Will Rossiter
|
63d2971158
|
BUGFIX: check the search var exists before replacing the default value
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114811 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-11 00:57:11 +00:00 |
|
Will Rossiter
|
9f6e3c9162
|
ENHANCEMENT: added requireDefaultRecords. PATCH via fragarach (#6133)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114810 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-11 00:45:05 +00:00 |
|
Ingo Schommer
|
ae2311bcd6
|
BUGFIX Removed switch in MySQLDatabase->query() to directly echo queries with 'showqueries' parameter when request is called via ajax
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114782 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-09 23:26:22 +00:00 |
|
Ingo Schommer
|
43debfafe9
|
BUGFIX Disallow web access to sapphire/silverstripe_version to avoid information leakage
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114773 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-09 22:53:24 +00:00 |
|
Ingo Schommer
|
4b2c64c843
|
BUGFIX Avoid potential referer leaking in Security->changepassword() form by storing Member->AutoLoginHash in session instead of 'h' GET parameter
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114758 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-09 21:18:49 +00:00 |
|
Ingo Schommer
|
e4a786eb1a
|
MINOR Setting Content-Type to text/plain in various error responses for RestfulServer
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114750 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-09 08:40:28 +00:00 |
|
Ingo Schommer
|
f61a307486
|
MINOR Reverting Member "AutoLoginHash", "RememberLoginToken" and "Salt" to their original VARCHAR length to avoid problems with invalidated hashes due to shorter field length
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114748 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-09 08:17:35 +00:00 |
|
Ingo Schommer
|
674d8e0f4a
|
MINOR Reduced VARCHAR length from 1024 to 40 bytes, which fits the sha1 hashes created by RandomGenerator. 1024 bytes caused problems with index lengths on MySQL
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114743 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-09 05:48:33 +00:00 |
|
Ingo Schommer
|
1222b4d146
|
ENHANCEMENT 'bypassStaticCache' cookie set in Versioned is limited to httpOnly flag (no access by JS) to improve clientside security
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114568 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-06 00:29:20 +00:00 |
|
Ingo Schommer
|
562eeee790
|
ENHANCEMENT Session::start() forces PHPSESSID cookies to be httpOnly (no access by JS) to improve clientside security
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114567 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-06 00:28:27 +00:00 |
|
Ingo Schommer
|
ead9dce351
|
MINOR Documentation in SS_Cache
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114551 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 19:46:21 +00:00 |
|
Sam Minnee
|
df08da0f49
|
MINOR: Blocking unnecessary revisions
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114550 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:46:15 +00:00 |
|
Sam Minnee
|
51ee52c7ab
|
BUGFIX Using RandomGenerator class in SecurityToken->generate() for more random tokens (from r114500)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114549 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:45:42 +00:00 |
|
Sam Minnee
|
6de3e90527
|
FIX: Revert last commit (from r114464)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114548 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:45:20 +00:00 |
|
Sam Minnee
|
aaf56e190f
|
FIX: Revert last commit (from r114463)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114547 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:44:37 +00:00 |
|
Sam Minnee
|
8638221adb
|
MINOR: Added exception handling if ClassName is null in search results (from r114454)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114546 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:44:20 +00:00 |
|
Sam Minnee
|
1fc8bef1ce
|
BUGFIX Including template /lang folders in i18n::include_by_locale() (implementation started in r113919) (from r114208)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114545 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:43:38 +00:00 |
|
Sam Minnee
|
b34286caab
|
MINOR Reverted r108515 (from r114079)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114544 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:43:10 +00:00 |
|
Sam Minnee
|
05d6df2193
|
MINOR Fixed php tag in SecurityTokenTest, should be "<?php" not "<?" (from r114016)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114543 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:41:38 +00:00 |
|
Sam Minnee
|
312c7aec07
|
BUGFIX #6201 Use of set_include_path() did not always include sapphire paths in some environments (from r113976)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114542 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:40:28 +00:00 |
|
Sam Minnee
|
e340ccb1ad
|
MINOR Fixed PHP strict standard where non-variables cannot be passed by reference (from r113968)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114541 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:39:31 +00:00 |
|
Sam Minnee
|
edc7a46d21
|
MINOR Fixed spaces with tabs in Core (from r113924)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114540 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:37:31 +00:00 |
|
Sam Minnee
|
567c0b4939
|
MINOR Fixed spaces with tabs for Core::getTempFolder() (from r113923)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114539 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:37:15 +00:00 |
|
Sam Minnee
|
68747773ae
|
MINOR Updated cs_CZ and sk_SK translations in sapphire/javascript (fixes #6085, thanks Pike) (from r113690)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114538 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:36:57 +00:00 |
|
Sam Minnee
|
b7777cd67d
|
BUGFIX ErrorPage::requireDefaultRecords() case where no assets directory causes an fopen() error. Ensure assets directory is created before attempting to write error page files (from r113590)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114537 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:36:05 +00:00 |
|
Sam Minnee
|
a2475141c6
|
MINOR Fixed output spelling mistake and formatting in SapphireTest::delete_all_temp_dbs() (from r113450)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114536 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:35:48 +00:00 |
|
Sam Minnee
|
400157c8bf
|
MINOR Fixed RSSFeedTest which should put test configuration code into setUp() and tearDown() methods. If the test fails halfway through, these will get called to clean up the state (from r113430)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114535 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:35:33 +00:00 |
|
Sam Minnee
|
1a3897ab1a
|
ENHANCEMENT Validation for uploaded files (from r113420)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114534 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:35:06 +00:00 |
|
Sam Minnee
|
c24ed58d2d
|
BUGFIX Better checking of file validity (#6093) Thanks Pigeon (from r113419)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114533 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:34:42 +00:00 |
|
Sam Minnee
|
100e50c700
|
BUGFIX Ensure that SearchForm searchEngine() call properly escapes the Relevance field for ANSI compliance (from r113295)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114532 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:30:51 +00:00 |
|
Sam Minnee
|
854e0e30b4
|
ENHANCEMENT Added Form->enableSecurityToken() as a counterpart to the existing disableSecurityToken() (from r113284)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114531 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:30:32 +00:00 |
|
Sam Minnee
|
770281b65c
|
BUGFIX Clear static marking caches on Hierarchy->flushCache() (from r113277)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114530 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:26:40 +00:00 |
|
Sam Minnee
|
38601b96f8
|
BUGFIX Fixed ComplexTableField and TableListField GET actions against CSRF attacks (with Form_SecurityToken->checkRequest()) (from r113276)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114529 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:26:03 +00:00 |
|
Sam Minnee
|
5c0b2182ae
|
API CHANGE Added security token to TableListField->Link() in order to include it in all URL actions automatically. This ensures that field actions bypassing Form->httpSubmission() still get CSRF protection (from r113275)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114528 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:24:58 +00:00 |
|
Sam Minnee
|
c63b00f92a
|
MINOR Using SecurityToken in ViewableData->getSecurityID() (from r113274)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114527 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:24:37 +00:00 |
|
Sam Minnee
|
3f8a0ede40
|
BUGFIX Using current controller for MemberTableField constructor in Group->getCMSFields() instead of passing in a wrong instance (Group) (from r113273)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114526 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:24:12 +00:00 |
|
Sam Minnee
|
9ec31acacb
|
ENHANCEMENT Added SecurityToken to wrap CSRF protection via "SecurityID" request parameter (from r113272)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114525 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:22:57 +00:00 |
|
Sam Minnee
|
ecaa735db2
|
BUGFIX ModelViewer doesn't work due to minor bug introduced by making $_CLASS_MANIFEST keys lowercase (fixes #6144, thanks daniel.lindkvist) (from r113249)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114524 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:20:33 +00:00 |
|
Sam Minnee
|
662f581b24
|
BUGFIX Fixed month conversion in DateField_View_JQuery::convert_iso_to_jquery_format() (fixes #6124, thanks mbren and natmchugh) (from r113247)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114523 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:20:13 +00:00 |
|
Sam Minnee
|
c3fa7406ab
|
MINOR Documentation (from r113241)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114522 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:18:58 +00:00 |
|
Sam Minnee
|
24f2c51fa2
|
BUGFIX: removed taiwans province of china (from r113193)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114521 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:17:34 +00:00 |
|
Sam Minnee
|
75c6c4941c
|
BUGFIX: Use correct language code for jquery-ui date picker for en_US (from r113107)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114520 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:17:16 +00:00 |
|
Sam Minnee
|
e3d109763a
|
MINOR: updated typo in comment for Cache. (from r112982)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114519 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:16:59 +00:00 |
|
Sam Minnee
|
fc869c1d86
|
MINOR: Fix to SapphireInfo for git-svn checkouts. (from r112962)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114518 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 08:06:29 +00:00 |
|
Ingo Schommer
|
3e8704c882
|
BUGFIX Escaping $locale values in Translatable->augmentSQL() in addition to the i18n::validate_locale() input validation
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114515 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 05:23:37 +00:00 |
|
Ingo Schommer
|
531fa04d7d
|
BUGFIX Limiting usage of mcrypt_create_iv() in RandomGenerator->generateEntropy() to *nix platforms to avoid fatal errors (specically in IIS)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114510 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 04:41:49 +00:00 |
|
Ingo Schommer
|
50f823697c
|
MINOR Fixed regression from r114504
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114505 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 00:43:10 +00:00 |
|
Ingo Schommer
|
a0a88af255
|
BUGFIX Using RandomGenerator class in Member->logIn(), Member->autoLogin() and Member->generateAutologinHash() for better randomization of tokens. Increased VARCHAR length of 'RememberLoginToken' and 'AutoLoginHash' fields to 1024 characters to support longer token strings.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114504 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 00:39:25 +00:00 |
|
Ingo Schommer
|
1dddd5252d
|
BUGFIX Using RandomGenerator class in PasswordEncryptor->salt()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114503 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 00:37:35 +00:00 |
|
Ingo Schommer
|
8b220b923a
|
ENHANCEMENT Using RandomGenerator in Form->getExtraFields() "SecurityID" token creation
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114498 467b73ca-7a2a-4603-9d3b-597d59a354a9
|
2010-12-05 00:18:48 +00:00 |
|