_actions
2013-04-17 22:17:30 -07:00
SticksTucker
8033955d35 Include AllPages() form method to $allowed_actions 2013-04-18 13:22:42 +10:00