Commit Graph

258 Commits

Author SHA1 Message Date
Daniel Hensby
e8cfe1cc72
Merge remote-tracking branch 'security/patch/3.1/ss-2016-004' into 3.1.19 2016-05-05 01:01:37 +01:00
Daniel Hensby
a24c8260b1
[SS-2016-004] FIX Store current page IDs as ints 2016-04-20 23:55:59 +01:00
Daniel Hensby
3c0f2e8e11
[SS-2015-029] FIX Add CSFR protection to tree reorganise 2016-04-19 00:01:04 +01:00
Daniel Hensby
009458e342 Fixing rubbish login message when trying to access the CMS 2015-08-04 12:23:22 +01:00
Damian Mooyman
ae783e9598 Merge pull request #4042 from selay/3.1
Hardcoded http:// cause browser warnings in admin panel
2015-07-28 09:14:34 +12:00
Tom Densham
b17b186e93 Convert FQCNs to html safe strings
Convert namespaced class names to html safe strings in `LeftAndMain.php` `CMSMenu.php` and `LeftAndMain.Main.js` by replacing backslashes (\) with dashes (\) and removing special characters with `Convert::raw2htmlname()`
2015-07-15 15:33:00 +01:00
Loz Calver
8b4a9a3988 Store current page before marking tree nodes (fixes #4137, fixes silverstripe/silverstripe-cms#1135) 2015-05-07 16:01:24 +01:00
ielmin
b617ef1abd Hardcoded http:// cause browser warnings 2015-03-26 13:20:21 +11:00
Loz Calver
d6e1c5131c FIX: Prevent JSON response showing when re-opening closed tab (fixes silverstripe/silverstripe-cms#1121) 2014-10-23 22:24:36 +01:00
Damian Mooyman
fbc7e7c264 BUG Fix issue with generating tree data for missing pages 2014-08-08 15:29:28 +12:00
Stig Lindqvist
333a2aa8f9 BUG: CMS tree filters doesn't count the correct number of children for deleted pages
This is a bug that combines Hierarchy, Versioned and LeftAndMain admins and CMSSiteTreeFilters.

This bug can be reproduced by having a large site tree with enough deleted pages in it so it doesn't
pre load all the children pages when initially opening an admin. Filter by either 'All pages including deleted'
or 'Deleted pages'. For CMS users it will look like deleted pages are gone.

The solution involves a couple of smaller fixes in both CMS and framework modules.

1) Ensure that 'numHistoricalChildren' are used instead of 'numChildren' when dealing with deleted pages
2) LeftAndMain::currentPage() deletes all the 'marking' cache previously built up by Hierarchy::markPartialTree()
3) Use Versioned::get_included_deleted() instead of raw DB queries against the DataObject tables when calculating parents in CMSSiteTreeFilter
2014-07-25 16:19:30 +12:00
Stig Lindqvist
ac64d258b7 BUG If user is logged out getHtmlEditorConfigForCMS() gets called on non object
This can happen if the auto-logout feature logs a user out and the user then tries to open another admin or
do an pjax call.
2014-07-17 14:45:22 +12:00
Damian Mooyman
aef4b80fda Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	.travis.yml
	forms/ConfirmedPasswordField.php
2014-05-06 10:06:58 +12:00
Stephen Shkardoon
677f0edcfc MINOR LeftAndMain::getRecord check $ClassName before use
While the check for `$classname` was done in the first conditional, it was left out of the other two, leading to potential issues when an invalid ID was given, instead of the expected `false`.
2014-05-05 19:26:05 +12:00
madmatt
77c35e7bde BUGFIX: Remove possibility of E_NOTICE in updatetreenodes(). 2014-01-13 17:47:33 +13:00
micmania1
b89ab1eb16 Added SSViewer::get_templates_by_class() to make the functionality in LeftAndMain::getTemplatesWithSuffix() more open. 2013-12-01 07:42:37 +00:00
Ingo Schommer
93558a6d62 Globalization in TreeDropdownField JS 2013-10-08 12:12:25 +02:00
Ingo Schommer
e7953f3b41 Merge pull request #2474 from wilr/externalcmslink
API: Add attributes argument for CMSMenuItem for external links
2013-10-02 02:38:56 -07:00
Will Rossiter
2d0a354405 API: Add attributes argument for CMSMenuItem.
Currently help menu item is the only external link in the CMS and the ability for it to work is hardcoded in the template. This request makes the target attribute definable by CMSMenu::add_link().

Adds documentation for how to add a basic external link to the CMS.
2013-10-02 19:06:54 +13:00
Andrew Short
9e984b8c99 Add an extension hook for the batch actions form. 2013-09-27 15:46:01 +10:00
Ingo Schommer
afe06661ef Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/templates/Includes/LeftAndMain_Menu.ss
	admin/templates/Includes/ModelAdmin_ImportSpec.ss
	admin/templates/Includes/ModelAdmin_Tools.ss
	admin/templates/LeftAndMain.ss
	admin/templates/ModelSidebar.ss
	i18n/i18n.php
	templates/ComplexTableField.ss
	templates/ComplexTableField_popup.ss
	templates/FileIFrameField_iframe.ss
	templates/Includes/GridFieldItemEditView.ss
	templates/Includes/TableListField_PageControls.ss
	templates/RelationComplexTableField.ss
	templates/TableField.ss
	templates/TableListField.ss
2013-08-07 17:14:47 +02:00
Ingo Schommer
00ffe72944 Translations: Switch to Transifex format
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Removed "lolcat" locale, uses custom notation (en@lolcal)
  which SilverStripe's i18n system can't handle
  (needs mapping from SS naming to Zend naming)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
- Only allow selection of locales registered through i18n::$all_locales to avoid
  issues with unknown locales in Zend's CLDR database
2013-08-07 00:25:16 +02:00
Will Rossiter
919a8c21c3 FIX: pass controller as reference inside closure.
Non referenced causes segfaults on PHP <= 5.3.8 environments when opening subtrees in the CMS. Likely the cause of silverstripe-cms/issues/803.
2013-07-31 14:12:08 +12:00
Ingo Schommer
d4a1e6d294 BUG Prevent clickjacking in CMS and Security controllers (fixes #2215) 2013-07-14 22:44:09 +02:00
Simon Welsh
e5ed8f1ef2 Merge branch '3.0' into 3.1 2013-07-10 12:31:38 +12:00
Simon Welsh
b506eb1b29 Use httpError() instead of non-existent HTTPResponse_Exception class 2013-07-10 12:30:27 +12:00
ARNHOE
6e7cae50fd Updated helplink to 3.1 2013-06-22 18:08:25 +02:00
Ingo Schommer
bfff11eb9c API New CMSForm class to allow validation responses in CMS (fixes #1777)
Thanks to @willmorgan for getting this discussion started
(see https://github.com/silverstripe/sapphire/pull/1814).
2013-06-13 07:51:05 +02:00
Will Rossiter
db85f3ca16 FIX extra_requirements to accept non associative arrays.
Added unit tests for extra_requirements_js and extra_requirements_css.

Fixed YAML documentation to indicate list syntax.
2013-06-02 13:37:34 +12:00
Sam Minnee
4548b67538 NEW: Add LeftAndMain.session_keepalive_ping config option.
The Session-keepalive ping that is built into LeftAndMain (i.e. all of the CMS admin) can now be
turned off.  The main reason you would want to do this is if you have enabled Session.timeout,
and you want users to be locked out of the CMS after a period.
2013-05-31 16:27:30 +12:00
Ingo Schommer
bd918915e2 Merge pull request #2023 from g4b0/left-and-main-classes
BUG: correct handling of multiple classes
2013-05-29 07:23:26 -07:00
Loz Calver
9be5f07231 Fixes for LeftAndMain::require_themed_css()
LeftAndMain::require_themed_css() was setting an incorrect property, and a typo meant that those requirements would never be detected anyway
2013-05-28 15:48:23 +01:00
g4b0
9fc58feb03 BUG: correct handling of multiple classes 2013-05-28 16:25:25 +02:00
Ingo Schommer
67d1327b90 Avoid collision of status flags in tree items when updating tree nodes
Fixes silverstripe/silverstripe-cms#445
See https://github.com/silverstripe/silverstripe-framework/pull/1996
Thanks to Jean-Fabien for getting this started
2013-05-25 11:27:50 +02:00
Will Rossiter
ddcfcf7bed Update @package, @subpackage labels
Cleanup of framework's use of @package and @subpackage labels and additional of labels for classes missing packages.

Moved all GridField related components to the one name.

Countless spelling fixes, grammar for other comments.

Link ClassName references in file headers.
2013-05-21 22:24:41 +12:00
Ingo Schommer
e5d3a1da6b Disable ContentNegotiator in CMS (fixes #1850) 2013-05-08 23:45:53 +02:00
Ingo Schommer
17362f9474 Showing "Help" menu item below "Settings" 2013-04-09 12:20:20 +02:00
Sam Minnee
e6d8280296 Removed notice-level erorr in CMS page list. 2013-04-09 11:42:30 +12:00
Ingo Schommer
01f46d039f NEW Enforce max node counts to avoid excessive resource usage
Rendering potentially 1000s of nodes can exceed the CPU and memory constraints
of a normal PHP process, as well as the rendering capabilities of browsers.
Set a hard maximum for the renderable nodes, deferring to a "show as list" action
in the main CMS tree. For TreeDropdownField, we don't have the list fallback option,
so ask the user to search for the node title instead.

Also makes both the "node_threshold_total" and "node_threshold_leaf" values configurable
2013-04-09 10:24:18 +12:00
Ingo Schommer
828ac7fe4f API Replaced SSViewer.custom_theme with SSViewer.theme_enabled
Since we can't influence the setting of configuration values,
we also can't set/unset the 'custom_theme' value based on which
theme is set. This means the 'custom_theme' value goes stale,
and we can't rely on it e.g. in FilesystemPublisher.

The 'theme_enabled' toggle is a cleaner solution to the same problem,
since the 'custom_theme' was really just a way to remember the original
theme, while still disabling it. The toggle makes this more explicit,
but also requires users of the 'theme' setting to check for it.
2013-04-07 23:59:10 +02:00
Ingo Schommer
1dda9ae45f Fixed extra_requirements docs 2013-04-05 15:35:30 +02:00
g4b0
f033321adc Solved json obj to array issue 2013-03-28 22:06:37 +01:00
g4b0
93428bd8f2 Solved json obj to array issue 2013-03-28 14:52:13 +01:00
Ingo Schommer
3c30c36b71 Fixed help_link config usage 2013-03-27 21:48:55 +01:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Ingo Schommer
53c84ee1fe Merge remote-tracking branch 'origin/3.0' into 3.1 2013-03-19 14:04:29 +01:00
Ingo Schommer
52ffb307a7 Fixed ValidationException handling in LeftAndMain
getResult() isn't always available, and has the same content
as the native Exception->getMessage() anyway
2013-03-19 14:02:28 +01:00
Andrew Short
b8a51c3792 Merge branch '3.0' into 3.1 2013-03-19 22:27:09 +11:00
Ingo Schommer
dd6f33ab37 FIX Respect tree node limits, fix search result node display
- Renamed $minNodeCount to more accurate $nodeCountThreshold
- The $minNodeCount attribute wasn't properly respected
during actual querying, so SilverStripe would always traverse
the entire tree (and load all objects into memory),
before then marking nodes as "unexpanded", which prevents
them from actually being rendered.
- Fixes nodes on search results to be expanded by default
- Fixes nodes on search results to correctly ajax-expand
2013-03-19 00:05:14 +01:00
Andrew Short
6ae931df24 Merge branch '3.0' into 3.1 2013-03-15 21:47:23 +11:00