Commit Graph

36 Commits

Author SHA1 Message Date
Jean-Fabien Barrois
bab1f230bf NEW Cross device "Remember Me" feature
At the moment, using the "Remember me" function on more than one device will only work with the last device used. Previous devices will not auto login.
This PR introduces a new DataObject for storing hashed tokens against multiple devices. Developers can configure if logging out should discard all tokens, or only the one used on the device logging out; token expiry date is 90 days by default but configurable. For added security, the old behaviour can still be enforced if multiple tokens are not desired.
See silverstripe#1574 for additional background
2016-02-10 09:42:08 +13:00
Damian Mooyman
e6b877df27 Merge remote-tracking branch 'origin/3'
# Conflicts:
#	control/Director.php
#	control/HTTP.php
#	core/startup/ParameterConfirmationToken.php
#	docs/en/00_Getting_Started/01_Installation/05_Common_Problems.md
#	docs/en/00_Getting_Started/04_Directory_Structure.md
#	docs/en/00_Getting_Started/05_Coding_Conventions.md
#	docs/en/01_Tutorials/01_Building_A_Basic_Site.md
#	docs/en/01_Tutorials/02_Extending_A_Basic_Site.md
#	docs/en/01_Tutorials/03_Forms.md
#	docs/en/01_Tutorials/04_Site_Search.md
#	docs/en/01_Tutorials/05_Dataobject_Relationship_Management.md
#	docs/en/02_Developer_Guides/12_Search/01_Searchcontext.md
#	docs/en/02_Developer_Guides/13_i18n/index.md
#	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/06_Javascript_Development.md
#	docs/en/03_Upgrading/index.md
#	docs/en/changelogs/index.md
#	docs/en/howto/customize-cms-menu.md
#	docs/en/howto/navigation-menu.md
#	docs/en/index.md
#	docs/en/installation/index.md
#	docs/en/installation/windows-manual-iis-6.md
#	docs/en/misc/contributing/code.md
#	docs/en/misc/contributing/issues.md
#	docs/en/misc/module-release-process.md
#	docs/en/reference/dataobject.md
#	docs/en/reference/execution-pipeline.md
#	docs/en/reference/grid-field.md
#	docs/en/reference/modeladmin.md
#	docs/en/reference/rssfeed.md
#	docs/en/reference/templates.md
#	docs/en/topics/commandline.md
#	docs/en/topics/debugging.md
#	docs/en/topics/email.md
#	docs/en/topics/forms.md
#	docs/en/topics/index.md
#	docs/en/topics/module-development.md
#	docs/en/topics/modules.md
#	docs/en/topics/page-type-templates.md
#	docs/en/topics/page-types.md
#	docs/en/topics/search.md
#	docs/en/topics/testing/index.md
#	docs/en/topics/testing/testing-guide-troubleshooting.md
#	docs/en/topics/theme-development.md
#	docs/en/tutorials/1-building-a-basic-site.md
#	docs/en/tutorials/2-extending-a-basic-site.md
#	docs/en/tutorials/3-forms.md
#	docs/en/tutorials/4-site-search.md
#	docs/en/tutorials/5-dataobject-relationship-management.md
#	docs/en/tutorials/building-a-basic-site.md
#	docs/en/tutorials/dataobject-relationship-management.md
#	docs/en/tutorials/extending-a-basic-site.md
#	docs/en/tutorials/forms.md
#	docs/en/tutorials/index.md
#	docs/en/tutorials/site-search.md
#	main.php
#	model/SQLQuery.php
#	security/ChangePasswordForm.php
#	security/MemberLoginForm.php
#	tests/control/ControllerTest.php
#	tests/core/startup/ParameterConfirmationTokenTest.php
#	tests/model/SQLQueryTest.php
#	tests/security/SecurityTest.php
#	tests/view/SSViewerTest.php
#	view/SSTemplateParser.php
#	view/SSTemplateParser.php.inc
#	view/SSViewer.php
2016-01-20 13:16:27 +13:00
Damian Mooyman
5d240feaec Merge remote-tracking branch 'origin/3.2' into 3.3 2016-01-19 15:08:24 +13:00
Damian Mooyman
46cbe809ac Merge remote-tracking branch 'origin/3.1' into 3.2
# Conflicts:
#	docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
#	docs/en/02_Developer_Guides/14_Files/01_Image.md
#	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_CMS_Menu.md
#	docs/en/03_Upgrading/index.md
#	docs/en/05_Contributing/01_Code.md
#	forms/TreeMultiselectField.php
#	security/Permission.php
2016-01-19 14:00:19 +13:00
David Alexander
5c99e33eb2 DOCS 3.1 - fixes broken internal links 2016-01-14 23:59:53 +13:00
Damian Mooyman
037467beae API Asset Access Control implementation 2016-01-13 18:18:22 +13:00
Damian Mooyman
3e7eecf978 API Remove SQLQuery 2015-10-23 16:26:04 +13:00
Damian Mooyman
f10785350e Merge remote-tracking branch 'origin/3.2' into 3
Conflicts:
	docs/en/02_Developer_Guides/02_Controllers/01_Introduction.md
2015-09-09 14:50:47 +12:00
Damian Mooyman
309ac0d196 Merge remote-tracking branch 'origin/3.1' into 3.2
Conflicts:
	.travis.yml
	admin/code/CMSProfileController.php
	admin/tests/LeftAndMainTest.php
	control/HTTP.php
	security/Permission.php
	tests/forms/FormTest.php
	tests/model/ArrayListTest.php
	tests/security/PermissionTest.php
2015-09-09 14:35:29 +12:00
Stevie Mayhew
1b57e0ca5b FEATURE: implement getter and setter usage for response 2015-08-29 10:24:06 +12:00
Daniel Hensby
209bb94319 DOCS Adding docs for special Permission cases 2015-08-26 23:32:07 +01:00
Damian Mooyman
4d37e21bc6 Cleanup 3.2 changelog for release 2015-06-15 16:19:08 +12:00
Damian Mooyman
8331171f2c Merge remote-tracking branch 'origin/3.1' into 3
Conflicts:
	.scrutinizer.yml
	admin/javascript/LeftAndMain.Panel.js
	core/startup/ParameterConfirmationToken.php
	dev/Debug.php
	dev/FixtureBlueprint.php
	docs/en/00_Getting_Started/05_Coding_Conventions.md
	docs/en/00_Getting_Started/index.md
	docs/en/02_Developer_Guides/01_Templates/01_Syntax.md
	filesystem/File.php
	filesystem/Folder.php
	forms/FieldList.php
	forms/LabelField.php
	forms/MoneyField.php
	forms/TextField.php
	forms/TreeDropdownField.php
	forms/Validator.php
	forms/gridfield/GridField.php
	forms/gridfield/GridFieldExportButton.php
	lang/de.yml
	lang/fi.yml
	model/DataObject.php
	model/SQLQuery.php
	parsers/ShortcodeParser.php
	security/ChangePasswordForm.php
	security/Security.php
	tests/control/DirectorTest.php
	tests/core/startup/ParameterConfirmationTokenTest.php
	tests/dev/FixtureBlueprintTest.php
	tests/forms/FieldListTest.php
	tests/forms/MoneyFieldTest.php
	tests/model/SQLQueryTest.php
	tests/security/SecurityTest.php
2015-06-02 19:13:38 +12:00
Damian Mooyman
0319f7855b FIX Incorrect env setting in 3.1.13 2015-06-02 12:27:08 +12:00
Will Morgan
e930bcf7b9 Merge pull request #4225 from camfindlay/patch-26
DOCS Fix issue with bullets and backticks thinking they are code blocks
2015-05-28 13:39:36 +01:00
Marcus Nyeholt
9c8fa51321 FIX Allow users to specify allowed hosts
Allow users to explicitly state which Hosts are allowed to be requested via
this application instance to avoid Host: header forgery attacks.
2015-05-28 15:58:39 +10:00
Damian Mooyman
75137dbab2 Ensure only trusted proxy servers have control over certain HTTP headers 2015-05-28 10:12:46 +12:00
Cam Findlay
15ea4aa54c DOCS Fix issue with bullets and backticks thinking they are code blocks
Thanks to @stojg for reporting.
2015-05-23 17:58:51 +12:00
Antony Thorpe
b90432cb26 Update 03_Authentication.md
Create a list to improve presentation on the silverstripe.org website.  Hopefully this works.  The API descriptions/links are currently missing.
2015-04-26 18:16:13 +12:00
Damian Mooyman
319b96b48b Merge remote-tracking branch 'origin/3.1' into 3
Conflicts:
	docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
	docs/en/05_Contributing/01_Code.md
	forms/TreeDropdownField.php
	model/DataObject.php
	security/Member.php
	tests/model/DataObjectTest.php
2015-03-11 11:40:06 +13:00
Fred Condo
82ed86f6cd DOCS: correct broken links
- Correct internal links between documentation pages
- Delete defunct links to documentation removed during documentation reorganization
- Restore testing glossary
- Verify by crawling site locally
2015-02-27 16:09:15 -08:00
Damian Mooyman
dff65867cc Merge remote-tracking branch 'origin/3.1' into 3
Conflicts:
	control/HTTP.php
	control/HTTPResponse.php
	docs/en/05_Contributing/01_Code.md
	forms/CompositeField.php
	forms/FormAction.php
	forms/FormField.php
	forms/InlineFormAction.php
	forms/NumericField.php
	forms/TreeDropdownField.php
	forms/TreeMultiselectField.php
	templates/forms/TreeDropdownField.ss
	tests/core/CoreTest.php
	tests/forms/NumericFieldTest.php
	tests/model/DataDifferencerTest.php
2015-02-20 10:17:19 +13:00
Cam Findlay
0f617e1f5f DOCS bulleted API calls show up as a broken code block
This simplifies the formatting to ensure it's actually readable on docs.
2015-01-23 19:58:54 +13:00
Cam Findlay
3de82ce8dc DOCS Fixed link to yaml config docs. 2015-01-21 15:27:22 +13:00
Damian Mooyman
88fdc75456 Merge remote-tracking branch 'composer/3.1' into 3
Conflicts:
	.editorconfig
	docs/en/00_Getting_Started/00_Server_Requirements.md
	docs/en/00_Getting_Started/01_Installation/04_Other_installation_Options/Windows_IIS7.md
	docs/en/00_Getting_Started/01_Installation/04_Other_installation_Options/Windows_Platform_Installer.md
	docs/en/00_Getting_Started/04_Directory_Structure.md
	docs/en/00_Getting_Started/index.md
	docs/en/01_Tutorials/01_Building_A_Basic_Site.md
	docs/en/01_Tutorials/02_Extending_A_Basic_Site.md
	docs/en/01_Tutorials/03_Forms.md
	docs/en/01_Tutorials/04_Site_Search.md
	docs/en/01_Tutorials/05_Dataobject_Relationship_Management.md
	docs/en/01_Tutorials/index.md
	docs/en/02_Developer_Guides/00_Model/01_Data_Model_and_ORM.md
	docs/en/02_Developer_Guides/00_Model/11_Scaffolding.md
	docs/en/02_Developer_Guides/01_Templates/06_Themes.md
	docs/en/02_Developer_Guides/03_Forms/How_Tos/Simple_Contact_Form.md
	docs/en/02_Developer_Guides/05_Extending/05_Injector.md
	docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
	docs/en/02_Developer_Guides/10_Email/index.md
	docs/en/02_Developer_Guides/11_Integration/01_RestfulService.md
	docs/en/02_Developer_Guides/12_Search/01_Searchcontext.md
	docs/en/02_Developer_Guides/14_Files/index.md
	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/03_CMS_Layout.md
	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/06_Javascript_Development.md
	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_CMS_Tree.md
	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_Site_Reports.md
	docs/en/02_Developer_Guides/18_Cookies_And_Sessions/01_Cookies.md
	docs/en/04_Changelogs/3.1.9.md
	docs/en/05_Contributing/00_Issues_and_Bugs.md
	docs/en/05_Contributing/02_Release_Process.md
	docs/en/05_Contributing/03_Documentation.md
	filesystem/File.php
	filesystem/GD.php
	model/DataDifferencer.php
	model/Versioned.php
	security/BasicAuth.php
	security/Member.php
	tests/filesystem/FileTest.php
	tests/forms/uploadfield/UploadFieldTest.php
	tests/model/VersionedTest.php
	tests/security/BasicAuthTest.php
2015-01-15 18:52:46 +13:00
Will Rossiter
e729131a63 Move CMS Howtos 2014-12-17 15:50:05 +13:00
Cam Findlay
1df3d7cee1 Rebased additional documentation since May 2014.
New pages filed and metadata added.
2014-12-17 15:48:58 +13:00
Will Rossiter
4fcbc9a402 Clean up debugging documentation 2014-12-17 15:48:57 +13:00
Will Rossiter
084286af4c Add introduction files to each of the sections 2014-12-17 15:48:54 +13:00
Will Rossiter
6c5ddaf054 Restructure of the docs markdown source files into more logical taxonomy 2014-12-17 15:48:35 +13:00
Ingo Schommer
7e0276b8ad Docs for exec pipeline and manifests
- Added manifest logic docs
- More obvious pointers to flushing
- Removed Director page since it duplicated a lot of information already presenting in routing,
which in itself is already duplicated between routing.md and controllers.md.
- Merged Director execution rundown into main exec pipeline docs
- Moved YAML security note from main installation docs to "secure coding", making it sless obvious
2014-12-15 09:12:48 +13:00
Will Rossiter
d01c8d7990 Move CMS Howtos 2014-12-15 09:12:47 +13:00
Cam Findlay
b7272e09c6 Rebased additional documentation since May 2014.
New pages filed and metadata added.
2014-12-15 09:12:47 +13:00
Will Rossiter
ebf28bc66b Clean up debugging documentation 2014-12-15 09:12:46 +13:00
Will Rossiter
d52b475cfb Add introduction files to each of the sections 2014-12-15 09:12:45 +13:00
Will Rossiter
e9d88dd8ee Restructure of the docs markdown source files into more logical taxonomy.
Rebased on 3.1
2014-12-15 09:12:44 +13:00