Commit Graph

779 Commits

Author SHA1 Message Date
Sam Minnee
de4a865fb8 BUGFIX: Fixed blowfish encryption for PHP < 5.3.7 (#7276) 2012-05-04 11:50:26 +12:00
Ingo Schommer
68051fdb96 Merge pull request #371 from halkyon/sapphire
---

Dont start the session until its actually necessary, which is to say there is a cookie available with the current PHP session name (or a request variable with the session_name() - typically PHPSESSID.) The latter allows for passing session ID through as an alternative to cookies.
2012-05-03 14:58:09 +02:00
Sean Harvey
151abde17d Merge pull request #388 from chillu/trac/7170-i18n-sprintf-injections
#7170 i18n sprintf injections
2012-05-02 16:18:30 -07:00
Sean Harvey
6483cdd204 Merge pull request #382 from chillu/trac/7217-group-default-on-member
Group default on member (#7217)
2012-05-01 21:43:05 -07:00
Andrew O'Neil
a2e9c001d7 MINOR: Fix style according to style guidelines, and add a comment about use of "$2y" instead of "$2a" 2012-05-02 14:59:39 +12:00
Andrew O'Neil
fa60f9e8b2 ENHANCEMENT: Implement blowfish encryption and use it by default. (#7111) 2012-05-02 13:51:29 +12:00
Ingo Schommer
7b18d9d0da MINOR Switching _t() calls from sprintf() to using injection parameters (#7170) 2012-05-01 22:17:00 +02:00
Sean Harvey
0882741f54 API CHANGE Renamed setModel for DataModel instances to setDataModel for
semantics, and also to allow a field name called "Model"
2012-05-01 14:45:44 +12:00
Ingo Schommer
f873707e9d ENHANCEMENT Prepopulating group on new members (fixes #7217) 2012-04-30 14:35:25 +02:00
Ingo Schommer
ffe698ca1e MINOR Placeholder text for adding a group in Member->getCMSFields() (fixes #7217) 2012-04-30 10:29:09 +02:00
Sean Harvey
f63d137d49 ENHANCEMENT Session::start() now only called when there is changed
session data to be saved, and started on Director::direct() when there
is a cookie (or request var) containing the current PHP session name.
2012-04-27 16:28:46 +12:00
Sean Harvey
8a6671d72e BUGFIX Member::onChangeGroups() should allow ADMIN permission grant if the logged in user is an ADMIN 2012-04-27 12:27:46 +12:00
Ingo Schommer
7f62ad0f3e Merge branch 'master' into 7094-combine-tree-edit-view 2012-04-18 14:19:55 +02:00
Sean Harvey
926daa29e2 BUGFIX Revert remove of function_exists() check for mcrypt in
7d84aff01e, as we don't expect mcrypt to actually be available,
since fallbacks in RandomGenerator are available.
2012-04-18 18:44:33 +12:00
Andrew O'Neil
14c0796617 MINOR: Remove checks for PHP < 5.3.2, as it's no longer supported 2012-04-18 10:38:09 +12:00
Ingo Schommer
65fc81fd68 MINOR Removed Group->CMSTreeClasses(), no longer shown as a tree 2012-04-17 22:34:24 +02:00
Andrew O'Neil
a89228e934 MINOR: Fix deprecation notice when saving user settings 2012-04-16 14:13:21 +12:00
Ingo Schommer
d44f6b3e1f MINOR Removed deprecated usage of $priority argument in _t() calls 2012-04-15 17:17:17 +02:00
Simon Welsh
f07258f3cf MINOR Update @package values to match renaming sapphire 2012-04-15 10:50:19 +12:00
Simon Welsh
3a6341a251 API-CHANGE sapphire folder can now be renamed. 2012-04-15 10:50:19 +12:00
Simon Welsh
f8082e4814 MINOR Add newline to end of files without one 2012-04-15 10:50:19 +12:00
Ingo Schommer
8ba9c3ca6b API CHANGE Removed $params argument to DataObject->getCMSFields(), please use FormScaffolder directly (fixes #7135) 2012-04-13 15:46:47 +02:00
Sean Harvey
fd3de5158d BUGFIX Use of Link() in security classes now refers to $this->controller
instead of calling the instance method Link statically (which isn't
allowed for E_STRICT compliance.)
2012-04-12 12:09:39 +12:00
Ingo Schommer
a3d99b082d MINOR Resetting Security::$database_is_ready state during tests (regression from a9509a610d) 2012-04-11 17:22:55 +02:00
Ingo Schommer
ac45e5b9c0 Merge branch 'integration'
Conflicts:
	admin/css/ie8.css
	admin/css/screen.css
	admin/scss/_style.scss
	dev/install/config-form.html
	dev/install/install.css
	dev/install/php5-required.html
2012-04-11 16:31:12 +02:00
Ingo Schommer
aed5e93da2 Merge pull request #301 from stojg/database-is-ready-checks
MINOR Security::database_is_ready() check are doing duplicate DB queries...
2012-04-11 06:38:22 -07:00
Ingo Schommer
6cd91ff449 Merge pull request #299 from ajoneil/sapphire
---

Conflicts:
	forms/NumericField.php
2012-04-11 15:36:35 +02:00
Stig Lindqvist
a9509a610d MINOR Security::database_is_ready() check are doing duplicate DB queries for Members.
The will make sure that if the database has been ready once, it is ready for the rest of the request
2012-04-12 00:29:35 +12:00
Andrew O'Neil
4be59a8d45 MINOR: Ensure all form fields Field() method has the same signature as FormField::Field(). Fixes E_STRICT warnings. 2012-04-11 17:33:36 +12:00
Andrew O'Neil
daab8f4cbc MINOR: Consistently use DataObjectInterface for saveInto() on FormField subclasses. Fixes E_STRICT notice 2012-04-11 17:00:57 +12:00
Ingo Schommer
8c5e56fe31 Merge branch 'master' into integration
Conflicts:
	admin/css/screen.css
	dev/install/php5-required.html
2012-04-09 21:10:08 +02:00
Stig Lindqvist
0d031a5045 API CHANGE Use Config for registering default password encryptors
Using the config system for registering password encryptors
Remove the eval on password encryptor construction by using reflection
Throws deprecation messages when using static register / unregister
2012-04-07 19:14:00 +12:00
Ingo Schommer
40d73127ae MINOR Using late static binding instead of Object::create() calls 2012-04-04 17:10:31 +02:00
Felipe Skroski
7740bb326a ENHANCEMENT SSF-168 moved print and csv export buttons to the top of the grid 2012-04-04 14:09:52 +12:00
Normann Lou
2f3949ac6e MINOR add 'print button' to Member list and data list of ModelAdmin 2012-04-04 10:35:41 +12:00
Ingo Schommer
d0d23dc591 Merge pull request #271 from halkyon/group_changes
BUGFIX Nested Group records should be removed, along with the parent.
2012-03-28 02:52:52 -07:00
Sean Harvey
bd95bcaf61 BUGFIX Nested Group records should be removed, along with the parent. 2012-03-28 22:49:58 +13:00
Sean Harvey
e097f6e1a8 MINOR Fixes to method arguments in core classes for E_STRICT support.
API CHANGE Remove abstract static function and just use static functions
in Authenticator (PHP 5.3+ doesn't support abstract static functions)
2012-03-28 22:41:42 +13:00
Ingo Schommer
cbb0259dd7 Merge branch 'integration-merge27march' 2012-03-27 18:07:21 +02:00
Ingo Schommer
efc30fd39e MINOR Removed setRightTitle() special case (and too specific styling) from Group->getCMSFields(), implemented title attribute for chosen.js drop downs instead (to be styled with more friendly title popovers) 2012-03-27 17:07:50 +02:00
Sean Harvey
b92e4e01a9 MINOR Removed PHP 5.1 check for PasswordEncryptor, use hash() always as PHP 5.1 is no longer supported. 2012-03-27 20:09:36 +13:00
Andrew O'Neil
86ef281d8f BUGFIX: #7019 Fix SQL error when building database after adding a Member DataExtension in non-dev mode 2012-03-21 11:53:38 +13:00
Normann Lou
aed91931a7 MINOR SSF-53 : code convention, use "-" instead of "_" for html class property value 2012-03-12 09:35:25 +01:00
Ingo Schommer
01b24daace API CHANGE Removed Member::isAdmin(), use Permission::check('ADMIN') instead
API CHANGE Removed Member->setByCheckboxes()/setByCheckboxSetField(), Use setByIdList() and/or a CheckboxSetField instead
API CHANGE Removed Member->addManyByGroupID(), Use DataList->addMany() instead.
API CHANGE Removed Member->removeManyByGroupID(). Use DataList->removeMany() instead.
API CHANGE Removed Member->getGroupsFromIDs(). Use DataObject::get("Group")->byIds() instead.
API CHANGE Removed Member->addManyByCodename()/removeManyByCodename(). Don\'t rely on codename
2012-03-09 21:33:52 +01:00
Ingo Schommer
4216a09177 API CHANGE Removed BasicAuth::enable()/disable(), use protect_entire_site() 2012-03-09 21:20:20 +01:00
Sean Harvey
d28da56e19 BUGFIX Fixed regression where Member::PasswordEncryption field wouldn't be set to the default 2012-03-09 17:29:57 +13:00
Sean Harvey
2644cbb6e9 BUGFIX Remove use of encryptPasswords; use PasswordEncryptor_None
instead
2012-03-09 15:31:33 +13:00
Sean Harvey
d0a0df0b8e API CHANGE Removed Security::$useSalt static, please use a custom PasswordEncryptor instead 2012-03-09 15:06:12 +13:00
Sean Harvey
0d8151fd3d Merge remote-tracking branch 'upstream/master' into deprecation_fixes 2012-03-09 15:03:43 +13:00
Sean Harvey
aca2b2f3b5 API CHANGE Removed deprecated Security::get_encryption_algorithms() - please use PasswordEncryptor::get_encryptors() instead 2012-03-09 14:51:34 +13:00