I've decoupled `Cookie` from the actual act of setting and getting
cookies. Currently there are a few limitations to how Cookie works that
this change mitigates:
0. `Cookie` currently changes the super global `$_COOKIE` when setting
to make the state of an application a bit more managable, but this is
bad because we shouldn't be modifying super globals
0. One can't actually change the `$cookie_class` once the
`Cookie::$inst` has been instantiated
0. One can't test cookies as there is no class that holds the state of
the cookies (it's just held in the super global which is reset as part
of `Director::test()`
0. One can't tell the origin of a cookie (eg: did the application set it
and it needs to be sent, or did we receive it from the browser?)
0. `time()` was used, so testing was made difficult
0. There was no way to get all the cookies at once (without accessing
the super global)
Todos are on the phpdoc and I'd like to write some tests for the backend
as well as update the docs (if there are any) around cookies.
DOCS Adding `Cookie` docs
Explains basic usage of `Cookie` as well as how the `Cookie_Backend`
controls the setting and getting of cookies and manages state of sent vs
received cookies
Fixing `Cookie` usage
`Cookie` is being used inconsistently with the API throughout framework.
Either by not using `force_expiry` to expire cookies or setting them to
null and then expiring them (which is redundant).
NEW `Director::test()` takes `Cookie_Backend` rather than `array` for `$cookies` param
AS requested by tractorcow: https://github.com/silverstripe/silverstripe-postgresql/pull/26
Tested on MySQL (succeeds as expected) Tested on PostgreSQL (and fails as expected, but passes with patch). The fixes test only DataQueryTest related items for consistency, e.g. by avoiding DataObject calls.
Returns the table name for a field in a class hierarchy.
This issue raised itself with GridFieldSortableHeader not supporting sorting on fields from parent class fields.
This pattern improves over the current usage of singleton by allowing type inference.
This also better supports refactor, code usage detection, and auto-completion of classes.
API Mailer bounce email can now be configured
API Mailer no longer calls Convert::xml2raw on all email subjects
API Deprecate dead Mailer code and refactored duplicate or mis-documented code.
Versioned is not writing Version to _version tables for subclasses of Version dataobjects which have their own DB fields
- Fix disjoint of ID / RecordID (which should be the same)
- Fix calculation of new record version
- Fix use of empty vs !isset to check for existing version
When sorting a DataQuery over a relation, the SQLQuery automatically included the sort column. The issue with the implement is that potentially the joined record has a field with the same name as the source record causing it to be overridden.
In the attached test case, without the patch the title will be set to 'Bar' rather than 'Foo'.
This patch aliases the sort column. Alternativally a patch would be to
BUG Fixes missing i18n translation in Date::TimeDiffIn
BUG Fixes Date::TimeDiffIn not respecting mocked SS_Datetime::now
This provides less vague date periods. I.e. "36 days" has a lot more relevance that "1 month"
Reduced duplication of time period calculation code
(ref: CWPBUG-141)
Example: you have a site in a sub-directory off the webroot, you call
->Link() on a SiteTree record, which returns "/[sitedir]/my-page", and
you pass this URL to Director::test(). It's a valid URL, but
Director::test() will throw a 404.
Director::test() should be ensuring that all URLs passed to it are
properly made relative, not just in the case where it thinks the URL
is absolute.
Provides an interface for classes to implement their own flush()
functionality. This function gets called early in a request on
all implementations of Flushable when flush=1|all is requested in the
URL.
This fix came out of an issue where Requirements combined files were not
being cleaned up after dev/build?flush=1, due to the fact that flush
would only occur when you called it while on a page that used those
combined files, but not in any other contexts. This will now call flush
on any implementors of Flushable regardless of the context of where
flush was called.
This would ideally be fixed with the ability to use an external library
like gettext, but that's an API change. This for now fixes the issue
where a singular like "Page" returns "Pags" for the plural name.
- Updated AspectProxyService to handle multiple handlers for each proxied
object's methods.
- Changed BeforeCallAspect to allow for providing a return value that
should be returned to the caller instead of the proxied return value
- Changed AfterCallAspect behaviour to allow for returning the value of
the aspect to the caller instead of the proxied return value
This is a bug that combines Hierarchy, Versioned and LeftAndMain admins and CMSSiteTreeFilters.
This bug can be reproduced by having a large site tree with enough deleted pages in it so it doesn't
pre load all the children pages when initially opening an admin. Filter by either 'All pages including deleted'
or 'Deleted pages'. For CMS users it will look like deleted pages are gone.
The solution involves a couple of smaller fixes in both CMS and framework modules.
1) Ensure that 'numHistoricalChildren' are used instead of 'numChildren' when dealing with deleted pages
2) LeftAndMain::currentPage() deletes all the 'marking' cache previously built up by Hierarchy::markPartialTree()
3) Use Versioned::get_included_deleted() instead of raw DB queries against the DataObject tables when calculating parents in CMSSiteTreeFilter
BUG Fix incompatibility in Member_GroupList
Fix regressions in merges from 3.1
BUG Fix Security failing on test classes
BUG Fix postgresql compatibility
Clarify sql encoding of table names
Database abstraction broken up into controller, connector, query builder, and schema manager, each independently configurable via YAML / Injector
Creation of new DBQueryGenerator for database specific generation of SQL
Support for parameterised queries, move of code base to use these over escaped conditions
Refactor of SQLQuery into separate query classes for each of INSERT UPDATE DELETE and SELECT
Support for PDO
Installation process upgraded to use new ORM
SS_DatabaseException created to handle database errors, maintaining details of raw sql and parameter details for user code designed interested in that data.
Renamed DB static methods to conform correctly to naming conventions (e.g. DB::getConn -> DB::get_conn)
3.2 upgrade docs
Performance Optimisation and simplification of code to use more concise API
API Ability for database adapters to register extensions to ConfigureFromEnv.php
Specific case: LeftAndMain::$session_keepalive_ping = true cannot be
set to false in config.yml for some cases because the value is ignored
when merge_array_low_into_high() is processing the config arrays.
Previously selectFromTable would simply try to select the composite field name. This expands the extraField name to include the children field names and uses CompositeDBField::writeToManipulation to generate the correct SQL for the queries.
Move functionality from static start and destroy functions into instance
methods, allowing these to be overloaded. This works the same way as
calling Session::set() which then in turn calls inst_set()
Additionally use Injector to create the default Session instance to
allow the class to be swapped out.
At the moment, `RestfulService` duplicates functionality of
`Controller::join_links` (badly) and it means that one MUST use a base
URL with a trailing slash for the URL to be constructed properly
Plus tests for `RestfulService::getAbsoluteRequestURL()`
API Deprecating `RestfulService::constructURL()`
This function isn't used in core so we should remove it
BUG Disabled disruptive test case in DirectorTest
API RequestProcessor and VersionedRequestFilter now both correctly implement RequestFilter
Better PHPDoc on RequestFilter and implementations
BUG Resolve issue with DirectorTest breaking RequestProcessor
Injector::nest and Injector::unnest are introduced to better support sandboxing of testings.
Injector and Config ::nest and ::unnest support chaining
Test cases for both Injector::nest and Config::nest
This change fixes an issue where old/existing formatted images are used
when a filename is reused (by overwrite or by coincidence), regardless
of if the file contents have changed. To users this mainly manifests
as a file overwrite appearing not to work; the thumbnails in the CMS
show the original image until regeneration is forced.
Calling Image::deleteFormattedImages() after image upload ensures that
no stagnant formatted images will be used.
This issue is caused by the odd default behaviour of Zend_Date, which attempts to parse yyyy-mm-dd format date and times as though they were yyyy-dd-mm.
Anchors should never make it to the server when they are in the browser URL bar, however tests are slightly different and some `Link()` functions may return a URL anchor. Instead of every test checking a link and stripping the anchor, I feel the Director::test() function should strip them off.
Default to "yyyy-MM-dd" for date format, and "H:mm" for time_format.
Switched to config API for setting/getting values.
Avoid using "MMM" in particular, since it causes
inconsistencies in month names between jQuery UI and Zend_Locale_Format.
Fixes https://github.com/silverstripe/silverstripe-cms/issues/544
The behat rule for text selection wasn't working due to the JavaScript not executing properly. I have
also updated the code to traverse all childNodes, which is important if you have text like this:
<p>text1 <b>text2</b> text3</p>
And you are trying to select 'text3'
A service factory can be used for creating instances where a non-trivial
construction process is required. This is done by adding a `factory`
key to the service definition.
NEW: Adding unit test for performReadonlyTransformation #nd fixing OptionSetField #2503
BUG: Fixing undefined variables and function parameters for PerformReadonlyTransformation unit tests
NEW: Adding unit test to OptionsetField for read only fields
This will resolve issues in cases where the site locale may be assigned a value that does not have an explicit translation. E.g. if the locale is en_NZ (and it's appropriate for this to be the assigned locale), Afrikaans will no longer be the default selected locale when creating members. Now en_US is chosen as a better fallback default.
This is a minor ease of use fix that means fewer CMS users can be accidentally created in Afrikaans within NZ based sites.
Test cases included.
Fixes issue of templates not being found when a Page's main/Layout templates are split between the project and theme folders. Adds more expansive testing for template loading.
FIX: ConfirmedPasswordField relied on POST variables. These should instead come from setValue().
Added all important tests for validating the field: valid if passwords match, invalid if passwords differ.
It doesn't make a lot of sense to limit the listing
to assets/Uploads/, which is the default set through FileField->folderName.
Showing all files regardless of folder makes them easier
to find, users can still opt-in to filtering by folder
through the TreeDropdownField.
DataObject::validate() is currently set to protected, but this means
you can't call validate() from outside the context of itself unless
you overload the method to use a public visibility and then call
parent::validate()
As it would turn out, most classes that overload this method already
set the visibility to public, so it would make sense the parent matches
that as well.
It's defaulted to false. But when set to true, the JS is written to the end of the HTML, even though there are earlier scripts.
This results in faster page-loading if the JS isn't needed earlier-on.
- Document the format for descriptor arrays
- Implement the behaviour that developers have come to expect for
string descriptors of indexes
- Add test for handling of unique indexes (MySQL & sqlite3)
- Resolve#2403
Versioned needs to convert unique indexes to non-unique for its suffixed
tables, such as Foo_Live and Foo_versions. Because DataObject accepts
string descriptors such as array('UniqIDX' => 'unique (Uniq)') as well
as array-based descriptors, Versioned needs to recognize string
descriptors. This patch accomplishes that. Before, Versioned would fail
to convert string-described indexes to non-unique, resulting in run-time
errors when creating a new version of an object.
getAttribute('value') behaves inconsistently with Selenium drivers
(fails on Travis and TeamCity, but works locally). Selenium2Driver
in Mink provides a JS wrapper for getting the value, which is more reliable.
This fixes "insert a link" failures, see https://travis-ci.org/silverstripe/silverstripe-cms/jobs/14281251
Technically a textarea DOM node doesn't have a 'value' attribute,
but rather a HTML content. This used to work, but likely broke either
by updated browser handling or updated selenium logic.
Fixes "Scenario: I can edit title and content and see the changes on draft"
Slightly improved logic
Add support for relations more than one 'level' apart
Add unit tests
Fixing PostgreSQL support
Throw exception if attempting to sort on a has_many/many_many relation
This is a common use case, and by default a form field is added which
has no effect. While this coupling is undesirable, it makes the default
behaviour much more sensible.
See #2662, #2651, #2637 for more information.
Currently the only way the extend SSTemplateParser is to define a class
extension of it and then tell the injector component to use your new
custom class. This new change allows a user to define new "open blocks"
and "closed blocks" for SSTemplateParser to use without needing to
recompile the real SSTemplateParser class.
The following example shows how the functionality can be used
to add a new <% minify %>…<% end_minify %> syntax to the template parser
In a config.yml file, define the new minify closed block to call the
static function "Minifier::minify"
```
Injector:
SSTemplateParser:
properties:
closedBlocks:
minify: "Minifier::minify"
```
Define a new class with the minify static method that returns the new
template code when regenerating templates:
```
class Minifier {
public static function minify(&$res) {
return <<<PHP
{$res['Template']['php']}
\$val = zz\Html\HTMLMinify::minify(\$val, array('optimizationLevel' => zz\Html\HTMLMinify::OPTIMIZATION_ADVANCED));
PHP;
}
}
```
Currently if you run i18nSSLegacyAdapterTest twice in a row you
get errors about classes not existing, because the class manifest
doesn't get set correctly during the test setUp() method.
Fixes issues with GridStata_Data being returned from various states when value types are necessary.
Pruning of dead code from GridFieldAddExistingAutocompleter
Documentation for GridState
The extension doesn't get unloaded correctly at the end of the test,
resulting in tests afterwards sometimes failing because the table
type is reset back to InnoDB.
See silverstripe/silverstripe-cms ed8ee4e9b for a similar fix done
in the cms module.
If you fail your maximum login attempts and are locked out, further failed login attempts add to your already existing FailedLoginCount as it is only reset if you log in successfully. This means that if you're locked out, then try again, one failure will automatically lock you out again, regardless of what you set your max limit to.
Example:
lock_out_after_incorrect_logins: 3
FailedLoginCount: 0
The user fails three login attempts.
lock_out_after_incorrect_logins: 3
FailedLoginCount: 3
The user is now locked out.
Lockout time passes.
The user fails their 4th login.
lock_out_after_incorrect_logins: 3
FailedLoginCount: 4
This will continue to happen until the user successfully logs in, without giving them the pre-defined amount of login attempts again due to this condition being met after every incorrect login:
```php
if($this->FailedLoginCount >= self::config()->lock_out_after_incorrect_logins) {
```
FailedLoginTestCount Test Added
Updates the CMS profile page and SecurityAdmin to give developers a few ways to customise the required fields.
Added extension hook updateValidator for getValidator for things like modules to inject required fields to go along with Injector for replacing the entire class for project specific use.
The "project" module (normally mysite) is considered with the highest priority. Yet, the project's i18n is loaded first and cannot overwrite existing translations. I've added a array_reverse(), so the iteration keeps the translation of the module with the highest priority.
Old $sortedModules: mysite, (other_modules,) cms, admin, framework.
New $sortedModules: framework, admin, cms, (other_modules,) mysite.
This allows shortcodes to perform more complex actions on the element
which contains them. For example, the element reference can be used
to add extra classes or attributes to links which provide additional
metadata.
The functionality is easy to replicate in custom controllers,
and is too rarely used to be placed in core.
This also removes the `Member::is_repeat_member()` getter
and the `PastMember`/`IsRepeatMember` template globals.
See https://groups.google.com/forum/#!topic/silverstripe-dev/b8K3wU64TXg
Added tests to RequiredFields and fixed bugs that were found
Now you:
1. Can't add the same field name many times
2. Can use append RequiredFields correctly without fear of duplicates
I've also added a Deprecation warning to $useLabels as it's not used
*anywhere* in framework
Header parsing now takes into account situations like a proxy or
redirections. Works around the curl issue.
Also fixes the issue when a redirected request would cause a double
amount of headers coming out of the parser - it would merrily process
anything that's in key:value format even if it was two distinct headers.
When using Controller::join_links to join two links with identical query
params, both query params would be used in the result, ending up with
links that look like `../edit/show/14?locale=en_NZ&locale=mi_NZ`
This patch eliminates duplicate query params, so only the last one
for any key is present in the output.
If more than two $from were added through SQLQuery->addFrom(),
the getOrderedJoins() comparison kicks in. It assumes all $from
parts are in array notation, which isn't always the case.
For legacy reasons, and because we don't have full API support,
you can still add literal joins through addFrom('INNER JOIN ...').
On PHP 5.3, the ordering comparison still works because it
allows array access in strings, with string rather than numeric indexes.
Thankfully that's no longer supported in PHP 5.4.
- Added content formatting behat feature file Updated Given statement for Insert link behat feature file
- Added Behat test feature file for alignment buttons Updated formatting buttons feature file to include strikethrough formatting
DataQuery::initialiseQuery() will add a default sort to a query,
and when calling up an aggregate it will make a query like this
which doesn't make sense:
SELECT MAX("LastEdited") FROM "Member" ORDER BY "ID"
In this case there is no need to add the ORDER BY, and it will
break databases like MSSQL in cases such as
GenericTemplateGlobalProvider
which provides a default List() function for adding aggregates
into SSViewer template cacheblocks.
If we add a limit, however, then it does make sense:
SELECT MAX("LastEdited") FROM "Member" ORDER BY "ID" LIMIT 10
This fixes SQLQuery::aggregate() to NOT add an ORDER BY to an
aggregate call if there is no limit.
Due to the recent change of translations to transifex, some
locales changed their names, which prompted a fix to
i18n::get_available_translations() (see 00ffe7294).
This caused a regression where short locales are determined
from the YAML file names (e.g. "en"), but weren't matched up
with fully qualified locales from get_available_translations() (e.g. "en_US").
Since this list is used in the admin/myprofile dropdown for the Member.Locale value,
it didn't match up with any entries and defaulted to the first one ("Africaans").
Note that the behaviour of admin/myprofile is still a bit weird:
It defaults the locale on new members to the one set for the current administrator.
So if a site defaults to en_US in _config.php, but the admin happens to view
his backend in de_DE, all members he creates default to de_DE as well.
Thanks to @tractorcow for contributing and peer reviewing!
If multiple image manipulations are performend the resulting cached image is stored in assets/_resampled because the cached version of the image has no ParentID, which cacheFilename needs to set the correct path.
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Removed "lolcat" locale, uses custom notation (en@lolcal)
which SilverStripe's i18n system can't handle
(needs mapping from SS naming to Zend naming)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
- Only allow selection of locales registered through i18n::$all_locales to avoid
issues with unknown locales in Zend's CLDR database
Allow DataList::limit() to take a null value to remove the limit.
Added tests for limit(). Note the one failure, currently the ORM doesn't support unlimited values with an offset.
The function "first" on ArrayList uses the PHP function "reset", which
returns false if there aren't any elements in the array. Two functions
inside ArrayList use this function, "canFilterBy" and "byID". I've
changed these functions to catch the possibility of a false return from
first().
Session tracks the user agent in the session, to add some detection of
stolen session IDs. However this was causing a session to always be
created, even if this request didnt store any data in the session.
urlRewriter will expect a callable as a second parameter,
but will work with the current api and simply raise a deprecation error.
HTTP::absoluteURLs now correctly rewrites urls into absolute urls. Resolves introduced in c56a80d6ce
HTTP::absoluteURLs now handles additional cases where urls were not translated.
Test cases for HTTP::absoluteURLs added for both css and attribute links.
Cleaned up replacement expression and improved documentation.
Commit 964b3f2 fixed an issue where dbObject was returning casting helpers for
fields that were not actually DB objects, but had something in $casting config.
However, because dbObject was no longer calling DataObject->castingHelper, this
exposed a bug that the underlying function db($fieldName) was not returning
field specs for the base fields that are created by SS automatically on all
DataObjects (i.e. Created, LastEdited, etc).
This commit fixes the underlying issue that DataObject->db($fieldName) should
return the field specs for *all* DB fields like its documentation says it will,
including those base fields that are automatically created and do not appear in
$db.