Commit Graph

1346 Commits

Author SHA1 Message Date
Ingo Schommer
debd81d380 Merge pull request #2453 from chillu/pulls/escape-3.1.0
Escaping 3.1
2013-09-25 16:02:45 -07:00
Ingo Schommer
78ce99be09 FIX Escape breadcrumbs in SecurityAdmin (SS-2013-007) 2013-09-24 21:41:18 +02:00
James Cocker
3e9c827603 Reverted incorrect CSS sprite location changes
Reverted the sprite location, undoing the incorrect location that was added in 3a17e168cc, probably due to a local incorrect Compass setup.
2013-09-21 14:22:46 +01:00
Ingo Schommer
1bb993b0b3 Form errors in LeftAndMain response negotiation
The session key for form errors changed from "Form_EditForm" to "CMSForm_EditForm",
causing a mismatch. See https://github.com/silverstripe/silverstripe-framework/pull/2084/files#r6338249 for discussion
2013-09-18 14:30:37 +02:00
jaedb
3a17e168cc Styling admin notice popup 2013-09-18 11:42:26 +02:00
Ingo Schommer
c2b312d76f Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-09-12 17:24:42 +02:00
Ingo Schommer
6cff9671d4 FIX Privilege escalation through Group and Member CSV upload (SS-2013-004)
See http://www.silverstripe.org/ss-2013-004-privilege-escalation-through-group-and-member-csv-upload/
2013-09-12 15:42:43 +02:00
Ingo Schommer
46556b609e FIX Privilege escalation through Group and Member CSV upload (SS-2013-004)
See http://www.silverstripe.org/ss-2013-004-privilege-escalation-through-group-and-member-csv-upload/
2013-09-12 15:42:35 +02:00
Naomi Guyer
52ef14a9ec BUG: Image resize allows skewing of image in IE (fixes CMS #791)
Including this plugin seemed like the most complete solution to this
problem, and allows it to be removed when tinymce is upgraded (assuming
they have fixed this issue). Uses a compressed version of the
advimagescale fork from sourceforge
(http://sourceforge.net/p/tinymce/plugins/186/), as it allowed for
multiple tinymce instances.
2013-09-04 15:01:46 +12:00
Ingo Schommer
20b49e215c Merge pull request #2136 from nedmas/fix-remove-export-button-padding
FIX: GridField button styling
2013-08-30 00:24:21 -07:00
Ingo Schommer
5d33f187c7 "Add page" page type styles
Regression from changing #PageType to more specific selector in master,
due to FormField->HolderID() API changes. Failed to take into account the tag
name hierarchy (is a <ul> vs. has a <ul>)

See https://github.com/silverstripe/silverstripe-cms/issues/786
2013-08-28 11:10:03 +02:00
Hamish Friedlander
45c1d2b0ce FIX webfonts in preview iframe breaking admin fonts
In IE8, when a page in the preview iframe uses a web font (not just
references it in CSS, but actually has glyphs present in the page),
the fonts in the containing admin interface will become corrupted
(display as all squares) until the mouse moves.

This commit uses the technique described at
http://stackoverflow.com/questions/9809351/ie8-css-font-face-fonts-only-working-for-before-content-on-over-and-sometimes#10557782
to cause the admin panel to re-calculated all it's fonts
after the preview iframe has loaded, fixing the glitch
2013-08-27 10:49:24 +12:00
Mateusz Uzdowski
137aa53156 Return jQuery deferred object from LeftAndMain's loadFragment. 2013-08-23 09:39:38 +12:00
Ingo Schommer
a4c6ae3e90 Merge remote-tracking branch 'origin/3.1' 2013-08-22 13:56:33 +02:00
Mateusz Uzdowski
1f8feb5efc API Provide a thin alternative to loadPanel/submitForm.
This is needed in some situations when we only want to update a
small single component, sometimes even using a different controller to
the one implied in the URL.

An example here is reloading dynamically the subsite dropdown without
reloading the entire page, updating a filter sidebar or suchlike.
2013-08-22 15:16:13 +12:00
Simon Welsh
151baeede1 Correct line length and indentation 2013-08-21 18:54:05 +12:00
Sean Harvey
abe09c79e5 Merge branch '3.1.0' into 3.1 2013-08-21 10:39:27 +12:00
Mateusz U
afd3e3f0d0 Merge pull request #2345 from hafriedlander/fix/performance
Couple of performance fixes - eliminate un-necessary redraws and preview updating
2013-08-20 14:40:22 -07:00
Hamish Friedlander
0ca4969cda FIX Dont update preview iframe if hidden
Updating the iframe src when the iframe isnt visible in IE8 causes a
view disconcerting font glitch (and it slows down navigation anyway),
so if the iframe isnt visible, delay setting the src until it is
2013-08-21 09:29:28 +12:00
Hamish Friedlander
c59305d6d4 FIX Multiple redraw calls on navigation 2013-08-21 09:29:28 +12:00
Ingo Schommer
699cbfe851 Merge branch '3.1.0' into 3.1
Conflicts:
	thirdparty/jquery-entwine/dist/jquery.concrete-dist.js
	thirdparty/jquery-entwine/spec/SpecRunner.html
	thirdparty/jquery-entwine/spec/spec.entwine.eventcapture.js
	thirdparty/jquery-entwine/spec/spec.entwine.namespaces.js
	thirdparty/jquery-entwine/src/domevents/jquery.entwine.domevents.addrem.js
	thirdparty/jquery-entwine/src/jquery.entwine.eventcapture.js
	thirdparty/jquery-entwine/src/jquery.entwine.js
	thirdparty/jquery-entwine/src/jquery.focusinout.js
2013-08-20 16:58:40 +02:00
Ingo Schommer
6627a19994 Merge branch 'context-menu' of https://github.com/adrexia/framework into adrexia-context-menu
Conflicts:
	admin/scss/_tree.scss
2013-08-20 15:04:02 +02:00
Hamish Friedlander
fda4b91d06 FIX Make sure CurrentXHR is set back to null on completion 2013-08-20 15:49:37 +12:00
Naomi Guyer
e6b06cade4 BUG: Context menu too long - CSS only (Fixes CMS #811) 2013-08-20 11:35:22 +12:00
Will Rossiter
1621d6afde Merge pull request #2316 from chillu/pulls/editor-brokenlink
Render broken link in HtmlEditorField
2013-08-17 17:01:14 -07:00
Ingo Schommer
02cc662aaf More specific entwine rule for delete alert in GridField
The rule didn't apply in Firefox because of how it handles specificity,
so made it a bit more specific (added "button" and ".action")
2013-08-16 16:06:31 +02:00
Ingo Schommer
7ae75c1a89 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	forms/HtmlEditorField.php
2013-08-16 13:37:44 +02:00
Ingo Schommer
d325551079 Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-08-16 13:36:34 +02:00
Naomi Guyer
fb67181366 BUG: Context menu too long - CSS only (Fixes CMS #811) 2013-08-16 13:34:23 +02:00
Ingo Schommer
eb17cf3eb9 Merge pull request #2275 from ARNHOE/3.1-updatefieldgroupstyle
BUG Fieldgroup styling
2013-08-15 12:14:05 -07:00
Ingo Schommer
6ee0d53f40 Fixed merge error (mainly new translation entity format in templates)
Merge error from 2a35f2f928,
which was then further regressed by Sam running the text collector
on those faulty templates: 750b5b4079
2013-08-09 15:27:28 +02:00
Ingo Schommer
79205f7d43 Render broken link in HtmlEditorField
Regression: 2.4 had this in the default cms/css/editor.css,
which got moved to the simple theme at some point,
where this styling was removed.
2013-08-09 11:51:18 +02:00
Ingo Schommer
2a35f2f928 Merge remote-tracking branch 'origin/3.1' 2013-08-07 17:34:11 +02:00
Ingo Schommer
afe06661ef Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/templates/Includes/LeftAndMain_Menu.ss
	admin/templates/Includes/ModelAdmin_ImportSpec.ss
	admin/templates/Includes/ModelAdmin_Tools.ss
	admin/templates/LeftAndMain.ss
	admin/templates/ModelSidebar.ss
	i18n/i18n.php
	templates/ComplexTableField.ss
	templates/ComplexTableField_popup.ss
	templates/FileIFrameField_iframe.ss
	templates/Includes/GridFieldItemEditView.ss
	templates/Includes/TableListField_PageControls.ss
	templates/RelationComplexTableField.ss
	templates/TableField.ss
	templates/TableListField.ss
2013-08-07 17:14:47 +02:00
Ingo Schommer
00ffe72944 Translations: Switch to Transifex format
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Removed "lolcat" locale, uses custom notation (en@lolcal)
  which SilverStripe's i18n system can't handle
  (needs mapping from SS naming to Zend naming)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
- Only allow selection of locales registered through i18n::$all_locales to avoid
  issues with unknown locales in Zend's CLDR database
2013-08-07 00:25:16 +02:00
Ingo Schommer
542728cd94 Merge remote-tracking branch 'origin/3.1' 2013-08-03 19:47:32 +02:00
Ingo Schommer
c5442810cf Merge pull request #2271 from ARNHOE/3.1-twotoneborders
Updated field class to use doubleborder mixin
2013-08-03 09:49:23 -07:00
Ingo Schommer
0e7231ff60 API Disable discontinued Google Spellcheck in TinyMCE
Replaced by browser-based spellchecking if available (Chrome, Firefox),
with instructions on how to use PSpell as an alternative.
2013-08-03 16:16:45 +02:00
Will Rossiter
919a8c21c3 FIX: pass controller as reference inside closure.
Non referenced causes segfaults on PHP <= 5.3.8 environments when opening subtrees in the CMS. Likely the cause of silverstripe-cms/issues/803.
2013-07-31 14:12:08 +12:00
Arno Poot
fefb7af0f5 BUG Fieldgroup styling 2013-07-28 15:52:39 +02:00
Arno Poot
968e99f45e Updated field class to use doubleborder mixin 2013-07-26 16:44:00 +02:00
Hamish Friedlander
0a79ac3592 Merge branch 'origin/3.1'
Conflicts:
	templates/forms/CheckboxSetField.ss
	templates/forms/FormField_holder.ss
	templates/forms/OptionsetField.ss
2013-07-19 16:25:38 +12:00
Sam Minnée
2ca089532f Merge pull request #2219 from chillu/pulls/clickjacking
BUG Prevent clickjacking in CMS and Security controllers (fixes #2215)
2013-07-16 14:35:53 -07:00
Ingo Schommer
d4a1e6d294 BUG Prevent clickjacking in CMS and Security controllers (fixes #2215) 2013-07-14 22:44:09 +02:00
ARNHOE
2427d57fa5 Updated loop/if/with to be more consistent 2013-07-14 20:43:52 +12:00
Andrew Short
8a62593754 Merge branch '3.1' 2013-07-10 18:27:19 +10:00
Simon Welsh
e5ed8f1ef2 Merge branch '3.0' into 3.1 2013-07-10 12:31:38 +12:00
Simon Welsh
b506eb1b29 Use httpError() instead of non-existent HTTPResponse_Exception class 2013-07-10 12:30:27 +12:00
Simon Welsh
fbce9fd7cd Merge branch '3.1'
Conflicts:
	.travis.yml
	docs/en/misc/contributing/code.md
	javascript/HtmlEditorField.js
2013-07-05 10:22:58 +12:00
Ingo Schommer
a9f150126c Fix CMSBatchActionHandler::$allowed_actions
Regression from earlier API change to deny actions unless specified
2013-06-28 10:07:57 +02:00
Simon Welsh
1edf45fbed Merge pull request #2130 from chillu/pulls/allowed_actions-deny
API Enforce $allowed_actions in RequestHandler->checkAccessAction()
2013-06-24 12:41:15 -07:00
Ingo Schommer
1046530ff6 "Insert Media" dialog: Prevent loading indicator in IE8+
Fixes https://github.com/silverstripe/silverstripe-cms/issues/782
2013-06-24 17:14:32 +02:00
Ingo Schommer
8c9ef8feb9 "Insert Media" dialog: Reposition separately (fixes #783)
FF21 and IE10 seem to propagate the DOM attribute changes differently
from Chrome: The dimensions can't be set in the same setOptions()
call through jQuery UI here. Fixed this by a separate setOption() call.
2013-06-24 16:13:29 +02:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
ARNHOE
6e7cae50fd Updated helplink to 3.1 2013-06-22 18:08:25 +02:00
Tom Densham
3596892001 FIX: GridField button styling
Remove all top/bottom margins from buttons and apply to GridFieldButtonRow component. Ensure that all buttons are added to a suitable GridFieldButtonRow in ModelAdmin, SecurityAdmin and Group.
2013-06-21 14:22:00 +01:00
Damian Mooyman
f47383f52e BUG Fixed issue where file upload via the HTML Editor media dialogue would not prompt users to overwrite existing files 2013-06-20 15:21:18 +12:00
Ingo Schommer
a4189a6744 Merge pull request #2117 from ohararyan/3.1
FIX make sure select dropdowns in add page dialog aren't cut off
2013-06-19 05:30:54 -07:00
Ingo Schommer
8769da5622 CMS UI: Resize iframe alongside dialog
Fixes regression from 9f600ada2c
2013-06-19 14:28:34 +02:00
Ingo Schommer
2160fb8000 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.js
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
	tests/control/ControllerTest.php
2013-06-19 14:03:43 +02:00
Ingo Schommer
94b4237372 Merge remote-tracking branch 'origin/3.1' 2013-06-19 11:17:33 +02:00
Sam Minnée
34287895ef Merge pull request #2099 from chillu/pulls/insert-media-tweaks
Various "Insert Media" dialog tweaks
2013-06-18 21:32:00 -07:00
Ryan O'Hara
36d9563da8 FIX make sure select dropdowns in add page dialog aren't cut off due to .parent-mode class having overflow:auto 2013-06-19 11:27:22 +12:00
Sam Minnée
8bf4d417c6 Merge pull request #2094 from chillu/pulls/dialog-sizing
Min/max constraints for CMS dialog
2013-06-18 14:56:41 -07:00
Sean Harvey
726e4c313e Merge pull request #2084 from chillu/pulls/cmsform
Handle ValidationException on CMS forms
2013-06-18 14:41:51 -07:00
Ingo Schommer
04c337dc82 Tab breadcrumbs floating (regression from #1778) 2013-06-17 01:26:04 +02:00
Ingo Schommer
939773643a Accessibility: Open main tabs by keyboard focus
Regression caused by jQuery UI 1.9 upgrae
2013-06-15 12:23:51 +02:00
Ingo Schommer
ad28a3adc2 Updated browser warning in CMS JS 2013-06-15 11:58:35 +02:00
Ingo Schommer
9e4a7c835f Accessibility: Visible focus rings 2013-06-15 11:52:02 +02:00
Ingo Schommer
5b651e4593 Only clear tab entries from window.sessionStorage 2013-06-15 11:16:11 +02:00
Ingo Schommer
be62c731f5 Compressed layout in "Insert Media" detail screen
- Same font size as other CMS UI
 - Smaller thumbnail height
 - Less label width and padding for file info
2013-06-15 10:13:45 +02:00
Ingo Schommer
6338b0b2d9 Reduced line height for form field help text 2013-06-15 10:13:45 +02:00
Ingo Schommer
4bc2f9bc0d Localization-resilient SCSS selector (fixes #1590) 2013-06-15 10:13:45 +02:00
Ingo Schommer
071f30ded7 Consistent dropdown styles between chosen.js and treedropdown
Removed trigger background. Incidentally this also makes it less
obvious that the trigger has too much padding on the right
(which I can't figure out ...)
2013-06-15 10:13:45 +02:00
Ingo Schommer
ea4f8cec07 Tighten "Insert Media" dialog layout
Reduce space usage to fit into typical dialog dimensions without scrolling
2013-06-15 10:13:44 +02:00
Ingo Schommer
1bd31c84f2 Reduced URL field width in "Insert Media" to avoid wrap
450px width are often not available to the dialog (with all margins/paddings subtracted from the window).
Ensure the URL doesn't cause an unnecessary wrap. Ideally we can size this to the dialog width
automatically of course.
2013-06-15 10:13:44 +02:00
Ingo Schommer
10a558c882 Hide "delete" button in "Insert Media" dialog 2013-06-15 10:13:44 +02:00
Ingo Schommer
3f295adbdd .field.noborder style, use it in "Insert Media" dialog 2013-06-15 10:13:43 +02:00
Will Rossiter
acf42e87c2 Merge pull request #2090 from chillu/pulls/tabs-float
Fixed Tab floating in CMS (fixes #1778)
2013-06-14 00:00:53 -07:00
Ingo Schommer
9f600ada2c Min/max constraints for CMS dialog 2013-06-13 20:03:16 +02:00
Ingo Schommer
3b40711b98 BUG Resize infinite loops in IE8 (fixes #575)
IE8 gets a bit confused and fires resize events
when element dimensions in the DOM are changed
as a result of a resize event, causing an infinite loop.
Apart from artificially throttling the event, the only solution
I've found is to check for actual window dimension changes.
http://stackoverflow.com/questions/12366315/window-resize-event-continually-fires-in-ie7?lq=1

This implicitly fixes an issue where TreeDropdownField panel isn't
accessible in the "Insert Media" popup, because the resize event happes
to be triggered by the popup overlay, and in effect closes the drop down
panel right after opening it.

Relating to the jQuery UI component, there's a host of issues and discussions around this, but no solution…
http://bugs.jquery.com/ticket/4097
http://bugs.jqueryui.com/ticket/4758
http://bugs.jqueryui.com/ticket/4065
http://bugs.jqueryui.com/ticket/7514
http://bugs.jqueryui.com/ticket/8881
https://groups.google.com/forum/?fromgroups#!topic/jquery-ui/fDSvwAKL6Go
http://www.mail-archive.com/jquery-ui@googlegroups.com/msg04839.html
2013-06-13 17:37:25 +02:00
Ingo Schommer
5ff69b98ab LeftAndMain.js: Fix 'X-Reload' for IE10 (fixes #647) 2013-06-13 15:17:14 +02:00
Ingo Schommer
d42cbdd613 Removed "Last visited" from admin/myprofile (fixes #648)
It doesn't make any sense in this context
2013-06-13 15:01:23 +02:00
Ingo Schommer
bfff11eb9c API New CMSForm class to allow validation responses in CMS (fixes #1777)
Thanks to @willmorgan for getting this discussion started
(see https://github.com/silverstripe/sapphire/pull/1814).
2013-06-13 07:51:05 +02:00
Robert Curry
6ca27cd257 Always load preview when in preview mode, not in edit mode 2013-06-13 07:45:05 +02:00
Robert Curry
a365759a0d Always load preview when in preview mode, not in edit mode 2013-06-13 11:31:57 +12:00
Ingo Schommer
65209a0ed5 AssetAdmin reset button and chosen.js (fixes #1640)
See https://github.com/harvesthq/chosen/issues/215
2013-06-13 00:45:59 +02:00
Ingo Schommer
98f8191dff Fixed Tab floating in CMS (fixes #1778)
Removed inline-block from header elements which seems
to cause the issues of tabs stacking on top of each other.
Replaced header background to work on multiline scenarios
Added bottom margin to breadcrumbs so they don't look cramped
when tabs are floated below them.

See https://github.com/silverstripe/silverstripe-framework/pull/1863,
https://github.com/silverstripe/silverstripe-framework/issues/1943,
https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/c-W-ZxDlDuA,
http://open.silverstripe.org/ticket/6882
2013-06-13 00:04:56 +02:00
Will Rossiter
358988e9c6 Merge pull request #2059 from adrexia/batch-actions
Batch actions styling
2013-06-03 19:14:13 -07:00
Will Rossiter
cc7a6eeaed Merge pull request #2060 from adrexia/preview
Preview Background styling
2013-06-03 19:00:02 -07:00
Naomi Guyer
aaa8bf0029 Preview Background styling
* Added background color to preview for sites that don't have a
background color (based on @clarkepaul's commit:
https://github.com/silverstripe-droptables/sapphire/commit/7750c8f75fc4a
764b384c6e19dbe543c4811cdcb)
2013-06-04 12:57:09 +12:00
Naomi Guyer
91605ca8ad Batch actions styling
* Removed cog icon (usually associated with settings), and tidied up
padding (based on @clarkepaul's commit:
https://github.com/silverstripe-droptables/sapphire/commit/b09cd5f7f8e73
4df1f7ca0d387a5b97a03a3b604)
2013-06-04 12:48:51 +12:00
Naomi Guyer
01e7bfb350 Filter notice styling and panel adjustments
* Based on @clarkepaul's commit here:
https://github.com/silverstripe-droptables/sapphire/commit/e5de6c06489f3
449ee8131bf4ee2a4e1b2380bee
* Kept margin adjustments, but avoided implementing tab changes, as
tabs have chnaged a lot since original commit
2013-06-04 12:11:05 +12:00
Ingo Schommer
e137d9e2f0 Merge pull request #2039 from g4b0/sitetree-edit-disabled
BUG: fixed "regression" adding a new class to SiteTree elem (edit-disabled)
2013-06-03 04:46:48 -07:00
Will Rossiter
db85f3ca16 FIX extra_requirements to accept non associative arrays.
Added unit tests for extra_requirements_js and extra_requirements_css.

Fixed YAML documentation to indicate list syntax.
2013-06-02 13:37:34 +12:00
Ingo Schommer
5a1d476e8d Merge branch 'idvalidattr' of git://github.com/wilr/sapphire into wilr-idvalidattr 2013-05-31 19:27:19 +02:00
Sam Minnee
4548b67538 NEW: Add LeftAndMain.session_keepalive_ping config option.
The Session-keepalive ping that is built into LeftAndMain (i.e. all of the CMS admin) can now be
turned off.  The main reason you would want to do this is if you have enabled Session.timeout,
and you want users to be locked out of the CMS after a period.
2013-05-31 16:27:30 +12:00
g4b0
7bcaf90e2a BUG: fixed "regression" inserted with 9281ebc64764a58f86f685f9765e1d8b60995e5a adding a new class to SiteTree elem (edit-disabled) 2013-05-30 17:09:34 +02:00
Sam Minnee
f1e567eb93 NEW: More helpful message for 'sake dev/build' on new envs.
This change alters the no-db message on cli execution to give a bit more of a helpful set-up instruction.
The main motivation for this is so that composer can be set to run dev/build on post-install and post-update.

With that feature added, this will ensure that users installing with composer create-project won't be left
in the dark.

An improvement on this would be a shell script that interactively asked for details to populate this file
with, but one step at a time.
2013-05-30 16:49:43 +12:00
Sean Harvey
a29c51d2db Merge pull request #2032 from phptek/bug/revert-9741d1
BUGFIX: Removed regression introduced in 9741d1.
2013-05-29 21:13:22 -07:00