tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-09-29 12:49:06 +02:00
Code Issues Projects Releases Wiki Activity
14,131 Commits 30 Branches 526 Tags 158 MiB
61e4055bdb
Commit Graph

2508 Commits

Author SHA1 Message Date
Daniel Hensby
61e4055bdb
[SS-2016-010] FIX Cast FormField values as Text to prevent readonly fields embeding rogue HTML 2016-11-14 10:38:15 +00:00
Damian Mooyman
62a242154e [ss-2016-015] Fix value / title escaping in CheckboxSetField and OptionsetField 2016-08-15 13:24:06 +12:00
Daniel Hensby
c11ac5d248 Merge pull request #4162 from kinglozzer/pulls/object-parse-class-spec 
FIX: Object::parse_class_spec failed to parse associative arrays
 2016-06-28 16:07:12 +01:00
Hamish Friedlander
d350aa4153 Merge pull request #5555 from open-sausages/pulls/3.1/fix-display-errors 
BUG Fix suppression of display_errors in ErrorControlChain
 2016-05-18 16:04:57 +12:00
Damian Mooyman
62bd26d11a BUG Fix suppression of display_errors in ErrorControlChain 2016-05-18 13:36:54 +12:00
Loz Calver
5b275376d3
Many many bug 2016-05-12 12:38:04 +01:00
Daniel Hensby
dd554d883f
Proving bug with Deep nested many_many relations 
When adding a filter to a many_many with a shared inheritance, the FROM table is removed and added as a LEFT JOIN which causes a syntax error.

This means `$dataList->filter('ManyManyRel.ID', array(1,2))` doesn't work.
 2016-05-12 12:38:02 +01:00
Damian Mooyman
b612c0549d Merge 3.1.19 into 3.1 2016-05-11 13:15:10 +12:00
Daniel Hensby
971d561633
Allow ManyManyListTest to run standalone 2016-05-10 15:24:07 +01:00
Daniel Hensby
f32c893546
[SS-2016-005] FIX Apply brute force protection to default admin 2016-04-19 23:20:29 +01:00
Damian Mooyman
6ec2656201 BUG fix ErrorControlChain causing errors to be displayed if display_errors in php.ini is false 
Fixes #5250
 2016-04-01 11:04:06 +13:00
Daniel Hensby
817b836870 FIX getIP from behind a load-balancer that adds many IPs to the header 2016-03-01 21:07:48 +00:00
Damian Mooyman
013524af50 [ss-2016-002] Ensure Gridfield actions respect CSRF 2016-02-24 11:47:15 +13:00
Daniel Hensby
4335d8ed22 FIX Members with no ID inherit logged in user permission 2016-01-05 08:16:18 +00:00
Christopher Darling
e9b833f5f0 FIX: ConfirmedPassword field correctly reports mismatching passwords 
added testFormValidation to prove #4780
 2015-11-20 15:56:27 +00:00
Damian Mooyman
245e0aae2f [ss-2015-026]: BUG Fix FormField error messages not being encoded safely 2015-11-11 17:50:02 +13:00
Ingo Schommer
ac4342d81d [ss-2015-022]: XML escape RSSFeed $link parameter 2015-11-11 17:46:39 +13:00
Damian Mooyman
97f21fddb3 [ss-2015-021] Fix rewrite hash links XSS 2015-11-11 17:46:27 +13:00
Damian Mooyman
7367cf54c4 [ss-2015-020]: Prevent possible Privilege escalation 2015-09-10 13:01:24 +12:00
Will Morgan
17e97babf1 Merge pull request #4549 from kinglozzer/pulls/recursion-arraylist-sort 
FIX: Recursion errors when sorting objects with circular dependencies (fixes #4464)
 2015-09-01 16:42:17 +01:00
Loz Calver
0943b3b1a0 FIX: Recursion errors when sorting objects with circular dependencies (fixes #4464) 2015-09-01 09:37:06 +01:00
Ingo Schommer
28554dbe94 Merge pull request #4504 from dhensby/pulls/fields-fix 
When loading data into a form, make sure its using ALL fields
 2015-08-28 08:38:49 +12:00
Daniel Hensby
cffb11e568 TEST Ensure data is loaded into complete FieldList 2015-08-27 17:56:22 +01:00
Daniel Hensby
2d4b743090 FIX Members can access their own profiles in CMS 2015-08-26 15:47:51 +01:00
Loz Calver
99a8a81e9a Fix issues with tests and "subfolder" URLs 2015-08-25 11:49:01 +12:00
Daniel Hensby
6eede57ff2 Fix issue where Access All CMS Sections doesnt work 2015-08-20 22:30:43 +01:00
Loz Calver
687de33d0d Ensure ClassInfo is backwards compatible with non-existant classes 2015-08-04 15:07:07 +01:00
Daniel Hensby
ffbeac6b7d Ensuring classinfo is case insensitive 2015-07-28 11:17:50 +01:00
Daniel Hensby
5f0d0ab66a Merge pull request #4155 from kinglozzer/pulls/getfiletype-case 
FIX: File::getFileType() was case sensitive (fixes #3631)
 2015-07-28 00:13:26 +01:00
Russell
51722e3d12 DataObject accept arrays or stdClass 
The constructor of DataObject can take an array or stdClass for $record.
However, it is access as an array [here](https://github.com/silverstripe/silverstripe-framework/blob/3.1/model/DataObject.php#L416) and [here](https://github.com/silverstripe/silverstripe-framework/blob/3.1/model/DataObject.php#L431)

This pull request ensures $record is an array after validation
 2015-07-27 10:29:34 +01:00
Sam Minnée
532bf6ccb9 Merge pull request #3554 from tractorcow/pr/3179 
FIX: FulltextFilter did not work and was not usable
 2015-07-22 11:29:57 +12:00
Sam Minnée
40e9515233 Merge pull request #4053 from tractorcow/pulls/3.1/fix-stringfield-exists 
BUG Fix default casted (boolean)false evaluating to true in templates
 2015-07-22 11:26:49 +12:00
Damian Mooyman
a556b4854a BUG Fix of multiple i18nTextCollector issues: #3797, #3798, #3417 2015-07-09 10:45:08 +12:00
Hamish Friedlander
f5d6f20113 Merge pull request #4333 from sminnee/shortcode-fix 
Allow shortcodes inside script tags. Fixes #4332.
 2015-06-25 14:51:03 +12:00
Sam Minnee
6d05c57881 Ensure that shortcodes inside script tags are parsed. Fixes #4332. 
The problem is that the marker images aren’t picked up by DOMDocument
if they are inserted into a <script> tag, due to the semantics of HTML.

This fix does an additional replacement after the marker images are
replaced in this way to pick up any leftover tags.
 2015-06-22 11:29:12 +01:00
Daniel Hensby
aa3871d716 Merge pull request #4306 from gregsmirnov/pulls/3.1/fixed-datetimefield-setname-issue-4305 
Issue #4305: fixed DatetimeField::setName()
 2015-06-18 22:10:13 +01:00
Gregory Smirnov
5b22e3afc5 Test TimeField value at 12:00 am 2015-06-18 18:53:44 +02:00
Gregory Smirnov
66b1dd9154 Issue 4305: fixed DatetimeField::setName() 2015-06-18 18:36:02 +02:00
Damian Mooyman
0653ba9630 Merge pull request #3979 from dhensby/pulls/test-nest 
Nest and unnest Config and Controller for each test
 2015-06-17 16:04:27 +12:00
Daniel Hensby
6169bf2760 FIX No longer caching has_one after ID change 2015-06-16 17:38:34 +01:00
Damian Mooyman
7ff131daa7 BUG Fix default casted (boolean)false evaluating to true in templates 2015-06-12 15:47:15 +12:00
Damian Mooyman
782c4cbf6f API Enable single-column fulltext filter search as fallback 2015-06-12 15:36:03 +12:00
micmania1
40c5b8b675 FIX FulltextFilter did not work and was not usable 2015-06-12 15:31:45 +12:00
Loz Calver
28be51cab0 FIX: Config state leaking between unit tests 2015-06-11 16:37:26 +01:00
Daniel Hensby
3ee5b24898 Nest and unnest Config and Controller for each test and test suite 2015-06-11 16:37:25 +01:00
Daniel Hensby
c062670ba3 Removing unreachable test line 2015-06-09 16:01:33 +01:00
Damian Mooyman
b42ddd107c Merge pull request #3499 from colymba/ie-multi-file-upload-fix 
FIX #3458 iframe transport multi file upload FIX #3343, FIX #3148
 2015-06-09 13:22:10 +12:00
Ingo Schommer
dac1b5818b Merge pull request #4217 from tractorcow/pulls/3.1/fix-directortest 
BUG Fix DirectorTest failing when run with sake
 2015-06-01 17:34:26 +12:00
Damian Mooyman
e733efa195 Merge pull request #4206 from gregsmirnov/pulls/localised-moneyfield-fix 
BUG Fixed handling of numbers in certain locales
 2015-05-29 09:21:43 +12:00
Damian Mooyman
50e33b8e5e Merge remote-tracking branch 'origin/3.1.13' into 3.1 2015-05-28 19:08:12 +12:00