silverstripe-framework

mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00

Author	SHA1	Message	Date
Ingo Schommer	e4ca24c7e2	BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-11-06 02:23:30 +00:00
Ingo Schommer	e675381cd4	ENHANCEMENT Pluggable password encryption through PasswordEncryptor class (#3665 ) BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004) API CHANGE Deprecated Security::encrypt_passwords() API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation API CHANGE Removed Security::get_encryption_algorithms() API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90949 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-11-06 02:23:21 +00:00
Ingo Schommer	7dc1d607de	MINOR Moved Security::encryptallpasswords() to EncryptAllPasswordsTask git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90948 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-11-06 02:23:13 +00:00
Tom Rix	8216448da3	MINOR run checks before running hasMethod, as an extension does not neccessairily have that method. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90691 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-11-03 02:33:53 +00:00
Tom Rix	a1fdff6910	MINOR update PermissionCheckboxSetField to look at roles on the actual group git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90677 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-11-03 01:00:54 +00:00
Sam Minnee	57924a2c95	BUGFIX: Fixed glitch in permission code formats. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90550 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-31 00:58:16 +00:00
Tom Rix	33489cdc7f	MINOR i18n'd a whole bunch of the new permission codes git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90493 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-30 01:43:34 +00:00
Tom Rix	3dfa7a2103	MINOR fixed ambiguous column git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90481 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-30 00:23:02 +00:00
Tom Rix	26ee7ade66	MINOR implement OnlyAdminCanApply git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90457 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-29 22:07:44 +00:00
Tom Rix	8096f91ae1	MINOR remove duplicate header git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90397 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-29 02:56:18 +00:00
Tom Rix	9c5dae4dff	MINOR shuffled permissions around, gave them help text and categorized them. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90371 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-29 00:55:20 +00:00
Tom Rix	643be30e67	MINOR permissions on Groups and Roles are now handled by a checkbox set field git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90342 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-28 23:03:35 +00:00
Sam Minnee	994e93f790	API CHANGE: replaced Database::USE_ANSI_SQL with DB::USE_ANSI_SQL API CHANGE: replaced Database::alteration_message() with DB::alteration_message() git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90097 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-26 22:03:29 +00:00
Andrew Short	79773042be	API CHANGE: Renamed conflicting classes to have an "SS_" namespace, and renamed existing "SS" namespace to "SS_". The affected classes are: HTTPRequest, HTTPResponse, Query, Database, SSBacktrace, SSCli, SSDatetime, SSDatetimeTest, SSLog, SSLogTest, SSLogEmailWriter, SSLogErrorEmailFormatter, SSLogErrorFileFormatter, SSLogFileWriter and SSZendLog. MINOR: Replaced usage of renamed classes with the new namespaced name. From: Andrew Short <andrewjshort@gmail.com> git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90075 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-26 03:06:31 +00:00
Andrew O'Neil	813760108c	BUGFIX: Security::$default_login_dest isn't used (#4179 , simon_w) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90023 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-23 00:18:10 +00:00
Sean Harvey	8bd78f77d8	MINOR Supress session warnings in session_regenerate_id() for a win32 environment (from r81984) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89712 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-21 02:21:05 +00:00
Sam Minnee	3da29fb08d	MINOR show the permission/role inheritance chain on a group (from r89024) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89212 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-15 22:40:52 +00:00
Sam Minnee	88d5843cab	FEATURE: Add a simple interface for administrating permission roles. (from r85297) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89189 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-15 22:28:11 +00:00
Sam Minnee	dd8120aed7	API CHANGE: Added PermissionRole and PermissionRoleCode, along with relevant tests for the permission system. (from r85173) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89187 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-15 22:27:56 +00:00
Sam Minnee	0c41f681b8	MINOR create the ability to have some roles only be able to be applied by admins (from r88090) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89180 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-15 22:23:39 +00:00
Sam Minnee	7e54fc1fc2	BUGFIX: Fix error when adding roles tab (from r86997) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89172 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-15 22:13:19 +00:00
Sam Minnee	7dd6d10cde	MINOR added more documentation around SiteConfig. Also wrote unit tests for permissions inheritance off it. (from r86132) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89164 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-15 21:53:15 +00:00
Sam Minnee	9642c7171c	ENHANCEMENT: Added Member::set_login_marker_cookie(), to let developers bypass static caching for logged-in users (from r73803) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88635 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-10-12 03:27:41 +00:00
Sean Harvey	8b6772fff0	Merged in Member::sendInfo() bug fixes from branches/2.3 - r85779 git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86679 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-09-18 03:07:15 +00:00
Ingo Schommer	e9df16ba5a	MINOR Formatting and documentation in Permission git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86084 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-09-10 07:01:52 +00:00
Ingo Schommer	2700d73e97	ENHANCEMENT Limiting "alc_enc" cookie (remember login token) to httpOnly to reduce risk of information exposure through XSS git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86027 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-09-10 03:23:31 +00:00
Ingo Schommer	d386db0bc3	ENHANCEMENT Avoid information disclosure in Security/lostpassword form by returning the same message regardless wether a matching email address was found in the database. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86021 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-09-10 03:01:46 +00:00
Ingo Schommer	ed5475bbae	ENHANCEMENT Added Member->FailedLoginCount property to allow Member->registerFailedLogin() to persist across sessions by writing them to the database, and be less vulnerable to brute force attacks. This means failed logins will persist longer than before, but are still reset after a valid login. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86017 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-09-10 02:42:26 +00:00
Ingo Schommer	6b6c2a8bfa	API CHANGE Removed Permission->listcodes(), use custom code git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86006 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-09-10 01:54:15 +00:00
Will Rossiter	ebce107d07	MINOR: added check for exec() and fixed the path for the wordlist file. Ticket #4428 git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@85701 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-09-03 23:36:45 +00:00
Normann Lou	02f4ff232f	ENHANCMENT: get svn merged revision 84806:84808 from branches/iss git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84814 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-08-19 05:47:02 +00:00
Sam Minnee	cd3db788a9	BUGFIX: Performance improvement to Member::currentUserID() git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84167 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-08-11 09:16:34 +00:00
Andrew O'Neil	66543e6002	NOTFORMERGE: Merged 84085 from 2.3 git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84089 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-08-10 04:32:39 +00:00
Sam Minnee	7d49e1adbf	BUGFIX: Fixed some bugs in the performance fixes on Permission git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84066 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-08-08 03:40:24 +00:00
Sam Minnee	fdc6574064	ENHANCEMENT: Performance enhnacement to Permission::check(), to grab all the permission codes from the DB at once. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@83436 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-07-31 05:36:50 +00:00
Sam Minnee	6a52153b9f	BUGFIX #4285 : Fixed application of decorators when add_extension not used. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@81676 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-07-13 03:56:26 +00:00
Sam Minnee	d38c79f584	ENHANCEMENT: If you are logged in and Security::permissionFailure() is called, just return a 403 git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@81430 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-07-09 03:20:32 +00:00
Sam Minnee	7f5838ce3d	BUGFIX: MemberAuthenticator::authenticate() returns a member object or false, in keeping with the current docs. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@80250 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-06-28 02:48:33 +00:00
Sam Minnee	e0fbc7ac83	BUGFIX: Added explicit DataObjectDecorator::load_extra_statics() calls as a workaround for issues with extensions defined directly in-object. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@79720 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-06-22 02:42:42 +00:00
Sam Minnee	20cbabfcb5	BUGFIX #3750 bgribaudo: Always render the security login form in the $Form template variable. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@79565 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-06-18 08:22:27 +00:00
Sam Minnee	b2460de140	ENHANCEMENT: Removed circular references from extensions to improve garbage collection. API CHANGE: The result of any extension returned by Object::extInstance() should have setOwner() called on it before calling a method, and clearOwner() after. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@78414 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-06-04 06:48:44 +00:00
Tom Rix	4b78089e6a	BUGFIX make collateFamilyIDs work with SQLSRV git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@78244 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-06-02 04:31:35 +00:00
Ingo Schommer	dfa44c055c	API CHANGE Changing DataObject::$changed to private visiblity. Please use getChangedFields() and isChanged() ENHANCEMENT Added DataObject->isChanged() to detect if a field has been changed in this object instance MINOR Changing call to CompositeDBField->compositeDatabaseFields() in DataObject->hasOwnDatabaseField() BUGFIX Unsettig "Version" property in DataObject->getChangedField() to allow versioned to write a new version after a call to forceChange() BUGFIX Introduced $markChanged in Money class BUGFIX Casting Money->__toString() return value as string MINOR Changing Member class to use new DataObject->isChanged() API BUGFIX Using new $markChanged API for CompositeDBFields in DBField::create() git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@77893 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-05-27 00:09:23 +00:00
Sean Harvey	230a70b0b7	API CHANGE Removed @deprecated 2.3 function isInGroup() from Member git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@77342 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-05-20 04:54:00 +00:00
Sean Harvey	a5e82ddff1	Merged from branches/2.3 git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75590 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-04-29 01:20:24 +00:00
Sean Harvey	13b358a8dd	Merged from branches/2.3 git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75582 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-04-29 00:07:39 +00:00
Normann Lou	9a5928438a	ENHANCEMENT: Member::getTitle() return more flexible title in case of Surname or/and FirstName missing. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@74665 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-04-17 06:00:32 +00:00
Geoff Munn	d8f8184986	API CHANGE: autologinhash index removed due to conflicts with nulls in MSSQL git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73816 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-03-30 03:04:37 +00:00
Sean Harvey	06cf80edb9	BUGFIX Undefined function "use_error" - should've been "user_error" (Merged from r69938) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73657 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-03-25 22:30:29 +00:00
Ingo Schommer	b12a00c391	MINOR phpdoc documentation git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73509 467b73ca-7a2a-4603-9d3b-597d59a354a9	2009-03-22 22:59:14 +00:00

1 2 3 4 5 ...

342 Commits