Damian Mooyman
d8fd64c3e2
[ss-2015-016]: Fix XSS in install.php
2015-09-08 10:08:28 +12:00
Daniel Hensby
9e600e9e0c
Removing redundant var declaration
2015-02-16 07:56:04 +00:00
zauberfisch
eb98b003b7
Fixed looking for _ss_environment.php in root dir and removed redundant code
2015-02-13 23:30:29 +00:00
Corey Sewell
1262115359
Fix #3794
...
Fix #3794
2015-01-20 13:21:12 +13:00
Corey Sewell
fbebf96d66
Add detection for PHP running in CGI mode and add HTTP_AUTHORIZATION rewrite rule
...
Detect and parse HTTP_AUTHORIZATION for basic authentication running PHP in CGI mode
Add comments about using CGI mode with Apache and Basic Auth in /docs/en/topics/environment-management.md
Added notes to docs/en/changelogs/3.1.9.md
2014-12-05 11:35:52 +13:00
Ingo Schommer
5babab81ee
Improve .htaccess commenting
...
Done alongside improvements of the execution-pipeline.md docs.
Installer comment taken from d5723f7.
2014-11-15 14:41:50 +13:00
Sean Harvey
8cf99b9bec
Fixing inconsistent use of RewriteRule in docs and install.php5
...
It currently doesn't match the .htaccess that comes with a checkout of
silverstripe-installer.
2014-08-18 10:55:47 +12:00
Simon Welsh
b9ae401772
Don't block rewriting .php URLs
2014-08-16 22:08:52 +10:00
Stevie Mayhew
a261f223e4
BUG Delete Character \x01
2014-04-11 14:51:52 +12:00
Simon Welsh
7ee70cec0b
Merge pull request #2778 from grooverdan/patch-1
...
Update install.php5 - error handling on getDatabaseConfigurationHelper
2014-03-15 21:17:30 +13:00
Damian Mooyman
0cbad41d3b
Rewrote usages of error suppression operator
2014-03-05 15:48:55 +13:00
Daniel Black
fb12d1ee37
Update install.php5
...
Defaulting to MySQL here is really dumb. There is an explicit type as an argument so falling back to mysql could result in "I couldn't write to path ....db" despite the real error that the include of the sqlite3/code/SQLiteDatabaseConfigurationHelper.php failed for some reason.
Other uses of getDatabaseConfigurationHelper also need a similar error handler.
2014-01-14 13:07:09 +11:00
websTTer
cd3cc1b923
Fix installer isIIS() to include IIS versions greater than 7.
2013-11-18 14:34:32 +13:00
Sean Harvey
fd2e7c1dd3
Use getTempFolder() from core when checking for temp in installer.
...
Fix for issue #2420 . Instead of using custom temp folder discovery
code in the installer, use the core getTempFolder() instead.
2013-11-01 13:53:53 +13:00
Stephen Shkardoon
d2360ec8aa
MINOR typo where display_errors wasn't checked properly
2013-10-23 22:00:05 +13:00
zauberfisch
48049647d8
formatted install.php5 according to SilverStripe coding conventions (spaces)
2013-10-16 21:17:22 +01:00
zauberfisch
0b4c3946ff
formatted install.php5 according to SilverStripe coding conventions (tabs instead of spaces, no 1 line if with else, ...)
2013-10-16 21:11:06 +01:00
zauberfisch
c4810b8e0f
changed install.php5 to respect line length limit according to SilverStripe coding conventions
2013-10-16 21:00:20 +01:00
zauberfisch
e357fa298e
suggest that arg_separator.output to be &, if set to something else it may result in issues with url parameters
2013-10-16 20:37:15 +01:00
Ingo Schommer
c05b7c2c8f
Installer regression from dd49834
2013-10-16 11:28:33 +02:00
Ingo Schommer
795d3e4b3b
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
dev/install/install.php5
docs/en/index.md
tests/core/CoreTest.php
2013-10-07 16:18:20 +02:00
Sean Harvey
dd49834b9e
BUG Fixing installer not checking display_errors correctly.
...
Fixes issue #2479 . Installer sets display_errors on, but it checks
the changed value and not the original one set in php.ini.
2013-10-04 10:05:28 +13:00
Ingo Schommer
afe06661ef
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
admin/templates/Includes/LeftAndMain_Menu.ss
admin/templates/Includes/ModelAdmin_ImportSpec.ss
admin/templates/Includes/ModelAdmin_Tools.ss
admin/templates/LeftAndMain.ss
admin/templates/ModelSidebar.ss
i18n/i18n.php
templates/ComplexTableField.ss
templates/ComplexTableField_popup.ss
templates/FileIFrameField_iframe.ss
templates/Includes/GridFieldItemEditView.ss
templates/Includes/TableListField_PageControls.ss
templates/RelationComplexTableField.ss
templates/TableField.ss
templates/TableListField.ss
2013-08-07 17:14:47 +02:00
Ingo Schommer
b159284c6c
Fixed "session started" error on install.php
2013-08-07 16:28:54 +02:00
Hamish Friedlander
2110493466
Merge branch '3.0' into 3.1
2013-08-07 09:43:52 +12:00
Hamish Friedlander
a685a8dee9
FIX Include flushtoken when install redirects to successfullyinstalled
2013-08-02 11:00:26 +12:00
Ingo Schommer
5d97f615ce
Merge remote-tracking branch 'origin/3.0' into 3.1
2013-05-31 17:52:24 +02:00
Simon Welsh
e90012787d
Merge branch 'hackfest_may_2013' of https://github.com/NightJar/sapphire into 3.1
...
Conflicts:
docs/en/changelogs/3.1.0.md
2013-05-25 20:07:54 +12:00
Nightjar
5ec8158977
Check that Webserver is not Apache/1.x in light of installer assets/.htaccess alterations
2013-05-25 20:03:36 +12:00
Sam Minnée
f6fbd78cd9
Merge pull request #1786 from colymba/3.0-htaccess-fix
...
vendor folder is blocked only if outside themes
2013-05-24 23:50:41 -07:00
Stephen Shkardoon
aa3699ff0a
Deprecate magic_quotes and fix bad install opts
...
Change the in_array call to not do bad things with strict casting off
Add a deprecated message if you run with magic_quotes on
Change the requirement for magic_quotes to an error
2013-05-25 12:42:52 +12:00
Daniel Hensby
ac989cc3c0
Regression due to previous patch
...
Fixing installer regression due to patch #1972
2013-05-24 15:29:39 +01:00
Daniel Hensby
bc9567c9ef
FIX Environment file finder logic
...
Fixing the logic that searches for environment files so that warnings
due to open_basedir are suppressed and both the 'realdir' and the server
path are spidered for the environment file.
2013-05-22 14:35:33 +01:00
Daniel Hensby
9a6a6ec75d
Arbitrary placement of _ss_environment.php in parent folders
...
Removes hardcoding to three levels
2013-05-14 13:39:43 +02:00
Ingo Schommer
8c9dd02d73
Merge pull request #1876 from wilr/open6449
...
Suggest users install curl, tidy on their machines.
2013-05-12 14:21:50 -07:00
Zauberfisch
6f11f92f5b
Reverted 9a52dae207
& ed19bbc3ba
2013-05-11 18:50:02 +00:00
Will Rossiter
e56abaca4f
Suggest users install curl, tidy on their machines.
2013-05-11 18:31:02 +12:00
Will Rossiter
22e8ba6ff6
FIX: Check for POST support in installer
...
Also two minor fixes for Web server configuration
* Prevent notice on unsupported setups.
* Show successful message.
Conflicts:
dev/install/install.php5
2013-05-08 22:51:27 +12:00
colymba
41c0f8080e
FIX Only block root vendor folder
...
Use RewriteRule instead to take in account any subfolder via RewriteBase. Deny ss-cache and composer via RewriteRule too.
2013-04-27 16:03:35 +03:00
Ingo Schommer
9856fcef21
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
javascript/DateField.js
model/DataQuery.php
model/Versioned.php
tests/forms/RequirementsTest.php
tests/model/DataObjectLazyLoadingTest.php
view/Requirements.php
2013-04-09 14:45:35 +02:00
Ingo Schommer
9a52dae207
Removed LOLCAT locale from installer ( fixes #1457 )
2013-04-04 11:18:40 +02:00
Sean Harvey
a99c829ed1
Ensure composer files aren't accessible using IIS
2013-04-03 15:59:14 +13:00
Ingo Schommer
3334eafcb1
API Marked statics private, use Config API instead ( #8317 )
...
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Simon Welsh
7ce010928d
Merge pull request #1327 from ss23/patch-2
...
BUG Database config values aren't escaped
2013-03-23 12:16:13 -07:00
Stephen Shkardoon
9b9f367e93
BUG Database config values aren't escaped
...
Causes minor UI issues if you try use database configuration values that happen to have " or other values in them.
2013-03-24 01:05:33 +13:00
Stephen Shkardoon
f27410c257
Missing closing <a> tag in installer
2013-03-24 00:06:54 +13:00
Hamish Friedlander
7efae6b95f
Merge remote-tracking branch 'origin/3.0' into 3.1
2013-02-18 14:31:57 +13:00
Ingo Schommer
ede381326b
BUG Secure composer files from web access ( fixes #8011 )
...
Already applied to root .htaccess, but required for dynamically
generated file from installer as well. Also added upgrade instructions.
2013-02-17 22:33:04 +01:00
Ingo Schommer
634c91c6ff
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
email/Mailer.php
2013-01-30 12:46:24 +01:00
Hamish Friedlander
bec5ae1886
Include code to block yaml files in installer generated .htaccess
2013-01-29 14:20:12 +13:00