tonyair
/
silverstripe-framework
mirror of https://github.com/silverstripe/silverstripe-framework
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
22,128 Commits 29 Branches 513 Tags 147 MiB
Commit Graph

4156 Commits

Author SHA1 Message Date
Garion Herman c143941e44
Merge pull request #9628 from creative-commoners/pulls/4/version-provider 
NEW Additional logic for VersionProvider
 2020-08-21 14:25:23 +12:00
Sam Minnée b810b7d5c9
API: Allow for user-created objects to have values passed in the constructor (#8591) 2020-08-20 12:28:31 +12:00
Steve Boyd e19ef240f7 NEW VersionProvider now supports recipes as well as modules 2020-08-11 13:04:48 +12:00
Sam Minnée 8195bb480d
Merge pull request #9630 from silverstripe-terraformers/feature/with-time 
NEW: WithMockTime callback.
 2020-08-07 10:16:30 +12:00
Maxime Rainville e31565cb71 BUG Fix GroupedDropdownFieldTest::testReadonlyValue 2020-08-06 22:50:40 +12:00
Mojmir Fendek c2ed6a4cd6 NEW: WithMockTime callback. 2020-08-06 11:18:39 +12:00
Steve Boyd 8287fad24d Merge branch '4.6' into 4 2020-07-29 11:38:49 +12:00
Steve Boyd 52d38a8b4a
Merge pull request #9615 from creative-commoners/pulls/4.6/embed-iframe-dimensions 
FIX Set iframe dimension attributes specified in shortcode
 2020-07-28 11:04:24 +12:00
Steve Boyd f0936d4c1e FIX Set iframe dimension attributes specified in shortcode 2020-07-27 18:04:03 +12:00
Martin Heise 404f450ac3 BUG Readonly version of GroupedDropdownField 
GroupedDropdownField was showing empty values in Readonly mode due to not correctly handling the hierarchical source array.
Uses flattened source now in GroupedDropdownField->performReadonlyTransformation()
 2020-07-21 09:23:30 +02:00
Robbie Averill 84b4057a9a
Merge pull request #9406 from chrispenny/feature/standardise-get-cms-validator 
v4 improvement: Standardise getCMSValidator for DataObjects/Forms
 2020-07-16 15:58:33 -07:00
Garion Herman d408a4e714 Merge branch '4.6' into 4 2020-07-13 12:28:14 +12:00
Garion Herman fbe0f5a981 Merge branch '4.5' into 4.6 2020-07-13 12:27:02 +12:00
Maxime Rainville 8518987cbd [CVE-2019-19326] Stop honouring X-HTTP-Method-Override header, X-Original-Url header and _method POST variable. Add SS_HTTPRequest::setHttpMethod() 2020-07-10 17:56:15 +12:00
Maxime Rainville 71db45b18b [CVE-2019-19326] Stop honouring X-HTTP-Method-Override header, X-Original-Url header and _method POST variable. Add SS_HTTPRequest::setHttpMethod() 2020-07-10 14:57:26 +12:00
Maxime Rainville b780c4f504 BUG Tweak DBHTMLText::Plain to avoid treating some chinese characters as line breaks. 2020-07-09 13:33:43 +12:00
Sam Minnee 01d3b4fd96 FIX: Set many-many-through joinRecord on newly added records. 
When many-many-through relations are queried, a joinRecord is set on
each DataObject in the list to provide the extra fields defined on
the connector object. This didn’t previously happen when the record
was first add()ed to a list. This fixes that bug.
 2020-07-02 15:18:12 +12:00
cpenny f72491f7f4 Linting fix 2020-06-08 09:35:00 +12:00
cpenny d4165db690 Update getter name to getCMSCompositeValidator 2020-05-28 12:23:35 +12:00
cpenny 2765b65f42 Use ReflectionClass for CompositeValidator tests 2020-05-28 11:18:46 +12:00
cpenny bca4be77ed Update name to CompositeValidator. Add docblocks 2020-05-28 11:18:46 +12:00
cpenny b45a3561df Implemented PR feedback. Added some initial test cov 2020-05-28 11:18:46 +12:00
Maxime Rainville acccdd8a1c Merge branch '4.5' into 4 2020-05-26 14:31:06 +12:00
Maxime Rainville 42bb28965c Merge branch '4.4' into 4.5 2020-05-26 14:30:27 +12:00
Maxime Rainville 395893b559 Merge branch '4.3' into 4.4 2020-05-26 14:30:02 +12:00
Maxime Rainville 86fcb9e29c Merge branch '4.2' into 4.3 2020-05-26 14:29:16 +12:00
Daniel Hensby 080ce157ce
Fix various typos in comments 2020-05-16 10:34:53 +01:00
Michal Kleiner 21129b1624
Use short array syntax across the framework's codebase 2020-05-16 10:34:45 +01:00
Steve Boyd b1b61f866e FIX Set nonce style on unit tests 2020-05-13 16:07:31 +12:00
Brett Tasker 1d19051c10 Add sha1 and md5 hashing options in resource URL 2020-05-12 18:14:03 +12:00
Mojmir Fendek 7dc6b36c16
Unique key for DataObject (#9400) 
NEW Unique key for DataObject
 2020-05-04 09:10:51 +12:00
Dan Hensby 33b0b6985a
Update file paths for autoloading compatibility 2020-04-25 10:28:28 +01:00
Daniel Hensby 237b2d5f74
Convert array delcarations to short array syntax 2020-04-20 18:58:09 +01:00
Garion Herman f94078d963
Merge pull request #9408 from chrometoasters/pulls/classes-with-extension 
Add ClassInfo method to get all classes with a given extension applied
 2020-04-20 20:11:01 +12:00
Serge Latyntcev cb36aab80c Merge branch '4.5' into 4 2020-04-15 14:49:19 +12:00
mattclegg e968f5cb86
DOCS: Remove outdated TODO 2020-04-14 15:00:08 +05:45
Ingo Schommer 2c5deceeb4 FIX Filter out all FULLTEXT BOOLEAN chars 
The query might still work depending on where these chars are placed,
but it seems weird to only remove *some* of the valid chars here.
See https://dev.mysql.com/doc/refman/5.6/en/fulltext-boolean.html

Note that the query runs both the actual boolean query with chars,
and then a separate relevance search without them.
 2020-04-09 10:32:45 +12:00
Ingo Schommer c6b698cb02 NEW Allow InnoDB for FULLTEXT indexes 
MyISAM used to be the only one to support it, now InnoDB has caught up.
Unless an engine is set specifically in create_table_options,
this will auto-convert existing MyISAM tables to InnoDb.

Fixes #9242
 2020-04-09 10:32:45 +12:00
Dan Hensby 5bf2ac83ee
Merge branch '4.5' into 4 2020-04-01 19:23:47 +01:00
Daniel Hensby 1fb574a5bd
NEW: Variadic URL parameter matches for url_handlers (#9438) 
* Add wildcard URL parameter matches for url_handlers

* Extra tests for wildcard parameters

* Add a PHP warning if more params appear after wildcard param
 2020-03-25 09:16:13 +13:00
Michal Kleiner 30c3b127c1 NEW Add ClassInfo method to get all classes with a given extension applied 2020-03-24 10:48:35 +13:00
Aaron Carlino 37e8720fe5 Linting 2020-03-17 16:21:46 +13:00
Aaron Carlino 7ad5f1bb14 BUGFIX: Ensure diff arrays are one-dimensional 2020-03-17 15:57:28 +13:00
Steve Boyd 667495eaf9 Merge branch '4.5' into 4 2020-03-06 10:53:28 +13:00
Steve Boyd 687435a2f1 Merge branch '4.4' into 4.5 2020-03-06 10:52:22 +13:00
UndefinedOffset bba0f2f72f
BUGFIX: Fixed issue where TimeField_Readonly would only show "(not set)" instead of the value 2020-02-24 09:59:00 -04:00
Maxime Rainville affd43052a Merge branch '4.5' into 4 2020-02-17 18:11:23 +13:00
Maxime Rainville acd7d94167 Merge branch '4.4' into 4.5 2020-02-17 13:07:26 +13:00
Maxime Rainville 49fda52b12
Merge pull request #94 from silverstripe-security/fix/cve-2019-19325 
CVE-2019-1935
 2020-02-17 12:54:40 +13:00
Serge Latyntcev ad1b00ec7d [CVE-2019-19325] XSS through non-scalar FormField attributes 
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
 2020-02-17 09:58:29 +13:00