Commit Graph

1105 Commits

Author SHA1 Message Date
Damian Mooyman
dd4c5417e7
Merge pull request #49 from silverstripe-security/pulls/3.5/ss-2017-007
[ss-2017-007] Ensure xls formulae are safely sanitised on output (3.5)
2017-12-06 16:25:58 +13:00
Daniel Hensby
2aa1d8f2c4
remove create_function usage 2017-12-05 14:20:13 +00:00
Damian Mooyman
22ccf3e2f9
[ss-2017-007] Ensure xls formulae are safely sanitised on output
CSVParser now strips leading tabs on cells
2017-12-01 10:19:48 +13:00
Daniel Hensby
cbac375590
FIX Helpful warning when phpunit bootstrap appears misconfigured 2017-10-25 17:48:35 +01:00
Daniel Hensby
6494bc820c
Move spyc dependency to composer 2017-07-28 13:35:30 +01:00
Daniel Hensby
e7e5d42865
Merge branch '3.4' into 3.5 2017-01-23 16:22:53 +00:00
Chris Lock
11bc05de96
Altering error message to show the exception 2016-12-28 11:39:12 +00:00
Colin Tucker
3fca7b3c4d Fix hard-coded boolean in CsvBulkLoader 2016-12-06 16:08:00 +11:00
Daniel Hensby
71efd960b0
Merge tag '3.5.0' into 3.5
Release 3.5.0
2016-11-28 13:32:48 +00:00
Daniel Hensby
a9c85057b0
Merge pull request #6332 from andrewandante/BUGFIX/apply-send-all-emails-from-to-SS_LogEmailWriter 2016-11-25 11:21:21 +00:00
Andrew Aitken-Fincham
13aaa6badb Apply email defaults to SS_LogEmailWriter 2016-11-25 09:59:41 +00:00
Daniel Hensby
602062802e
Merge branch '3.4' into 3.5 2016-11-23 23:55:31 +00:00
Daniel Hensby
406307c77b
Merge branch '3.3' into 3.4 2016-11-23 23:29:25 +00:00
Daniel Hensby
b7bb7a46da
Merge branch '3.2' into 3.3 2016-11-23 22:26:15 +00:00
Daniel Hensby
17eb351f81
Merge branch '3.1' into 3.2 2016-11-23 21:54:22 +00:00
Daniel Hensby
03b4e6ea32
FIX Tests shouldnt set date or time format to null 2016-11-23 12:36:53 +00:00
Damian Mooyman
f43a91a4f8 API Add FormField::canSubmitValue()
API Add HTMLText::getProcessShortcodes() / setProcessShortcodes()
API Split TextareaField::Value() into ValueEntities() with shortcodes disabled
2016-11-17 09:55:03 +13:00
Daniel Hensby
6022012481
Merge branch '3.4' into 3 2016-09-23 16:33:45 +01:00
Daniel Hensby
32d1856d40 FIX Debug::caller() will now handle errors from outside function calls (#6029) 2016-09-20 09:03:22 +12:00
Daniel Hensby
a9df28c791
Merge branch '3.4' into 3 2016-09-14 11:40:15 +01:00
Damian Mooyman
c6457c50e9
API Allow has_many fixtures to be declared with array format as well as many_many (#5944)
BUG Fix issue with parsing of extrafields in fixtures
BUG Fix issue in duplicate relation name, and ensure FixtureBlueprint fails on these
2016-09-12 14:01:08 +01:00
Damian Mooyman
7de5b998e1 Merge 3.4 into 3 2016-08-05 19:12:25 +12:00
Damian Mooyman
7d0b8e6520 BUG Fix permission checking code not correctly handling escaped SQL identifiers
Fixes https://github.com/silverstripe/silverstripe-installer/issues/96
2016-08-01 18:15:30 +12:00
Daniel Hensby
0d36899afa
Merge branch '3.4' into 3 2016-06-13 12:30:33 +01:00
Daniel Hensby
4e392a4d43
Merge branch '3.3' into 3.4 2016-06-13 12:30:16 +01:00
Sam Minnee
8a58041fba FIX: Remove default from address for error emails
errors@silverstripe.com has previously been set as the default email
address for error emails. This means that people across the world are
sending from that domain, and if we put SPF records in place it would
stop error emailing.

This change means that emails will be sent from the server-configured
default, which matches the behaviour of the Mailer class.

Leaving until 3.x (3.5, presumably) as it’s a feature change.

Fixes #5360.
2016-06-01 18:05:55 +12:00
Antony Thorpe
39d1ef7a4b Bugfix: BulkLoader_Result class - Deleted Items (#5598)
* Bugfix: BulkLoader_Result class - Deleted Items

The Deleted function, within BulkLoader_Result class, calls mapToArrayList, which tries to find the recently deleted dataobjects.
To correct:
- when calling addDeleted, store a map of each dataobject within the $this->deleted array; and,
- have the Deleted function return an ArrayList based upon the $this->deleted array.

* Added tests

- created a new test file for the BulkLoader_Result class
- included tests for other methods of this class
- slightly altered the addDeleted function to be consistent other methods of this class
2016-06-01 09:55:06 +12:00
Daniel Hensby
706be1210f
Merge branch '3.3' into 3.4 2016-05-22 11:17:28 +01:00
Daniel Hensby
2ae2675a47
Merge branch '3.2' into 3.3 2016-05-22 11:16:04 +01:00
Daniel Hensby
f3cf55074f
Merge branch '3.1' into 3.2 2016-05-22 11:10:37 +01:00
Daniel Hensby
8382685034
FIX #5557 Tests with no DB requirements wont create test DB 2016-05-20 15:37:52 +01:00
Damian Mooyman
757cfae90c API Enable Debug.friendly_error_httpcode to correctly set HTTP status code for errors 2016-05-18 14:27:45 +12:00
Daniel Hensby
679185514d
Merge 3.3 into 3
Conflicts:
	admin/css/screen.css.map
2016-04-26 00:24:59 +01:00
Daniel Hensby
745faebd81
Merge 3.2 into 3.3
Conflicts:
	.travis.yml
2016-04-26 00:17:09 +01:00
Daniel Hensby
a0812f987a
Merge 3.1 into 3.2
Conflicts:
	admin/javascript/LeftAndMain.js
	control/HTTPRequest.php
	docs/en/00_Getting_Started/00_Server_Requirements.md
2016-04-26 00:09:33 +01:00
Damian Mooyman
e1f281fd8b Merge pull request #5236 from dhensby/pulls/3.2/avoid-plain-text-friendlyerrors
FIX Dont allow plain text friendly errors
2016-04-12 12:00:54 +12:00
Roman Schmid
9146450c49 Fix Email test issue discovered in #5271.
Updated/added tests for changed- and forgot-password Emails.
Updated fixture and tests to no longer use a real Email address.
2016-04-11 13:46:41 +02:00
Michael Strong
159dce337d Filter PDO construct on failure 2016-03-30 11:35:15 +13:00
Daniel Hensby
aeb4aa9565 FIX Dont allow plain text friendly errors 2016-03-28 01:20:18 +01:00
Daniel Hensby
c8f2e6702b DOCS Fixing CSV Parser docs - fixes #5004 2016-03-21 14:22:43 +00:00
Damian Mooyman
9fed5561f4 Merge remote-tracking branch 'origin/3.3' into 3
# Conflicts:
#	core/Constants.php
#	dev/DevelopmentAdmin.php
2016-02-24 17:39:04 +13:00
Damian Mooyman
5f2d3f31d7 Merge remote-tracking branch 'origin/3.2' into 3.3
# Conflicts:
#	dev/DevelopmentAdmin.php
#	docs/en/02_Developer_Guides/08_Performance/02_HTTP_Cache_Headers.md
#	lang/cs.yml
#	lang/lt.yml
2016-02-24 17:29:06 +13:00
Damian Mooyman
5d2fc0d7ca [ss-2015-028] Block unauthenticated access to dev/build/defaults 2016-02-24 11:46:33 +13:00
Damian Mooyman
15d4db3b4a [ss-2015-028] Block unauthenticated access to dev/build/defaults 2016-02-24 11:32:49 +13:00
Damian Mooyman
3398f670d8 [ss-2015-028] Block unauthenticated access to dev/build/defaults 2016-02-18 17:18:37 +13:00
Michael Andrewartha
480eeb5be5 Updating links
Updated old hosting wiki link to point to new hosting page on silverstripe.org and fixing broken links
2016-02-09 12:16:47 +13:00
Mateusz
ed04972c3c Fixed permission checks for /dev/build action 2016-01-13 14:05:14 +01:00
Mateusz Ksiazek
c20d5b6861 Disabled displaying SilverStripe Development Tools header when signed in user go to /dev/build page 2016-01-12 17:01:42 +01:00
Sam Minnee
3ee8f505b7 MINORE: Remove training whitespace.
The main benefit of this is so that authors who make use of
.editorconfig don't end up with whitespace changes in their PRs.

Spaces vs. tabs has been left alone, although that could do with a
tidy-up in SS4 after the switch to PSR-1/2.

The command used was this:

for match in '*.ss' '*.css' '*.scss' '*.html' '*.yml' '*.php' '*.js' '*.csv' '*.inc' '*.php5'; do
	find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" -exec sed -E -i '' 's/[[:space:]]+$//' {} \+
	find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" | xargs perl -pi -e 's/ +$//'
done
2016-01-07 10:15:54 +13:00
Nick Spiel
8c49cff71e Fixing link to themes page
The link to the themes page was broken.
2015-12-22 12:30:20 +11:00