Daniel Hensby
0f2049d4d4
[SS-2017-008] Fix SQL injection in search engine
2017-11-21 14:45:36 +00:00
Damian Mooyman
a73f75ccc5
Merge pull request #7613 from dhensby/pulls/3.5/phpunit-loosen-constraint
...
Loosen PHPUnit constraints
2017-11-20 13:58:20 +13:00
Daniel Hensby
36bb28a41d
Loosen PHPUnit constraints
2017-11-17 11:48:24 +00:00
Loz Calver
13b02feed7
Merge pull request #7602 from dhensby/pulls/3.5/fix-filter-any-inner-join
...
FIX ManyMany link table joined with LEFT JOIN
2017-11-16 13:48:07 +00:00
Daniel Hensby
c96ed89cbe
Merge pull request #7607 from patricknelson/issue-7606-svg-image-tags
...
FIX: Prevent crash when saving page with <img> that has an SVG source.
2017-11-16 12:12:49 +00:00
Daniel Hensby
ce3fd370fb
FIX ManyMany link table joined with LEFT JOIN
2017-11-16 12:11:16 +00:00
Daniel Hensby
29e57d8015
Merge pull request #7608 from bummzack/patch-1
...
Fix HTTP::get_mime_type with uppercase filenames.
2017-11-16 11:48:11 +00:00
Daniel Hensby
4f3deb13e0
TEST filterAny on many_many relations return correct items
2017-11-16 11:10:12 +00:00
Patrick Nelson
52f0eadd3b
FIX for #7606 : Ensure the object we're handling is actually an Image instance before calling methods specific to that class (e.g. in case of using SVG's in <img> tag which may be File instances).
2017-11-16 11:08:06 +00:00
Daniel Hensby
3d3096485b
TEST Uppercase file extensions return correct mime type
2017-11-16 11:01:25 +00:00
Roman Schmid
dda14e8959
Fix HTTP::get_mime_type with uppercase filenames.
...
The fallback of `HTTP::get_mime_type` (that uses a lookup instead of `finfo`) doesn't ensure the extension is converted to lowercase before the lookup. A file named `Image.JPG` will return `'application/unknown'`.
This change fixes this issue.
2017-11-16 10:56:34 +00:00
Damian Mooyman
ef86b16854
Merge pull request #7514 from dhensby/pulls/3.5/composer-autoload
...
Add composer autloading to v3
2017-11-02 11:41:35 +13:00
Chris Joe
a3351589e6
Merge pull request #7118 from phptek/issue/7116
...
FIX: Fixes #7116 Improves server requirements docs viz: OpCaches.
2017-10-26 11:05:47 +13:00
Russell Michell
00f1ad5d69
FIX: Fixes #7116 Improves server requirements docs viz: OpCaches.
2017-10-26 09:22:07 +13:00
Daniel Hensby
cbac375590
FIX Helpful warning when phpunit bootstrap appears misconfigured
2017-10-25 17:48:35 +01:00
Daniel Hensby
32cef975ef
FIX Use self::inst() for Injector/Config nest methods
2017-10-25 17:48:35 +01:00
Daniel Hensby
8aad080516
Add composer autoloading support to 3.x
2017-10-25 17:48:34 +01:00
Damian Mooyman
59cc45565b
Merge pull request #7503 from andrewandante/patch-4
...
Spelling in DataQueryTest
2017-10-24 12:04:41 +13:00
Andrew Aitken-Fincham
c4a50a3d10
Spelling in DataQueryTest
2017-10-20 12:00:35 +01:00
Damian Mooyman
2b09216b0c
Merge pull request #7270 from robbieaverill/pulls/3.6/fix-trailing-period-on-duplicate-folder-name
...
FIX Files without extensions (folders) do not have a trailing period added
2017-10-18 10:26:05 +13:00
Robbie Averill
2f579b64cb
FIX Files without extensions (folders) do not have a trailing period added
2017-10-18 09:25:27 +13:00
Damian Mooyman
7f5ca56e36
Merge pull request #7455 from dhensby/pulls/fix-circular-ref-issue
...
FIX Dont use var_export for cache key generation
2017-10-10 10:16:16 +13:00
Daniel Hensby
264cec1239
FIX Dont use var_export for cache key generation as it fails on circular references
2017-10-09 10:13:39 +01:00
Daniel Hensby
f745442a55
Merge tag '3.5.5' into 3.5
...
Release 3.5.5
2017-09-28 17:16:31 +01:00
Daniel Hensby
393d1a9be6
Added 3.5.5 changelog
2017-09-28 15:37:07 +00:00
Daniel Hensby
6e78b9f8d2
Merge pull request #7406 from NightJar/patch-2
...
Fix ArrayList sort error with old (supported) PHP
PHP 5.3 at least (the reported and tested against version) requires arguments to `call_user_func_array` to be passed by reference. There exists a note as a comment in the code, but was unfortunately overlooked in a previous commit to fix case sensitive sorting 4998b80#diff-6ba746c3d31fd6b4c4a99d7efe35eb21L442
To solve this issue we simply first assign the constant to a variable, so we can then pass that by reference. This has no functional impact, however fixes an issue for users locked in to old PHP versions which we still list as supported (https://docs.silverstripe.org/en/3/getting_started/server_requirements/#web-server-software-requirements ).
2017-09-28 15:46:38 +01:00
Dylan Wagstaff
ebe1de8d8b
Fix ArrayList sort error with old (supported) PHP
...
PHP 5.3 at least (the reported and tested against version) requires arguments to `call_user_func_array` to be passed by reference. There exists a note as a comment in the code, but was unfortunately overlooked in a previous commit to fix case sensitive sorting 4998b80445 (diff-6ba746c3d31fd6b4c4a99d7efe35eb21L442)
To solve this issue we simply first assign the constant to a variable, so we can then pass that by reference. This has no functional impact, however fixes an issue for users locked in to old PHP versions which we still list as supported (https://docs.silverstripe.org/en/3/getting_started/server_requirements/#web-server-software-requirements ).
2017-09-28 15:29:54 +01:00
Daniel Hensby
1209b2ae13
Added 3.5.5-beta2 changelog
2017-09-20 13:41:04 +00:00
Daniel Hensby
72702dbd50
Merge pull request #43 from silverstripe-security/pulls/3.5/member-enumeration-timing-attack
...
[SS-2017-005] User enumeration via timing attack mitigated
2017-09-20 11:39:39 +01:00
Daniel Hensby
6b198336a8
Merge pull request #44 from silverstripe-security/patch/3.5/authenticator-fix
...
FIX Authenticators are more resilient to incomplete configuration
2017-09-20 11:38:38 +01:00
Daniel Hensby
f0262a8fd9
[SS-2017-005] User enumeration via timing attack mitigated
2017-09-20 11:33:22 +01:00
Daniel Hensby
1f256cf2d2
Added 3.5.5-beta1 changelog
2017-09-19 15:25:41 +00:00
Matthias Schelling
eacfe280c1
TreeDropdownField: replace onadd by onmatch
...
Makes TreeDropdownField work in situations where it's moved around in the DOM (e.g. when inside a drag'n'drop container)
2017-09-15 12:02:18 +01:00
Daniel Hensby
091d99f599
FIX Authenticators are more resilient to incomplete configuration
2017-09-12 15:57:03 +01:00
Damian Mooyman
c0003bca3d
Merge pull request #7319 from open-sausages/pulls/3.5/no-combining-requirements
...
Fix add combinedFiles to clear logic - ss3
2017-08-29 13:47:52 +12:00
Christopher Joe
7b200a2a64
Fix add combinedFiles to clear logic
2017-08-29 12:57:41 +12:00
Daniel Hensby
9d2503c3da
Merge pull request #7274 from PapaBearNZ/patch-1
...
Fix Truncate Error Issue when using views in a Unittest.
2017-08-25 11:51:36 +01:00
Damian Mooyman
7ad081a20b
Merge pull request #7288 from dhensby/pulls/3.5/write-no-change-edit
...
FIX Don't update LastEdited on skipped writes
2017-08-17 15:09:03 +12:00
Daniel Hensby
eb80a5f9e8
FIX LastEdited no longer updated on skipped writes
2017-08-16 23:39:22 +01:00
Daniel Hensby
1ae07ac2a3
TEST Prove LastEdited is updated when no changes are made
2017-08-16 22:26:47 +01:00
James Pluck
b04a1ab41c
Fix Truncate Error Issue when using views in a Unittest.
...
When using a view in a SilverStripe project, whenever the tear down scripts for the Unittests are run the following error occurs:
Couldn't run query:
TRUNCATE "ActivityPoints_view"
Table 'ss_tmpdb2391727.ActivityPoints_view' doesn't exist
This was due to the MySQLSchemaManager::tableList() function assuming that all records in the TABLES were actual tables containing data.
This small tweak fixes the issue by modifying the SQL to filter out views from the list before truncating.
2017-08-14 15:22:19 +12:00
Damian Mooyman
69451790d6
Merge pull request #7224 from dhensby/pulls/3.5/spyc-composer
...
Move spyc dependency to composer
2017-08-02 16:19:00 +12:00
Daniel Hensby
6494bc820c
Move spyc dependency to composer
2017-07-28 13:35:30 +01:00
Damian Mooyman
9b378d8c08
Merge pull request #7213 from dhensby/pulls/3.5/fix-small-htmlfield
...
FIX Avoid JS errors for HTMLEditorFields in small holders
2017-07-28 13:25:31 +12:00
Daniel Hensby
2e34730d3d
Merge pull request #7211 from kinglozzer/migrate-legacy-hashes-config
...
Fix: Use Config API for MemberAuthenticator::$migrate_legacy_hashes (fixes #7208 )
2017-07-26 11:21:51 +01:00
Daniel Hensby
31c5eebda0
FIX Avoid JS errors for HTMLEditorFields in small holders
2017-07-26 11:20:00 +01:00
Loz Calver
82c0632f46
Fix: Use Config API for MemberAuthenticator::$migrate_legacy_hashes ( fixes #7208 )
2017-07-26 09:54:29 +01:00
Daniel Hensby
ba8c149b78
Stay on travis precise dist for now
2017-07-25 16:02:02 +01:00
Chris Joe
3e8b636dc9
Merge pull request #6942 from open-sausages/pulls/3.4/fix-gridfield-state
...
BUG Ensure GridState_Component is added to GridField config
2017-07-21 10:54:07 +12:00
Klemen Dolinsek
3dd3036792
BUG Ensure GridState_Component is added to GridField config even if we set config with GridField::setConfig
...
Fixes #6886
2017-07-21 10:32:13 +12:00