Commit Graph

2274 Commits

Author SHA1 Message Date
Hamish Friedlander
d38bd7d5cb Merge branch 'origin/3.0' into 3.1 2013-07-19 14:18:49 +12:00
Hamish Friedlander
1298d4a5bd FIX Prevent DOS by checking for env and admin on ?flush=1 (#1692) 2013-07-19 12:24:32 +12:00
Ingo Schommer
920edf88e7 Test allowedExtensions in UploadField, return correct HTTP status 2013-07-12 13:16:34 +02:00
Ingo Schommer
b58e2dbe3a Member.lock_out_delay_mins configurable, password security docs 2013-07-11 09:47:28 +02:00
Daniel Hensby
378d829e8f Adding test to prove issue with HTTP Header parsing in RestfulService
I have a header like:
X-BB-Auth: xxxx

and it is being given back to me as X-Bb-Auth - i want to prove the issue and the fix
2013-07-10 12:47:13 +01:00
Cam Spiers
b44641336b FIX ConfigManifest regenerating every request if variantKeySpec is an empty array() 2013-07-10 11:53:44 +12:00
Cam Spiers
2d30592f72 Improve memory performance when generating config static and class caches 2013-07-08 21:24:14 +12:00
Jeremy Thomerson
f6ff39369f FEATURE: <% include %> inherits iterator scope of parent template 2013-07-07 12:39:42 +00:00
Sam Minnée
0173707cd1 Merge pull request #2164 from tractorcow/3.1-datetimefield-fixes
BUG Fixed DateTimeField where time value was being parsed incorrectly.
2013-07-06 19:03:33 -07:00
Sam Minnée
ecf8f273c0 Merge pull request #2201 from hafriedlander/fix/session
Fixes to session, primarily around cookie_secure
2013-07-06 18:59:07 -07:00
Hamish Friedlander
2886f6ee14 FIX Session was started every time, even if no data set
Session tracks the user agent in the session, to add some detection of
stolen session IDs. However this was causing a session to always be
created, even if this request didnt store any data in the session.
2013-07-07 09:12:10 +12:00
Cam Spiers
0aeb2293bb Allow module directories to be named with more valid characters ensuring that module names in fragment meta-data are correct.
Unit tests for ConfigManifest reference path parsing
2013-07-06 14:16:59 +12:00
Simon Welsh
ff45f7ce4d DataListTest should not rely on order of values when not explictly sorting 2013-07-05 11:45:34 +12:00
Ingo Schommer
c3e9e44204 Merge pull request #2197 from hafriedlander/fix/dbapichange
FIX Recent patch to DataObject#db changed API which broke core
2013-07-04 15:20:52 -07:00
Simon Welsh
d844c74e3c Merge branch '3.0' into 3.1
Conflicts:
	.travis.yml
	control/HTTP.php
	email/Mailer.php
	tests/control/HTTPTest.php
2013-07-05 10:17:14 +12:00
Hamish Friedlander
ca63e33c19 FIX Recent patch to DataObject#db changed API which broke core 2013-07-05 10:11:35 +12:00
Damian Mooyman
11f4b2c620 API HTTP::urlRewriter with (string)$code deprecated in 3.1. Fixed regressions and CSS urls.
urlRewriter will expect a callable as a second parameter,
but will work with the current api and simply raise a deprecation error.

HTTP::absoluteURLs now correctly rewrites urls into absolute urls. Resolves introduced in c56a80d6ce

HTTP::absoluteURLs now handles additional cases where urls were not translated.

Test cases for HTTP::absoluteURLs added for both css and attribute links.

Cleaned up replacement expression and improved documentation.
2013-07-05 09:08:58 +12:00
Ingo Schommer
067a94bd93 Postgres compat in MemberCsvBulkLoaderTest and GroupTest 2013-07-04 22:46:23 +02:00
Ingo Schommer
cf20923fd6 Postgres compat in SQLQueryTest 2013-07-04 22:28:13 +02:00
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Jeremy Thomerson
50e9eee2e9 FIX #2174: SearchFilter needs casting helper for DataObject base fields
Commit 964b3f2 fixed an issue where dbObject was returning casting helpers for
fields that were not actually DB objects, but had something in $casting config.

However, because dbObject was no longer calling DataObject->castingHelper, this
exposed a bug that the underlying function db($fieldName) was not returning
field specs for the base fields that are created by SS automatically on all
DataObjects (i.e. Created, LastEdited, etc).

This commit fixes the underlying issue that DataObject->db($fieldName) should
return the field specs for *all* DB fields like its documentation says it will,
including those base fields that are automatically created and do not appear in
$db.
2013-07-03 03:03:40 +00:00
Ingo Schommer
429bbc5223 Merge pull request #2137 from jthomerson/pulls/fix_viewable_data_wrapped_value
FIX: ViewableData wasn't setting values when using default cast
2013-07-02 00:40:56 -07:00
Mateusz Uzdowski
21844a8a07 Merge branch 'pr/2173' into 3.1 2013-07-02 15:52:31 +12:00
Mateusz Uzdowski
f9ede95e5b Add configuration system tests for Only and Except combinations. 2013-07-02 15:51:53 +12:00
Hamish Friedlander
5484283a25 FIX changing environment in config.php changes matched yaml rules 2013-07-02 13:21:27 +12:00
Hamish Friedlander
e74c002647 FIX Only and Except rules in Configs not working 2013-07-01 15:47:37 +12:00
Daniel Hensby
9a40b16496 Adding tests to FormField and Form for extra classes
Added tests that were missing from `Form` and ones for my new logic
2013-06-29 13:35:34 +01:00
Ingo Schommer
a6c3d1e269 Flag "insert image" behat test as @assets
Required in order to run them remotely, which currently
doesn't support file upload through Selenium
2013-06-28 12:21:00 +02:00
Damian Mooyman
feb03f5443 BUG Fixed issue where time value was being parsed incorrectly in some locales 2013-06-28 16:45:33 +12:00
Simon Welsh
aecda4882b Merge pull request #2150 from hafriedlander/fix/templatevars-v2
FIX Arguments to method calls reseting scope
2013-06-25 21:59:14 -07:00
Simon Welsh
e55be50783 FIX: ConfigStaticManifest not handling multipart namespaces
Fixes #2126
2013-06-26 16:01:55 +12:00
Hamish Friedlander
ae3e3f3b44 FIX Arguments to method calls reseting scope 2013-06-25 17:35:16 +12:00
Simon Welsh
1edf45fbed Merge pull request #2130 from chillu/pulls/allowed_actions-deny
API Enforce $allowed_actions in RequestHandler->checkAccessAction()
2013-06-24 12:41:15 -07:00
Ingo Schommer
2f9eaeea41 Merge pull request #2021 from jthomerson/fix_if_link_not_working
FIX: <% if Link %> wasn't working
2013-06-24 06:16:21 -07:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Jeremy Thomerson
e6bfabfd6c TEST: additional test for ViewableData not wrapping cached strings 2013-06-21 16:20:00 +00:00
CheeseSucker
761eec7736 Unit test for bugfix in ViewableData::obj(). 2013-06-21 16:17:22 +00:00
Hamish Friedlander
328467f1b5 FIX: ConfirmedPasswordField used to expose existing hash 2013-06-20 14:09:30 +12:00
Ingo Schommer
2160fb8000 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.js
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
	tests/control/ControllerTest.php
2013-06-19 14:03:43 +02:00
Sam Minnee
526b40414a FIX: Ensure that actions inferred from templates with the "_action" suffix also respect allowed_actions.
FIX: Ensure SSViewer::hasTemplate() is aware of themes.

To do this, RequestHandler::definingClassForAction() has been created, splitting out the code that looks up the class that defines a given action into its own method.  This is then overridden in Controller to look at templates.
2013-06-19 20:11:50 +12:00
Ingo Schommer
1d402dd513 Unset test state in DirectorTest
This broke RSSFeedTest when running through 'sake'
2013-06-18 23:24:22 +02:00
Jeremy Thomerson
964b3f2d48 FIX: <% if Link %> wasn't working
Since ViewableData was returning a casting helper for Link, but DataObject was
only using $this->$fieldname to set values on that casting helper, you could
not use <% if Link %> (or <% if $Link %>) in your templates because Link is not
a field, and thus had no value to be set on the casting helper, causing
hasValue to think that there was no value.  Since DataObject->dbObject says that
"it only matches fields and not methods", it seems safe to have it call db(..)
to get the field spec, and not call ViewableData->castingHelper at all.
2013-06-15 13:44:03 +00:00
Will Rossiter
9775204436 FIX Allow filtering on joined columns 2013-06-15 12:06:24 +12:00
Will Rossiter
0129e185b8 Coding conventions, PHPDoc cleanup 2013-06-15 12:06:24 +12:00
Damian Mooyman
be986c6524 API Allow $summary_fields to support methods on DBFields 2013-06-13 09:41:24 +12:00
Ingo Schommer
71a5615213 Test $allowed_actions on controllers with template name=action conventions 2013-06-10 12:33:30 +02:00
Stig Lindqvist
dbc2b62c69 Merge pull request #2054 from chillu/pulls/dataobject-duplicate-hasone
BUG Correct relation saving in DataObject->duplicateRelations()
2013-06-07 22:54:36 -07:00
Mike Parkhill
574c11a834 Behat: "Insert image from web" feature
Partially fixes https://github.com/silverstripe/silverstripe-cms/issues/628
Modified a bit by Ingo :)
2013-06-07 16:10:21 +02:00
Ingo Schommer
fd6060e7be Behat: More robust "field should contain" logic 2013-06-07 16:02:29 +02:00
Ingo Schommer
924664527b Less assumptions in "HTML field contains" step
Not using the loose idea of a "field name" in the NamedSelector
sense of the word as "field with id exists".
2013-06-07 15:46:05 +02:00
Ingo Schommer
7dfe5ccbd2 Limit "should see a button" to actually visible elements 2013-06-07 15:45:15 +02:00
Stig Lindqvist
17bca1db86 Behat: Adding context for 'Given I should not see a "xxx" button' 2013-06-07 12:06:01 +02:00
Ingo Schommer
ff5624c57e BUG Fixed dropdown step definition for "preview" dropdowns
Broke after I optimized it to work with a TreeDropdownField
which assumes <li><a> structures that thie "preview" dropdowns
don't have. I also failed at the recursion assignment, causing
infinite loops...
2013-06-07 11:45:09 +02:00
Ingo Schommer
23e51b871b BUG Accept $limit=0 in SQLQuery->setLimit()
SQLQuery->setLimit(0, 99) should result in "SELECT ... LIMIT 0 OFFSET 1".
In fact it does "SELECT ..." without a LIMIT clause at all,
which is unexpected. This is regardless of the $offset value.
2013-06-06 15:27:14 +02:00
Ingo Schommer
4603378e00 Behat: Fixed step notation 2013-06-06 15:26:50 +02:00
Ingo Schommer
7791f20f49 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
2013-06-05 15:17:06 +02:00
Ingo Schommer
d3a4161a94 Behat: Backport improved dropdown step handler 2013-06-05 14:59:01 +02:00
Ingo Schommer
1d01347fd3 Behat: Use explicit fixtures 2013-06-05 14:32:42 +02:00
Ingo Schommer
f8b1c08c67 Behat: Copy fixture identifier to "Name" or "Title" by default
This makes fixture setup less verbose, particularly for behat
tests (e.g. with "Given a page 'About Us'")
2013-06-05 14:32:42 +02:00
Ingo Schommer
bb92e494d7 Behat fixture refactoring (shared factory instance) 2013-06-05 14:32:42 +02:00
Ingo Schommer
a9ed6b34cb Behat: Support for TreeDropdownField 2013-06-05 14:32:42 +02:00
Ingo Schommer
a39adb46db Behat: New fixture notation in "manage files" tests 2013-06-05 14:32:41 +02:00
Ingo Schommer
f61ab7305d BUG Correct relation saving in DataObject->duplicateRelations()
This caused problems when duplicate() was used in the CMS UI
to duplicate a SiteTree object. Since every object of this type
has a ParentID relation, it copied this empty relation into
new "ghost page".

See https://github.com/silverstripe/silverstripe-cms/issues/689
2013-06-03 15:57:20 +02:00
Ingo Schommer
f5f2864024 Merge pull request #2046 from wilr/leftandmain_requirements
FIX LeftAndMain::extra_requirements to accept non associative arrays.
2013-06-02 14:35:40 -07:00
Ingo Schommer
a3c406e4d2 NEW Merge i18nTextCollector with existing (fixes #1838)
This is a necessity for any further 3.1 pushes of master files to getlocalization.
Because we'd otherwise remove existing master strings for CTF etc,
which means we can no longer backport new translations to 3.0
(and there's no way for users to contribute translations to 3.0 via getlocalization).

It's still a very monolithic class, but at least I've refactored it to return
all collected strings without writing it to files (for easier testing).
2013-06-02 20:17:28 +02:00
Will Rossiter
db85f3ca16 FIX extra_requirements to accept non associative arrays.
Added unit tests for extra_requirements_js and extra_requirements_css.

Fixed YAML documentation to indicate list syntax.
2013-06-02 13:37:34 +12:00
Sean Harvey
f5b6c55245 Updating FileTest to use the correct shortcode format with commas 2013-06-01 11:25:10 +12:00
Loz Calver
4a158454d6 FIX: Convert newlines to <br /> tags in string fields (fixes #1942) 2013-05-30 09:26:58 +01:00
Damian Mooyman
163917b83e Fixed scrutiniser issues 2013-05-27 15:42:10 +12:00
Damian Mooyman
7f057ce343 API UploadField functions on new records
Fixed regression from 1e5d40474d (UploadField::canPreviewFolder).
Merged in pull request #2009 - (6018bdd631).
Merged pull request #1259 (34bfc862ee).
2013-05-27 15:22:59 +12:00
Stephen Shkardoon
d6c2c2e07f Fixes #1892 - Stop session hijacking with UA check 2013-05-25 19:29:08 +12:00
Simon Erkelens
513270ca48 API: Allow array of fields passed to FieldList::removeByName()
Supports passing an array to removeByName(), which is iterate and then removed. Useful for removing fields from a fieldlist that are not on a tab. Similar to removeFieldsFromTab();
This is cleaner than a new function.
2013-05-25 15:31:30 +12:00
Sam Minnée
c26ddee191 Merge pull request #1861 from raket/dataobject-update-orphan
Fix: Orphaned records when running DataObject::update
2013-05-24 19:48:48 -07:00
Sam Minnee
738581f0f5 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	.travis.yml
2013-05-23 18:59:34 +12:00
Simon Welsh
b9d5f27194 Add code-sniffs other than line length to scrutinizer 2013-05-23 10:39:01 +12:00
Will Rossiter
5ec4f3146f Merge pull request #1869 from wilr/open6236
FIX: Remove version field from default scaffolded CMS fields.
2013-05-21 03:50:55 -07:00
Will Rossiter
f6cd582dd9 FIX: Remove version field from default scaffolded CMS fields. 2013-05-21 22:47:54 +12:00
Sean Harvey
13e632d053 Merge pull request #1867 from tractorcow/3.1-urlsegmentfilter-fixes
BUG Fixes issue with "+" characters in url.
2013-05-20 00:36:18 -07:00
Jeremy Shipman
d21fd1f0bb FIX: Don't rewrite urls to be absolute, if they are a URI with a protocol.
This is determined in this fix by the existence of a colon ':', to show the uri has a protocol.
2013-05-20 11:59:04 +12:00
Ingo Schommer
8bf2f16c75 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	README.md
2013-05-17 13:50:40 +02:00
Damian Mooyman
6e0e3564e1 NEW Added beforeExtending, afterExtending, and beforeUpdateCMSFields to allow user code better control over interaction with extending methods 2013-05-16 10:34:45 +12:00
Sam Minnee
b401d39aec NEW: Move temp data into a user-specific subfolder, to stop temp-permission bugs from occurring.
Anyone who has run "sudo -u www-data ./framework/sake dev/build" knows that SilverStripe's temp
folder permissions can be very brittle.  This patch resolves this by making the temp folder
user-specific.

To minimise directory pollution it first creates a chmod 777 parent folder with the same name
as the current folder.  It then creates a subfolder of this with the same name as the current
user.

The positive impact of this change is that sake can be used without fear of messing up file
permissions.  This means, among other things, that we can put a Composer post-update-cmd into
the installer to run dev/build.  Progress!

The negative impact is that you will get two caches if you run sake as a different user.  However,
that is much better than the current situation - which is a bunch of bugs - and if you're concerned
about that, you still have the option of running sake as www-data.
2013-05-15 12:54:55 +02:00
Ingo Schommer
7bf790a5fa Merge pull request #1875 from wilr/open6473
FIX: If CSV column mapping maps to function, keep key values
2013-05-14 04:02:01 -07:00
Will Rossiter
c8af0fd7d1 FIX: If CSV column mapping maps to function, keep key value as key.
Fixes http://open.silverstripe.org/ticket/6473

When using CSVParser::$columnMapping to map columns to a callback action, it previously used the action name as the key value. This prevented users from defining multiple entries to the same callback. This patch retains those key values and simply runs the callback field name filter later on.
2013-05-14 22:00:52 +12:00
Sean Harvey
bb6283740a Fixing broken CoreTest when using silverstripe-cache for temp folder 2013-05-13 23:39:52 +12:00
Ingo Schommer
8c02f10c03 Merge pull request #1874 from wilr/open6210
API: Add sync_blacklisted_patterns for configuring files to skip in sync()
2013-05-12 15:15:23 -07:00
Will Rossiter
a99dbae012 FIX: NumericField should work with numbers like 54,6
Fixes http://open.silverstripe.org/ticket/5577.

Uses Zend_Locale_Format::isNumber(). Includes unit test for NumericField. Does not include testing work on DBField underlying NumericField to ensure that works consistently.
2013-05-11 22:51:39 +12:00
Will Rossiter
1a36bb628e API: Add sync_blacklisted_patterns for configuring files to skip in sync tasks
Fixes http://open.silverstripe.org/ticket/6210.

Replaces the hardcoded file patterns from Folder::syncChildren() with a new static Filesystem::$sync_blacklisted_patterns to describe files and folder names to skip when running Folder::sync().

Added unit test for Folder::sync()

Extended Folder::sync() to report on the number of file / folders skipped.
2013-05-11 16:06:14 +12:00
Ingo Schommer
d6733caf14 Merge pull request #1870 from wilr/is_https
API: Add Director::is_https()
2013-05-10 05:28:00 -07:00
Will Rossiter
42cf2a95bd FIX: Add support for multi dimensional source arrays in LookupField (open/6132) 2013-05-11 00:01:39 +12:00
Will Rossiter
718108969b API: Add ArrayLib::flatten($array, $preserveKeys) 2013-05-11 00:00:31 +12:00
Will Rossiter
1325d736a0 API: Add Director::is_https() 2013-05-10 22:31:38 +12:00
Damian Mooyman
de41a2a75e BUG Fixes issue with '+' characters in url. 2013-05-10 16:16:31 +12:00
Jeremy Shipman
d47b202697 Restored c4eac5310e (merge error)
FIX: Instead of CsvBulkLoader->findExistingRecord out right failing (i.e. no duplicate found) when the duplicate check field is empty, it will now continue on to check other duplicateCheck fields.
Added extra testing data to CSVBulkLoaderTest so that it fails.
2013-05-09 23:06:02 +02:00
Ingo Schommer
3b02d22989 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	dev/CsvBulkLoader.php
2013-05-09 10:34:20 +02:00
Sam Minnée
9672a22166 Merge pull request #1851 from chillu/pulls/form-strict-method-check
Form strict method check
2013-05-08 22:31:40 -07:00
Marcus Dalgren
7f871fa18b Fix orphaned records when running update
When DataObject::update() is run with relation fields and the relationship
is new the relationship ID was not set on the DataObject. This patch fixes
this. Fixes issue 6195 in open.silverstripe.org.
2013-05-09 03:53:53 +02:00
Ingo Schommer
5d9cbae949 Merge pull request #1819 from oddnoc/csvbulkloader-findexisting-3.1
Use the correct variable as the key into $record
2013-05-08 04:23:05 -07:00
Ingo Schommer
14c59be85e API Form::setStrictFormMethodCheck() and strict argument to setFormMethod()
Thanks to @sminnee for getting this started
2013-05-08 10:25:13 +02:00
Ingo Schommer
1a52a51195 DataObject->duplicate() test
Advanced relationship copying is already tested further down,
but doesn't cover the same basics. Triggered by a CMS bug
which turned out to be unrelated (https://github.com/silverstripe/silverstripe-cms/issues/689)
2013-05-07 10:06:15 +02:00
Sean Harvey
677122256e Merge pull request #1837 from simonwelsh/short-array-parse
FIX Handle PHP 5.4's short array notation everywhere arrays are parsed.
2013-05-06 20:32:51 -07:00
Sean Harvey
f1a4e7203e BUG Fixing queries on non-existent table breaking archive site
With a many to many relation, e.g. SiteTree_MyRelation, and listing
them in your template then adding ?archiveDate=x in the URL, a SQL
error is shown because Versioned::augmentSQL() tries to query the
non-existent table "SiteTree_MyRelation_versions" assuming there's
versioning setup, but there isn't.
2013-05-07 12:34:46 +12:00
Simon Welsh
835aefbe83 FIX Handle PHP 5.4's short array notation everywhere arrays are parsed. 2013-05-05 13:27:42 +12:00
Simon Welsh
cb0977ce9f Remove duplicate parse_class_spec method. 2013-05-05 11:43:56 +12:00
Fred Condo
bd5c8520bb FIX: Use the correct variable as the key into $record
It was using $fieldName, which is the CSV field name, not the database
field name. This prevents duplicate detection from working. It now
properly uses $SQL_fieldName.

Update CsvBulkLoaderTest to remove keys that are nonexistent in the CSV
test data. Having them causes the test to fail with an undefined-index
error. This did not previously fail because of the bug in CsvBulkLoader
that this patch fixes. This partially reverts c4eac53.
2013-05-01 06:50:40 -07:00
Damian Mooyman
4d5bd451bb Updated HTMLTextTest to test for correct testFirstSentence, specifically a past failing test case. fixes #1422 2013-05-01 16:03:58 +12:00
Ingo Schommer
5efae23cb2 FIX Template discovery on themed Layout templates
Was failing when 'main' template only exists in theme,
but 'Layout' template only exists in module.
2013-04-30 15:41:26 +02:00
Ingo Schommer
cef955c8b9 Removed stray ampersand in Requirements (fixes #1809)
Only happens with suffix_requirements=true
2013-04-30 00:35:25 +02:00
Ingo Schommer
0e5b099287 FIX Unquoted shortcodes weren't parsed (fixes #680)
Since that used to be the default shortcode notation
for our core "insert media" functionality, its important
to have this fixed and keep supporting "legacy" content
created with 3.0.
2013-04-26 01:00:13 +02:00
Zauberfisch
809e0e547a MINOR: updated and extended Tests 2013-04-22 18:17:31 +00:00
Sam Minnee
9ba26a04c4 Added test for lazy-loading edge-case in Money field. 2013-04-22 11:50:57 +12:00
Jeremy Shipman
c4eac5310e FIX: Instead of CsvBulkLoader->findExistingRecord out right failing (i.e. no duplicate found) when the duplicate check field is empty, it will now continue on to check other duplicateCheck fields.
Added extra testing data to CSVBulkLoaderTest so that it fails.
2013-04-19 16:52:39 +12:00
Che Van Lawrence
d07fb4355d Merge pull request #1770 from kinglozzer/config-dir-detection-fix
FIX: _config/ directories are now correctly detected as modules (fixes #1762)
2013-04-18 14:48:55 -07:00
Sean Harvey
6e0fa5db45 Merge pull request #1768 from tractorcow/3.1-http-mail-fixes
BUG HTTP incorrectly converts mailto links to absolute urls
2013-04-18 14:46:10 -07:00
Loz Calver
0384369acb FIX: _config/ directories are now correctly detected as modules (fixes #1762)
DO NOT MERGE: to be reviewed. Only i18n & Deprecation classes use
->getModules() as far as I can see. Given that the method still simply
returns an array of modulename => modulepath, I don't think it's really
an API change
2013-04-18 14:08:03 +01:00
Damian Mooyman
b6fc1d314e BUG HTTP will now correctly pass over mailto: links when converting relative links to absolute (e.g. in Emails) 2013-04-18 14:25:51 +12:00
Simon Welsh
93a8e6f16e Merge pull request #1773 from silverstripe-rebelalliance/fix/htmlvalue_attr_escaping
FIX We still need XML escaping on href attributes in HTML4Value
2013-04-17 15:05:33 -07:00
Hamish Friedlander
8d26bdbd2e FIX We still need XML escaping on href attributes in HTML4Value 2013-04-18 09:13:24 +12:00
s-m
acf2ff8ce6 BUG: Fix for #1487
The parser could sometimes generate invalid code if the
source-file-comments were enabled, this moves the comments outside the
html-tag to circumvent these problems, update test as well.
2013-04-15 19:54:41 +02:00
Hamish Friedlander
c02d7e4c2e Merge pull request #1750 from s-m/1660-elseif-parsing
BUG: Allow empty else- and else_if-blocks
2013-04-14 14:56:45 -07:00
Ingo Schommer
59dc0085d8 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	docs/en/reference/urlvariabletools.md
	tests/forms/CheckboxFieldTest.php
2013-04-12 01:13:32 +02:00
Ingo Schommer
933fbf8ea4 l10n key to make "yes" and "no" translatable (see #1749) 2013-04-12 01:11:24 +02:00
s-m
29e6bd513c BUG: Allow empty else- and else_if-blocks
This fix allows empty else and else-if blocks to be processed, fixes #1660
2013-04-10 16:17:44 +02:00
Ingo Schommer
9856fcef21 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	javascript/DateField.js
	model/DataQuery.php
	model/Versioned.php
	tests/forms/RequirementsTest.php
	tests/model/DataObjectLazyLoadingTest.php
	view/Requirements.php
2013-04-09 14:45:35 +02:00
Ingo Schommer
ba7dfcfd54 Added iShouldSeeAButton assertion 2013-04-09 09:39:06 +02:00
Sam Minnée
a6929f11b2 Merge pull request #1185 from chillu/pulls/augment-lazy-versioned
Versioned lazy loading fixes (backport from 3.1)
2013-04-08 16:04:50 -07:00
Ingo Schommer
01f46d039f NEW Enforce max node counts to avoid excessive resource usage
Rendering potentially 1000s of nodes can exceed the CPU and memory constraints
of a normal PHP process, as well as the rendering capabilities of browsers.
Set a hard maximum for the renderable nodes, deferring to a "show as list" action
in the main CMS tree. For TreeDropdownField, we don't have the list fallback option,
so ask the user to search for the node title instead.

Also makes both the "node_threshold_total" and "node_threshold_leaf" values configurable
2013-04-09 10:24:18 +12:00
Sam Minnée
88d77db9e0 Merge pull request #1318 from tractorcow/3.1-api-image-resampling-compatible
API Better detection and prevention of image resampling
2013-04-08 15:18:55 -07:00
s-m
6a95db0eff API: Support inequalities in templates
This adds support for <, <=, >, >= in templates
2013-04-08 17:07:39 +02:00
Ingo Schommer
5c82efd61d Merge pull request #1729 from ajshort/no-rule-match-404
API: Return a 404 error when no director rule is matched
2013-04-06 03:09:48 -07:00
Andrew Short
1fc780ce2b API: Return a 404 error when no director rule is matched 2013-04-06 18:19:03 +11:00
Will Rossiter
1427a0637b FIX: remove_extension should work on parameterized extensions 2013-04-06 19:29:03 +13:00
Ingo Schommer
0242686a7a Requirements acces to files with query strings (fixes #7735)
Originally authored by florian.thoma, tests added
by Ingo Schommer. Also removed query params from
file paths before calling mtime() on it.

See https://github.com/silverstripe/sapphire/pull/1023
2013-04-03 16:39:59 +02:00
Andrew Short
ceb7e3c8a8 Merge pull request #1352 from chillu/pulls/postgres-fixes
Postgres fixes
2013-04-03 03:50:08 -07:00
Ingo Schommer
2bc273e2a8 Consistently quote DataObject::$default_sort
Strictly speaking, no longer required since we auto-quote simple
field names in DataQuery now, but since the majority of sorts in core is
already quoted we should stay consistent.
2013-04-03 12:11:53 +02:00
Ingo Schommer
e9d55fcaf9 Correctly quote SQL in SQLQueryTest (fixes Postgresql) 2013-04-03 12:11:52 +02:00
Ingo Schommer
2da1de07da Merge pull request #1359 from halkyon/forcessl_alternate_base_url
NEW Allow specifying an alternate domain to Director::forceSSL()
2013-04-03 01:58:28 -07:00
Ingo Schommer
b9f628146a Fixed query quoting in SQLQueryTest 2013-04-03 10:48:55 +02:00
Sean Harvey
6eda25a090 NEW Allow specifying the secure domain to Director::forceSSL() 2013-04-03 17:47:36 +13:00
Ingo Schommer
ebca1a64ed Merge pull request #1299 from silverstripe/user-specific-temp-folder
NEW: Move temp data into a user-specific subfolder, to stop temp-permission bugs from occurring.
2013-04-02 02:44:53 -07:00
Andrew Short
5ec85d06f6 API: Don't allow dots in URL segments 2013-03-30 19:47:17 +11:00
Ingo Schommer
4da85dc734 Simplified travis builds (external setup scripts) 2013-03-28 22:39:37 +01:00
Ingo Schommer
31f5e00a56 Simplified travis builds (external setup scripts) 2013-03-28 22:24:03 +01:00
Ingo Schommer
e97c034922 API i18n::$common_languages and i18n::$common_locales converted to Config API
They are now accessed via the Config API, and contain associative rather than indexed arrays.
Before: `array('de_DE' => array('German', 'Deutsch'))`, after: `array('de_DE' => array('name' => 'German', 'native' => 'Deutsch'))`.

Also fixed a i18n.js_i18n config accessor
2013-03-27 20:42:46 +01:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Ingo Schommer
bb52f2a214 FIX Allow FALSE in Config API, call remove() will NULL key on update() 2013-03-24 17:20:36 +01:00
Sam Minnee
5779097939 NEW: Move temp data into a user-specific subfolder, to stop temp-permission bugs from occurring.
Anyone who has run "sudo -u www-data ./framework/sake dev/build" knows that SilverStripe's temp
folder permissions can be very brittle.  This patch resolves this by making the temp folder
user-specific.

To minimise directory pollution it first creates a chmod 777 parent folder with the same name
as the current folder.  It then creates a subfolder of this with the same name as the current
user.

The positive impact of this change is that sake can be used without fear of messing up file
permissions.  This means, among other things, that we can put a Composer post-update-cmd into
the installer to run dev/build.  Progress!

The negative impact is that you will get two caches if you run sake as a different user.  However,
that is much better than the current situation - which is a bunch of bugs - and if you're concerned
about that, you still have the option of running sake as www-data.
2013-03-24 18:39:50 +13:00
Ingo Schommer
bfab74ac6e Merge pull request #1321 from silverstripe-rebelalliance/feature/config
FIX ConfigStaticManifest persisting access level after parsing a static
2013-03-22 02:25:54 -07:00
Sean Harvey
9f35b13b48 Merge pull request #1322 from ajshort/pulls/class-spec-parsing
FIX Incorrect parsing of T_STRING values in class spec parsing
2013-03-21 21:20:35 -07:00
Andrew Short
d3e4863f52 FIX Incorrect parsing of T_STRING values in class spec parsing
* Due to missing break, the T_STRING case would fall through to array.
* The values were being added to the wrong variable.
* Added missing support for missing null values.
2013-03-22 14:37:55 +11:00
Hamish Friedlander
47edbfe8fc FIX ConfigStaticManifest persisting access level after parsing a static 2013-03-22 14:26:48 +13:00
Damian Mooyman
dd6aaaf484 ENHANCEMENT Additional image generation functions now self-determine if a modification to the underlying image backend is necessary before generating additional image files. 2013-03-21 12:15:28 +13:00
Ingo Schommer
61dbafc4e5 Merge pull request #1292 from tractorcow/3.1-validationexception-fixes
BUG Issue with ValidationException having blank ValidationResult
2013-03-20 03:55:42 -07:00
Ingo Schommer
8538cb9ee2 Removed deprecated YamlFixture->saveIntoDatabase() usage 2013-03-19 12:58:15 +01:00
Ingo Schommer
4f95a07936 Removed deprecated NegationFilter tests, rewrote ExactMatchMultiFilter tests 2013-03-19 12:58:14 +01:00
Ingo Schommer
a44e06992a Fixed deprecated has_extension() usage 2013-03-19 12:58:14 +01:00
Ingo Schommer
0a9f3b75a9 Fixed deprecated usage of <% control %> 2013-03-19 12:58:14 +01:00
Andrew Short
b8a51c3792 Merge branch '3.0' into 3.1 2013-03-19 22:27:09 +11:00
Ingo Schommer
b282c9f8f3 Fixed deprecated GD usage 2013-03-19 10:51:39 +01:00
Ingo Schommer
b416e50bff Fixed deprecations 2013-03-19 10:38:14 +01:00
Ingo Schommer
3932241844 Removed test for deprecated NegationFilter 2013-03-19 10:13:57 +01:00
Ingo Schommer
dd6f33ab37 FIX Respect tree node limits, fix search result node display
- Renamed $minNodeCount to more accurate $nodeCountThreshold
- The $minNodeCount attribute wasn't properly respected
during actual querying, so SilverStripe would always traverse
the entire tree (and load all objects into memory),
before then marking nodes as "unexpanded", which prevents
them from actually being rendered.
- Fixes nodes on search results to be expanded by default
- Fixes nodes on search results to correctly ajax-expand
2013-03-19 00:05:14 +01:00
Damian Mooyman
cd27bf71fb BUG Enforced requirement that ValidationException::getResult() is expected to consistently produce a valid ValidationResult object. 2013-03-15 13:56:43 +13:00
Hamish Friedlander
9bd6dd9ade API Make default_cast Text and not HTMLText 2013-03-14 12:49:03 +13:00
Hamish Friedlander
d2650bbc44 NEW Disable shortcodes in $Layout and $Content in SSViewer 2013-03-14 12:49:03 +13:00
Hamish Friedlander
168f071499 API Make HTMLValue replace-able via DI
Extracted common code out to SS_HTMLValue and made abstract, then
put HTML 4 specific code in SS_HTML4Value. Its now possible to
replace HTMLValue with one designed for HTML 5 or XHTML

Requires a code change from new SS_HTMLValue to
Injector::inst()->create(HTMLValue)
2013-03-14 12:49:02 +13:00
Sam Minnée
8b2a911c80 Merge pull request #1280 from silverstripe-rebelalliance/feature/config
FIX Parsing heredoc, nowdoc & comments in ConfigStaticManifest
2013-03-12 16:45:11 -07:00
Hamish Friedlander
53595dc930 FIX Parsing docblock comments in ConfigStaticManifest 2013-03-13 11:59:49 +13:00
Hamish Friedlander
60b72edfba FIX Parsing heredoc, nowdoc & comments in ConfigStaticManifest 2013-03-13 11:26:49 +13:00
Sam Minnée
362ca9b4d5 Merge pull request #1244 from silverstripe-rebelalliance/feature/config
Feature/config
2013-03-12 13:19:59 -07:00
g4b0
d32cd5be16 Added some more XHTML replacement and relative unit test. Content_type comfigurable. 2013-03-12 16:06:59 +01:00
Hamish Friedlander
e6352dffbb FIX Static polution with informational fields 2013-03-12 17:14:12 +13:00
Hamish Friedlander
c52baae3c8 Add some tests for the static parser 2013-03-12 15:32:46 +13:00
g4b0
2f16951634 BUG: ampersand escaping 2013-03-11 09:58:14 +01:00
Robert Curry
b9dc2dc650 Define getIDList on UnsavedRelationList
This is to fix a bug that caused CheckboxSetFields to throw an error
when trying to call this function when editing a new DataObject. This
occurred when using the advancedworkflow module.

Thanks to simonwelsh for the majority of the work on this fix.
2013-03-08 12:34:52 +13:00
miiihi
5af35a89ce ENHANCEMENT Allow multiline comments in SS3 templates 2013-03-07 18:45:07 +01:00
ajshort
b537ee28a2 BUG: Fix ManyManyList->removeAll() when filters are applied to the query
In order to be cross-database compatible and support filters, the IDs to
delete must be retrieved in a sub-query.
2013-03-02 17:23:15 +11:00
Hamish Friedlander
80bd38e1e9 FIX DataObjectSchemaGenerationTest trying to modify config statics directly 2013-02-28 09:43:34 +13:00
Hamish Friedlander
c98621977c Cache the merged version of any Config value in an in-mem LRU cache 2013-02-28 09:43:33 +13:00
Ingo Schommer
39789529d7 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	tests/control/HTTPResponseTest.php
	tests/travis/before_script
2013-02-27 10:27:22 +01:00
Ingo Schommer
af52de97e9 Merge pull request #1161 from chillu/pulls/uploadfield-replacefile
NEW Upload->replaceFile setting
2013-02-27 01:24:27 -08:00
Ingo Schommer
e6fffb9ef9 API Remove content-length setting in HTTPResponse
It's not reliable. Started in c69381c33, but only partially reverted.
2013-02-27 10:07:54 +01:00
Ingo Schommer
7c0240cec1 Merge pull request #1238 from ajshort/travis-composer-3.0
Travis Composer Integration (3.0.x)

Conflicts:
	tests/travis/before_script
2013-02-27 10:02:07 +01:00
ajshort
34d524c09f Integrate composer in the Travis build process
Creates a package definition from the framework version being built,
and uses composer to install it into an installer project, as well
as the required modules for testing.
2013-02-27 00:38:40 +11:00
Sam Minnee
efb4760244 Fixed invalid classname in test 2013-02-25 16:44:54 +13:00
Sam Minnee
88b3901a69 Check for object type before calling method, prevent fatal error in failing test. 2013-02-25 16:33:55 +13:00
Hamish Friedlander
7afcd64418 FIX Make ShortcodeParser obey error_behavior in attribute scope 2013-02-22 11:34:15 +13:00
Hamish Friedlander
1ee01c39d4 FIX ShortcodeParser producing bad output after escaped tag
Also tightens up matching of shortcodes so we dont match on invalid shortcodes
2013-02-22 10:30:51 +13:00
Ingo Schommer
a86e4ee00c Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	tests/injector/InjectorTest.php
	tests/travis/before_script
2013-02-18 14:15:42 +01:00
Ingo Schommer
6c30b80257 Hardcode travis branch on dependencies, otherwise breaks pull request builds
Pull requests are always on a branch, and this branch
typically is not present on the installer.

This changes means we need to be careful when merging into 3.1
and master, but that's a necessary evil.
2013-02-18 14:14:30 +01:00
Ingo Schommer
9e2e050f20 Hardcode travis branch on dependencies, otherwise breaks pull request builds
Pull requests are always on a branch, and this branch
typically is not present on the installer.

This changes means we need to be careful when merging into 3.1
and master, but that's a necessary evil.
2013-02-18 14:13:07 +01:00
Hamish Friedlander
baf894d84a FIX CDATA sections in HTML5 are invalid so remove from test 2013-02-18 17:02:11 +13:00
Sean Harvey
db56d17056 Merge pull request #1190 from silverstripe-rebelalliance/feature/shortcodes
NEW Make shortcode parser more clever about placement
2013-02-17 19:00:14 -08:00
Hamish Friedlander
9ecea763c3 Merge pull request #1186 from nyeholt/injector_configged_create
FIX issue with Injector::create not passing args
2013-02-17 18:38:24 -08:00
Hamish Friedlander
4b54383d68 API change request handling to be more orthogonal
RequestHandler#handleAction now exists. It takes the request, and
the action to call on itself. All calls from handleRequest to call an action
will go through this method

Controller#handleAction has had it's signature changed to
match new RequestHandler#handleAction

RequestHandler#findAction has been added, which extracts the
"match URL to rules to find action" portion of RequestHandler#handleRequest
into a separate, overrideable function

GridField#handleAction has beeen renamed to handleAlterAction and
CMSBatchActionHandler#handleAction has been renamed to handleBatchAction to
avoid name clash with new RequestHandler#handleAction

Reason for change: The exact behaviour of request handling depended heavily
on whether you inherited from RequestHandler or Controller, and whether the
rule extracted it's action directly (like "foo/$ID" => 'foo') or dynamically
(like "$Action/$ID" => "handleAction"). This cleans up behaviour so
all calls follow the same path through handleRequest and handleAction, and
the additional behaviour that Controller adds is clear.
2013-02-18 14:56:04 +13:00
Hamish Friedlander
5fd55a50f2 API Tighten up allowed_actions
allowed_actions is now only allowed to reference public methods defined
on the same Controller as the allowed_actions static, and
the wildcard "*" has been deprecated
2013-02-18 14:53:33 +13:00
Hamish Friedlander
7efae6b95f Merge remote-tracking branch 'origin/3.0' into 3.1 2013-02-18 14:31:57 +13:00
Ingo Schommer
30096ee730 BUGFIX Keep Member.PasswordEncryption setting on empty passwords
This will prevent empty passwords to set the encryption to 'none',
which in turn will store any subsequent password changes in cleartext.
Reproduceable e.g. with ConfirmedPasswordField and setCanBeEmpty(true).
2013-02-17 23:30:41 +01:00
Ingo Schommer
f06ba70fc9 BUG Undefined $allowed_actions overrides parent definitions, stricter handling of $allowed_actions on Extension
Controller (and subclasses) failed to enforce $allowed_action restrictions
on parent classes if a child class didn't have it explicitly defined.

Controllers which are extended with $allowed_actions (through an Extension)
now deny access to methods defined on the controller, unless this class also has them in its own
$allowed_actions definition.
2013-02-17 23:30:36 +01:00
Hamish Friedlander
2335c074b3 NEW Make shortcode parser more clever about placement
Shortcodes have traditionally had a problem that they are inside <p> tags,
but generate block level elements. This breaks HTML compliance.

This makes the shortcode parser now mutate the DOM based on the "class" attribute on
the shortcode to insert the generated block level element at the right place in the DOM

 - for "left" and "right" elements it puts them just before the block level
   element they are inside

 - for "leftAlone" and "center" elements it splits the DOM around the shortcode.

The trade off is that shortcodes are no longer "text level" features. They need
knowledge of the HTML they are in to perform this transformation, so they can
only be used in (valid) HTML
2013-02-18 10:49:52 +13:00