tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
21,401 Commits 31 Branches 527 Tags 162 MiB
79a89e751d
Commit Graph

21401 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aaron Carlino
79a89e751d Added 4.4.4 changelog 2019-09-24 17:05:26 +12:00
Aaron Carlino
c1047fac32 DOCS: Add docs for versioned files migration 2019-09-24 16:04:22 +12:00
Aaron Carlino
28057e3a71 DOCS: Add FileShortcodeProvider change to changelog 2019-09-24 16:03:48 +12:00
Serge Latyntcev
8b7063a8e2 [CVE-2019-12617] Fix access escalation for CMS users with limited access through permission cache pollution 2019-09-24 16:03:48 +12:00
Serge Latyntcev
eccfa9b10d [CVE-2019-12203] Session fixation in "change password" form 
A potential account hijacking may happen if an attacker has physical access to
victim's computer to perform session fixation. Also possible if the targeted application contains an XSS vulnerability.
Requires the victim to click the password reset link sent to their email.
If all the above happens, attackers may reset the password before the actual user does that.
 2019-09-24 16:03:48 +12:00
Aaron Carlino
1f92b21a04 DOCS: Add FileShortcodeProvider change to changelog 2019-09-24 16:03:48 +12:00
Guy Marriott
3659f2888d
FIX Add 'legal empty attributes' to allow empty alt values on i… (#9257) 
FIX Add 'legal empty attributes' to allow empty alt values on imgs
 2019-09-23 17:03:01 -07:00
Garion Herman
0d27f32cc9 FIX Add 'legal empty attributes' to allow empty alt values on imgs 
In some situations, a caption is used in place of a value in the alt
attribute, and in others an image may be cosmetic and not in need of an
alt attribute value (though the alt attribute must still be rendered in
this case).
 2019-09-24 11:44:12 +12:00
Robbie Averill
3cfc21c405
Merge pull request #9241 from open-sausages/pulls/4.4.3/fix-file-permission 
Fix administrators not being able to see files that are restricted to groups
 2019-09-23 11:13:26 -07:00
bergice
6a1c6ecec6 Fix administrators not being able to see files that are restricted to groups 
Resolves https://github.com/silverstripe/silverstripe-asset-admin/issues/777
 2019-09-23 16:44:28 +12:00
Guy Marriott
7877ffcc85 Merge branch '4.3' into 4.4 2019-09-18 15:52:18 -07:00
Guy Marriott
109ac3f75f
Allow non summary fields to be used as grid field export fields (#9248) 
Allow non summary fields to be used as grid field export fields
 2019-09-18 15:33:25 -07:00
Hayden Shaw
daf9d55ecb Allow non summary fields to be used as export fields 
Fixes regression in 3d989a6eae.
 2019-09-19 10:00:54 +12:00
Robbie Averill
592ab6abc1 Merge branch '4.3' into 4.4 2019-09-13 18:11:34 -07:00
Robbie Averill
066ce8e01c Merge branch '4.2' into 4.3 
# Conflicts:
 #	src/View/ThemeResourceLoader.php
 2019-09-13 18:10:37 -07:00
Robbie Averill
cfe86ad5a1
Merge pull request #9153 from creative-commoners/pulls/4.4/stream-ree-tags 
FIX Skip md5-ing the whole contents of a stream for etags
 2019-09-13 17:59:26 -07:00
Andre Kiste
cf90cfdd2a
Merge pull request #9221 from open-sausages/pulls/4.3/recursive-writeComponent 
BUG Allow infinite loop when calling DataObject::writeComponent() recursively
 2019-09-12 17:18:08 +12:00
Maxime Rainville
591b88a9bc BUG Allow infinite loop when calling DataObject::writeComponent() recursively 2019-09-10 14:15:28 +12:00
Robbie Averill
41a766d135
Merge pull request #9085 from kinglozzer/9084-path-join-exception 
Catch Path::join() exceptions in findTemplate() (fixes #9084)
 2019-09-06 12:00:39 -07:00
Maxime Rainville
24015c7767 Merge branch '4.3' into 4.4 2019-09-04 09:42:09 +12:00
Robbie Averill
aec5051a24
Merge pull request #9206 from creative-commoners/pulls/4.3/strip-bom-on-csv-import 
FIX Byte Order Marks (BOM) are now stripped when importing CSV files
 2019-09-03 09:55:38 -07:00
Maxime Rainville
a2a202c016
Merge pull request #9200 from open-sausages/pulls/4.4.3/consistent-actions 
FIX make the grid field actions consistent to what they look like on pages
 2019-09-02 14:07:22 +12:00
bergice
2f8d847a10 FIX make the grid field actions consistent to what they look like on pages 
Resolves https://github.com/silverstripe/silverstripe-admin/issues/904
 2019-09-02 12:22:32 +12:00
Robbie Averill
02194908e2
Merge pull request #9205 from wilr/pulls/add-upgrade-notes-for-email 
Add missing upgrade rules for Email class
 2019-08-30 14:15:17 +12:00
Robbie Averill
0b991cc039
Merge pull request #9198 from elabuwa/pulls/4.3/bug-fix-html-entities-breadcrumbs-in-group 
Bug : Add html_entity_decode to group parents
 2019-08-30 09:51:52 +12:00
Dileep Ratnayake
fe4eb5dd2a
Update src/Security/Group.php 
Co-Authored-By: Maxime Rainville <maxime@rainville.me>
 2019-08-29 15:44:41 +12:00
Robbie Averill
77ba8391c4 FIX Byte Order Marks (BOM) are now stripped when importing CSV files 2019-08-29 14:54:57 +12:00
Will Rossiter
e07bcee182
Add missing upgrade rules for Email class 2019-08-29 09:10:03 +12:00
Maxime Rainville
4cfce30842
Merge pull request #9204 from open-sausages/pulls/4.3/remove-dumb-place-holder-text 
BUG Remove placeholder text on new group form
 2019-08-29 09:05:38 +12:00
Maxime Rainville
73f43c6f42 BUG Remove placeholder text on new group form 2019-08-28 17:14:19 +12:00
Dileep Ratnayake
9b7075ed5d
Update Group.php 2019-08-27 16:22:00 +12:00
Dileep Ratnayake
a976a1688b
Update Group.php 
move to private method
 2019-08-27 16:21:08 +12:00
Dileep Ratnayake
40e5c4ec59
Update Group.php 
use of convert::raw2xml, rename $grp to $group
 2019-08-27 16:19:40 +12:00
Robbie Averill
e078eea7dd
Merge pull request #9197 from wilr/pulls/gridfield-columnlookup 
FIX Remove error when exporting a column that is not displayed in a GridField
 2019-08-27 13:59:48 +12:00
Dileep Ratnayake
4f8240bd48
Update src/Security/Group.php 
Co-Authored-By: Andre Kiste <bergice@users.noreply.github.com>
 2019-08-27 12:19:03 +12:00
Will Rossiter
d2a07b1047
FIX Remove error when exporting a column that is not displayed in a GridField 2019-08-27 11:54:31 +12:00
Dileep Ratnayake
f7a602137a
add html_entity_decode to breadcrumbs 2019-08-27 11:49:17 +12:00
Guy Marriott
92300051a7
Update translations 2019-08-19 15:10:41 +12:00
Guy Marriott
a6614d8a77
Added 4.4.3 changelog 2019-08-19 15:01:22 +12:00
Garion Herman
f4a5f5dc35
Merge pull request #9177 from creative-commoners/pulls/4.4/change-password-fix 
FIX Member::changePassword() no longer applies password validation rules to the hashed value
 2019-08-16 14:25:06 +12:00
Robbie Averill
11a7d6ccb4
Rename test to be clearer about its intent 
Co-Authored-By: Guy Marriott <guy@scopey.co.nz>
 2019-08-16 09:49:36 +12:00
Robbie Averill
bae7e32680 FIX Member::changePassword() no longer applies password validation rules to the hashed value 2019-08-16 09:06:07 +12:00
Robbie Averill
f354e2018d FIX Set minimum test scores and password length for Members while running fixtured DataObject tests 2019-08-15 15:23:11 +12:00
Robbie Averill
4b44272367 Merge branch '4.3' into 4.4 2019-08-14 09:30:53 +12:00
Robbie Averill
d63e4b520c Merge branch '4.2' into 4.3 2019-08-14 09:30:41 +12:00
Robbie Averill
2e2c56249e
Merge pull request #9147 from webbuilders-group/sort-order-fix 
BUGFIX: Fixed issue where multiple relationship sort order columns would be lost in favor of only the last relationship column in the sort order
 2019-08-14 09:29:20 +12:00
Aaron Carlino
8cfd3f07ba Added 4.4.2 changelog 2019-08-12 16:08:07 +12:00
Aaron Carlino
8aa2005f8d Update translations 2019-08-12 16:06:24 +12:00
Robbie Averill
05d5db43f3
Merge pull request #9173 from creative-commoners/pulls/4.3/column-content-for-print-csvs 
FIX Use content generated by DataColumns component for print and csv export
 2019-08-09 15:21:50 +12:00
Guy Marriott
3d989a6eae
FIX Use content generated by DataColumns component for print and csv export 2019-08-09 15:04:38 +12:00