Commit Graph

15248 Commits

Author SHA1 Message Date
Daniel Hensby
7af7f8dd65
Merge remote-tracking branch 'security/patch/3.1/ss-2016-005' into 3.1.19 2016-05-05 01:01:44 +01:00
Daniel Hensby
e8cfe1cc72
Merge remote-tracking branch 'security/patch/3.1/ss-2016-004' into 3.1.19 2016-05-05 01:01:37 +01:00
Daniel Hensby
09370290dc
Merge remote-tracking branch 'security/patch/3.1/ss-2016-001' into 3.1.19 2016-05-05 01:01:27 +01:00
Daniel Hensby
47c3165aa3
Merge remote-tracking branch 'security/patch/3.1/ss-2015-029' into 3.1.19 2016-05-05 01:01:15 +01:00
Daniel Hensby
0884683c6b
Merge branch '3.1' into 3.2 2016-05-04 23:15:43 +01:00
Damian Mooyman
71a4f1e605 Merge branch 'pull/5384' into 3.1 2016-05-02 18:16:41 +12:00
Damian Mooyman
a38eb8b784 Fix incorrect logic check 2016-05-02 18:15:39 +12:00
Damian Mooyman
e88a40853a Merge pull request #3772 from phptek/cms/1054
FIX: Fixes CMS errors when viewing history on "Deleted" pages.
2016-04-26 17:21:19 +12:00
Daniel Hensby
a0812f987a
Merge 3.1 into 3.2
Conflicts:
	admin/javascript/LeftAndMain.js
	control/HTTPRequest.php
	docs/en/00_Getting_Started/00_Server_Requirements.md
2016-04-26 00:09:33 +01:00
Daniel Hensby
fde6376996
FIX Admin bloacklisted messages using correct $.inArray check 2016-04-24 08:57:45 +01:00
Daniel Hensby
1ccd3926e3
[SS-2016-001] FIX Properly check backurl on CMSSecurity@success 2016-04-20 23:58:50 +01:00
Daniel Hensby
a6bd22ab2f
[SS-2016-006] FIX dont disable XSS for login forms 2016-04-20 23:57:59 +01:00
Daniel Hensby
a24c8260b1
[SS-2016-004] FIX Store current page IDs as ints 2016-04-20 23:55:59 +01:00
Daniel Hensby
f32c893546
[SS-2016-005] FIX Apply brute force protection to default admin 2016-04-19 23:20:29 +01:00
Daniel Hensby
3c0f2e8e11
[SS-2015-029] FIX Add CSFR protection to tree reorganise 2016-04-19 00:01:04 +01:00
Michael Strong
1f820b0b1c DOCS allowed_actions access control (#5333) 2016-04-18 17:49:30 +12:00
Loz Calver
69858760e1 Merge pull request #5312 from dhensby/pulls/3.1/fix-5281
FIX Stop "success" message showing in CMS
2016-04-12 16:56:06 +01:00
Daniel Hensby
36283b86d5
FIX Stop "success" message showing in CMS
fixes #5281
2016-04-12 16:14:31 +01:00
Damian Mooyman
e1f281fd8b Merge pull request #5236 from dhensby/pulls/3.2/avoid-plain-text-friendlyerrors
FIX Dont allow plain text friendly errors
2016-04-12 12:00:54 +12:00
Daniel Hensby
e57d26bb8e Merge pull request #5298 from bummzack/patch-email-tests-3.2
Fix Email test issue discovered in #5271.
2016-04-11 15:06:15 +01:00
Roman Schmid
9146450c49 Fix Email test issue discovered in #5271.
Updated/added tests for changed- and forgot-password Emails.
Updated fixture and tests to no longer use a real Email address.
2016-04-11 13:46:41 +02:00
Damian Mooyman
1d3b621460 Merge pull request #5274 from patricknelson/patch-2
Removal of FlushGeneratedImagesTask was not documented.
2016-04-06 11:05:40 +12:00
Patrick Nelson
49e6d701e5 Removal of FlushGeneratedImagesTask was not documented.
This task appears to have been superseded by a new task called `RegenerateCachedImagesTask` but it was not documented, so `FlushGeneratedImagesTask` simply appeared to have vanished. This will update the documentation to reflect this change for both v3.2 and v3.3 (separate PR).
2016-04-05 15:09:46 -07:00
Sean Harvey
3b7cfd0118 Merge pull request #5256 from tractorcow/pulls/3.1/fix-error-displayed
BUG fix ErrorControlChain causing errors to be displayed if display_errors in php.ini is false
2016-04-01 12:10:22 +13:00
Damian Mooyman
6ec2656201 BUG fix ErrorControlChain causing errors to be displayed if display_errors in php.ini is false
Fixes #5250
2016-04-01 11:04:06 +13:00
Damian Mooyman
bea85c22a5 Merge pull request #5233 from kinglozzer/5129-gridfield-shortcode-parsing
FIX: GridField::FieldHolder() should not attempt to parse shortcodes (fixes #5129)
2016-03-31 10:52:44 +13:00
Loz Calver
83663b4b8c Merge pull request #5249 from tractorcow/pulls/3.2/customise
Standardise spelling of "customise"
2016-03-30 08:42:26 +01:00
Damian Mooyman
2cfd3ab997 Merge pull request #5231 from kinglozzer/sqlselect-docs
Fix code docs for SQLSelect::count()
2016-03-30 14:12:11 +13:00
Damian Mooyman
b8e7f9a934 Standardise spelling of "customise"
Fixes #3988
2016-03-30 13:17:28 +13:00
Damian Mooyman
fd64fe5572 Merge pull request #5248 from micmania1/patch-10
Filter PDO construct on failure
2016-03-30 13:05:32 +13:00
Michael Strong
159dce337d Filter PDO construct on failure 2016-03-30 11:35:15 +13:00
Ingo Schommer
4714eeee6b Merge pull request #5146 from chillu/pulls/3.2/disable-xdebug-travis
Disable xdebug on Travis runs
2016-03-30 07:49:32 +13:00
Ingo Schommer
85a361444c Disable xdebug on Travis runs
We're not using it for code coverage,
and it's slowing down both composer and phpunit builds.

Recommended by Travis:
https://docs.travis-ci.com/user/speeding-up-the-build/#PHP-optimisations
2016-03-29 17:21:55 +13:00
Daniel Hensby
aeb4aa9565 FIX Dont allow plain text friendly errors 2016-03-28 01:20:18 +01:00
Loz Calver
5ede516c77 FIX: GridField::FieldHolder() should not attempt to parse shortcodes (fixes #5129) 2016-03-27 10:51:46 +01:00
Loz Calver
4353d35c0a Fix code docs for SQLSelect::count() 2016-03-27 10:23:11 +01:00
Loz Calver
20d116757a Merge pull request #5217 from dhensby/pulls/3.1/docs-csv-parser
DOCS Fixing CSV Parser docs - fixes #5004
2016-03-21 15:02:56 +00:00
Daniel Hensby
c8f2e6702b DOCS Fixing CSV Parser docs - fixes #5004 2016-03-21 14:22:43 +00:00
Daniel Hensby
863b737717 Merge pull request #5214 from tractorcow/pulls/3.1/fix-array-values
Do not hang on nested parameters in search context
2016-03-21 09:21:33 +00:00
Daniel Hensby
d2fa01fb17 Merge pull request #5215 from tractorcow/pulls/3.2/fix-folder-relativepath
BUG Fix File::getRelativePath() failing if parent folder is renamed
2016-03-21 09:09:12 +00:00
Damian Mooyman
5f8356d686 BUG Fix File::getRelativePath() failing if parent folder is renamed
Fixes #4993
2016-03-21 17:22:38 +13:00
Damian Mooyman
94b0f61957 Merge pull request #3494 from dnadesign/tabForceActive
fixing issue where 'ss-tabs-force-active' wasn't actually working
2016-03-21 16:53:49 +13:00
Nicola Fontana
11561aeb54 Do not hang on nested parameters in search context
Backport of 0b5a573 for 3.2 that does not add a new API, as
required by #5056 to be semver compatible.
2016-03-21 15:54:22 +13:00
Damian Mooyman
cdedee130a Merge pull request #5200 from dhensby/pulls/fix-token-redirect
FIX Parameter tokens now redirect to correct url if mod_rewrite is off
2016-03-21 14:45:03 +13:00
Daniel Hensby
cbdaf890dd Merge pull request #5145 from tractorcow/pulls/3.2/fulltext-bootstrapping
BUG Fix FulltextsearchEnable
2016-03-19 17:17:02 +00:00
Daniel Hensby
add2ecdf8b FIX Parameter tokens now redirect to correct url if mod_rewrite is off 2016-03-18 15:56:39 +00:00
Loz Calver
371c84c22a Merge pull request #5158 from dhensby/pulls/imagik-installer
FIX Imagick installer for travis and php 5.3
2016-03-08 16:38:18 +00:00
Daniel Hensby
7c037d8034 trying to fix imagik properly 2016-03-08 15:38:30 +00:00
Ingo Schommer
5609b9ae25 Merge pull request #5153 from tractorcow/pulls/3.2/imagick-travis
BUG Don't install imagick on php 5.3
2016-03-08 10:55:26 +13:00
Damian Mooyman
aa57427874 BUG Don't install imagick on php 5.3 2016-03-08 10:37:01 +13:00