Commit Graph

4713 Commits

Author SHA1 Message Date
Sean Harvey
e73e15d6c8 MINOR Code formatting change in ConfirmedPasswordField::__construct()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114720 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:05 +13:00
Sean Harvey
a87c743fc4 BUGFIX Fallback text for "Password" in ConfirmedPasswordField when no translation found
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114719 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:05 +13:00
Jean-Fabien Barrios
6d76f9040c BUGFIX Populates the page with fake data in order to pass subsequent unit tests
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114683 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:05 +13:00
Jean-Fabien Barrios
e87ba9f24b BUGFIX Test if form is the right class (if a class decorates the content controller, this test would break ie sphinx)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114654 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:04 +13:00
Ingo Schommer
f4cc316c8a ENHANCEMENT 'bypassStaticCache' cookie set in Versioned is limited to httpOnly flag (no access by JS) to improve clientside security (from r114568)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114572 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:04 +13:00
Ingo Schommer
ac4c207846 ENHANCEMENT Session::start() forces PHPSESSID cookies to be httpOnly (no access by JS) to improve clientside security (from r114567)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114571 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:04 +13:00
Ingo Schommer
6fa8f8341c BUGFIX Escaping $locale values in Translatable->augmentSQL() in addition to the i18n::validate_locale() input validation (from r114515)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114516 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:04 +13:00
Ingo Schommer
6255cdf20a BUGFIX Limiting usage of mcrypt_create_iv() in RandomGenerator->generateEntropy() to *nix platforms to avoid fatal errors (specically in IIS) (from r114510)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114512 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:04 +13:00
Ingo Schommer
310f8f6a03 BUGFIX Using RandomGenerator class in Member->logIn(), Member->autoLogin() and Member->generateAutologinHash() for better randomization of tokens. Increased VARCHAR length of 'RememberLoginToken' and 'AutoLoginHash' fields to 1024 characters to support longer token strings. (from r114504)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114507 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:04 +13:00
Ingo Schommer
ae1d8e2e18 BUGFIX Using RandomGenerator class in PasswordEncryptor->salt() (from r114503)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114506 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:04 +13:00
Ingo Schommer
696de5d437 BUGFIX Using RandomGenerator class in SecurityToken->generate() for more random tokens
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114500 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:03 +13:00
Ingo Schommer
f8c970ec0c ENHANCEMENT Added RandomGenerator for more secure CRSF tokens etc. (from r114497)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114499 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:03 +13:00
Ingo Schommer
1670dab5e1 API CHANGE Using i18n::validate_locale() in various Translatable methods to ensure the locale exists (as defined through i18n::$allowed_locales) (from r114470)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114474 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:03 +13:00
Ingo Schommer
924f0feb5d BUGFIX Check for valid locale in i18n::set_locale()/set_default_locale()/include_locale_file()/include_by_locale() (as defined in i18n::$allowed_locales). Implicitly sanitizes the data for usage in controllers. (from r114469)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114473 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:03 +13:00
Paul Meyrick
7864d8f250 FIX: Revert last commit
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114464 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:03 +13:00
Paul Meyrick
889f888c1a FIX: Revert last commit
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114463 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:03 +13:00
Paul Meyrick
14d4a78d20 MINOR: Added exception handling if ClassName is null in search results
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114454 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:03 +13:00
Ingo Schommer
f79c6aeb83 BUGFIX Don't allow HTML formatting in RequestHandler->httpError() by sending "Content-Type: text/plain" response headers. (from r114444)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114445 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:03 +13:00
Ingo Schommer
30e3f08efb MINOR Checking for class_exists() before SapphireTest::is_running_tests() to avoid including the whole testing framework, and triggering PHPUnit to run a performance-intensive directory traversal for coverage file blacklists (from r114332)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114334 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:03 +13:00
Ingo Schommer
5236e09026 BUGFIX Including template /lang folders in i18n::include_by_locale() (implementation started in r113919)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114208 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:02 +13:00
Ingo Schommer
43c85e3c9a ENHANCEMENT Added SS_HTTPResponse->setStatusDescription() as equivalent to setStatusCode(). Added documentation.
BUGFIX Strip newlines and carriage returns from SS_HTTPResponse->getStatusDescription() (fixes #6222, thanks mattclegg) (from r114082)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114083 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:02 +13:00
Ingo Schommer
b5e9b911d3 BUGFIX Removed double quoting of $where parameter in Translatable::get_existing_content_languages() (fixes #6203, thanks cloph) (from r114080)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114081 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:02 +13:00
Sean Harvey
28f1c20c5d MINOR Reverted r108515
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114079 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:02 +13:00
Ingo Schommer
253083bc81 MINOR Documentation for Aggregate caching (from r114077)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114078 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:02 +13:00
Sean Harvey
1544d55890 MINOR Fixed php tag in SecurityTokenTest, should be "<?php" not "<?"
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114016 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:02 +13:00
Ingo Schommer
96f65b252d MINOR Removed duplicate b/ directory, regression from r113918 (from r113992)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113994 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:02 +13:00
Sean Harvey
10d283a641 BUGFIX #6201 Use of set_include_path() did not always include sapphire paths in some environments
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113976 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:02 +13:00
Sean Harvey
9367dc40a1 MINOR Fixed PHP strict standard where non-variables cannot be passed by reference
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113968 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:01 +13:00
Saophalkun Ponlu
8381858d58 MINOR: Make sure that Translatable creates a translated parent of SiteTree only when the parent is not translated (from r113955)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113956 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:01 +13:00
Andreas Piening
d01db84336 MINOR: don't trigger notice but Debug::show it
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113937 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:01 +13:00
Andreas Piening
fdebd72e97 MINOR: don't trigger notice but Debug::show it
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113936 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:01 +13:00
Andreas Piening
1fb51c6c5d MINOR: test doesn't fail anymore due to time differences between db and php. The test now issues notices, warnings and errors depending on the severity of the offset
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113933 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:01 +13:00
Sean Harvey
febcc15c3a MINOR Fixed spaces with tabs in Core
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113924 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:01 +13:00
Sean Harvey
b7d7a86b51 MINOR Fixed spaces with tabs for Core::getTempFolder()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113923 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:01 +13:00
Ingo Schommer
a9e611d721 ENHANCEMENT Allowing i18nTextCollector to discover entities in templates stored in themes/ directory (thanks nlou) (from r113918)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113919 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:01 +13:00
Ingo Schommer
2093d5f79a MINOR: call jquery-ui from thirdparty folder instead google api (see ticket 5915) (from r113656)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113696 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:01 +13:00
Ingo Schommer
d94001ab7e MINOR Updated cs_CZ and sk_SK translations in sapphire/javascript (fixes #6085, thanks Pike)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113690 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:00 +13:00
Sean Harvey
68eebd8023 BUGFIX ErrorPage::requireDefaultRecords() case where no assets directory causes an fopen() error. Ensure assets directory is created before attempting to write error page files
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113590 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:00 +13:00
Sean Harvey
cfcf7a5358 MINOR Fixed output spelling mistake and formatting in SapphireTest::delete_all_temp_dbs()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113450 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:59 +13:00
Sean Harvey
9bae66760a MINOR Fixed RSSFeedTest which should put test configuration code into setUp() and tearDown() methods. If the test fails halfway through, these will get called to clean up the state
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113430 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:59 +13:00
Jean-Fabien Barrios
1050c7ee4e ENHANCEMENT Validation for uploaded files
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113420 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:59 +13:00
Jean-Fabien Barrios
e2d4dc25dc BUGFIX Better checking of file validity (#6093) Thanks Pigeon
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113419 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:59 +13:00
Sean Harvey
fe26454567 BUGFIX Ensure that SearchForm searchEngine() call properly escapes the Relevance field for ANSI compliance
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113295 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:59 +13:00
Ingo Schommer
294f99d767 ENHANCEMENT Added Form->enableSecurityToken() as a counterpart to the existing disableSecurityToken()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113284 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:59 +13:00
Ingo Schommer
d2b489b4ef BUGFIX Clear static marking caches on Hierarchy->flushCache()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113277 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:59 +13:00
Ingo Schommer
b3a086e2c9 BUGFIX Fixed ComplexTableField and TableListField GET actions against CSRF attacks (with Form_SecurityToken->checkRequest())
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113276 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:59 +13:00
Ingo Schommer
4298cda6aa API CHANGE Added security token to TableListField->Link() in order to include it in all URL actions automatically. This ensures that field actions bypassing Form->httpSubmission() still get CSRF protection
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113275 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:59 +13:00
Ingo Schommer
1aadb8c990 MINOR Using SecurityToken in ViewableData->getSecurityID()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113274 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:58 +13:00
Ingo Schommer
d6c9e18333 BUGFIX Using current controller for MemberTableField constructor in Group->getCMSFields() instead of passing in a wrong instance (Group)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113273 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:58 +13:00
Ingo Schommer
e4d3584805 ENHANCEMENT Added SecurityToken to wrap CSRF protection via "SecurityID" request parameter
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113272 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:58 +13:00