Damian Mooyman
8331171f2c
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
.scrutinizer.yml
admin/javascript/LeftAndMain.Panel.js
core/startup/ParameterConfirmationToken.php
dev/Debug.php
dev/FixtureBlueprint.php
docs/en/00_Getting_Started/05_Coding_Conventions.md
docs/en/00_Getting_Started/index.md
docs/en/02_Developer_Guides/01_Templates/01_Syntax.md
filesystem/File.php
filesystem/Folder.php
forms/FieldList.php
forms/LabelField.php
forms/MoneyField.php
forms/TextField.php
forms/TreeDropdownField.php
forms/Validator.php
forms/gridfield/GridField.php
forms/gridfield/GridFieldExportButton.php
lang/de.yml
lang/fi.yml
model/DataObject.php
model/SQLQuery.php
parsers/ShortcodeParser.php
security/ChangePasswordForm.php
security/Security.php
tests/control/DirectorTest.php
tests/core/startup/ParameterConfirmationTokenTest.php
tests/dev/FixtureBlueprintTest.php
tests/forms/FieldListTest.php
tests/forms/MoneyFieldTest.php
tests/model/SQLQueryTest.php
tests/security/SecurityTest.php
2015-06-02 19:13:38 +12:00
Damian Mooyman
0a8f328947
Fix merge / test regressions
2015-05-28 16:59:05 +12:00
Damian Mooyman
22a35e48a9
BUG Fix malformed urls redirecting to external sites
2015-05-28 10:12:18 +12:00
Daniel Hensby
6d0002780d
API Adding default_classes to Form
2015-01-20 13:36:31 +00:00
Damian Mooyman
0b1f297873
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
.travis.yml
README.md
admin/code/LeftAndMain.php
admin/css/screen.css
admin/scss/screen.scss
api/RestfulService.php
conf/ConfigureFromEnv.php
control/injector/ServiceConfigurationLocator.php
control/injector/SilverStripeServiceConfigurationLocator.php
core/ClassInfo.php
core/Object.php
css/AssetUploadField.css
css/ComplexTableField_popup.css
dev/CSSContentParser.php
dev/DevelopmentAdmin.php
docs/en/changelogs/index.md
docs/en/misc/contributing/code.md
docs/en/reference/execution-pipeline.md
filesystem/GD.php
filesystem/ImagickBackend.php
filesystem/Upload.php
forms/Form.php
forms/FormField.php
forms/HtmlEditorConfig.php
forms/gridfield/GridFieldDetailForm.php
forms/gridfield/GridFieldSortableHeader.php
lang/en.yml
model/Aggregate.php
model/DataList.php
model/DataObject.php
model/DataQuery.php
model/Image.php
model/MySQLDatabase.php
model/SQLQuery.php
model/fieldtypes/HTMLText.php
model/fieldtypes/Text.php
scss/AssetUploadField.scss
search/filters/SearchFilter.php
security/Authenticator.php
security/LoginForm.php
security/Member.php
security/MemberAuthenticator.php
security/MemberLoginForm.php
security/Security.php
tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsFormsContext.php
tests/control/HTTPTest.php
tests/control/RequestHandlingTest.php
tests/filesystem/UploadTest.php
tests/forms/FormTest.php
tests/forms/NumericFieldTest.php
tests/model/DataListTest.php
tests/model/DataObjectTest.php
tests/model/TextTest.php
tests/security/MemberAuthenticatorTest.php
tests/security/SecurityDefaultAdminTest.php
tests/view/SSViewerCacheBlockTest.php
tests/view/SSViewerTest.php
2014-11-18 12:45:54 +13:00
Damian Mooyman
53c40a94fa
API Enable re-authentication within the CMS if a user session is lost
...
BUG Resolve issue with error redirection being ignored within CMS
BUG Fix issue with invalid securityID being re-emitted on failure
2014-10-14 15:19:48 +13:00
Sean Harvey
0e07f1a7f5
Merge remote-tracking branch 'origin/3.0' into 3.1
2014-08-22 17:50:36 +12:00
Ingo Schommer
1661213e5b
FIX Opt-out pf form message escaping ( fixes #2796 )
...
This fixes a limitation introduced through http://www.silverstripe.org/ss-2013-008-xss-in-numericfield-validation/ .
Form messages used to accept HTML, now they’re escaped by default, effectively removing the ability
to pass in HTML and take care of escaping manually.
We pass through HTML to message in core through the CTF system, so this needs to be fixed.
It’s an alternative fix to https://github.com/silverstripe/silverstripe-framework/pull/2803 .
2014-08-22 16:59:34 +12:00
Damian Mooyman
eb069e605d
Remove all redundant whitespace
2014-08-19 09:17:15 +12:00
Damian Mooyman
d8e9af8af8
API New Database abstraction layer. Ticket #7429
...
Database abstraction broken up into controller, connector, query builder, and schema manager, each independently configurable via YAML / Injector
Creation of new DBQueryGenerator for database specific generation of SQL
Support for parameterised queries, move of code base to use these over escaped conditions
Refactor of SQLQuery into separate query classes for each of INSERT UPDATE DELETE and SELECT
Support for PDO
Installation process upgraded to use new ORM
SS_DatabaseException created to handle database errors, maintaining details of raw sql and parameter details for user code designed interested in that data.
Renamed DB static methods to conform correctly to naming conventions (e.g. DB::getConn -> DB::get_conn)
3.2 upgrade docs
Performance Optimisation and simplification of code to use more concise API
API Ability for database adapters to register extensions to ConfigureFromEnv.php
2014-07-09 18:04:05 +12:00
Ingo Schommer
bb03f6ba2f
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
forms/HtmlEditorField.php
2014-06-15 22:50:20 +12:00
Phill Price
b2455f2d20
Update Form.php
...
tiny typo
2014-06-10 13:50:28 +01:00
Simon Welsh
8f31352039
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
.travis.yml
2014-03-16 09:36:48 +13:00
Simon Welsh
310e90d412
Merge pull request #2751 from axyr/patch-1
...
formHtmlContent() uses missing FormEncType() call
2014-03-15 21:12:44 +13:00
Simon Welsh
18661005ee
Corrects merge errors.
...
Closes #2937
2014-03-11 07:04:24 +13:00
Simon Welsh
d431e98ecf
Merge branch '3.1'
...
Conflicts:
forms/Form.php
forms/FormField.php
security/Member.php
security/MemberLoginForm.php
2014-03-10 22:58:49 +13:00
Damian Mooyman
0cbad41d3b
Rewrote usages of error suppression operator
2014-03-05 15:48:55 +13:00
Damian Mooyman
6d5d3d8cb7
Rewrote usages of error suppression operator
2014-03-05 14:22:19 +13:00
Will Rossiter
c74137e679
FIX: getMessageFromSession returning null on first access
2014-02-28 21:24:16 +13:00
Sean Harvey
9048eab4a2
Merge branch '3.1'
2014-02-12 11:06:54 +13:00
Loz Calver
058219c0ee
NEW: Forms with invalid/expired SecurityIDs are repopulated ( fixes #1891 )
2014-02-09 10:19:24 +00:00
Martijn
180bae826a
formHtmlContent() uses missing FormEncType() call
...
it needs to call $this->getEncType() instead..
2014-01-02 10:44:00 +01:00
Damian Mooyman
4102cc64a0
BUG Issues with CMSForm not consistently respecting new form naming scheme.
...
Fixes for failing CMSFormTest cases
2013-10-30 17:08:31 +13:00
Ingo Schommer
d485faf0c9
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
.travis.yml
forms/Form.php
2013-10-08 11:17:06 +02:00
Loz Calver
3172c7732e
Allow setting of specific form actions that do not require validation
...
Move validation exemptions into CMSForm
Also fix buttonClicked() to skip CompositeField
Whitespace
Adding unit tests
2013-10-04 10:30:20 +01:00
Ingo Schommer
455e550d9a
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
docs/en/topics/testing/create-silverstripe-test.md
forms/Form.php
i18n/i18n.php
model/Image.php
2013-09-27 19:22:14 +02:00
Ingo Schommer
2e3511bc5f
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
docs/en/changelogs/3.0.6.md
forms/Form.php
forms/FormField.php
forms/TreeDropdownField.php
2013-09-27 18:50:47 +02:00
Ingo Schommer
debd81d380
Merge pull request #2453 from chillu/pulls/escape-3.1.0
...
Escaping 3.1
2013-09-25 16:02:45 -07:00
Ingo Schommer
c243418597
API Escape form validation messages (SS-2013-008)
2013-09-24 21:54:31 +02:00
Ingo Schommer
2b7a2a289e
API Escape form validation messages (SS-2013-008)
2013-09-24 21:41:21 +02:00
Ingo Schommer
48021e9fd3
Merge pull request #2166 from dhensby/patch-2
...
FormFields now allow setting of extra CSSClasses en masse
2013-09-24 11:50:01 -07:00
Ingo Schommer
1bb993b0b3
Form errors in LeftAndMain response negotiation
...
The session key for form errors changed from "Form_EditForm" to "CMSForm_EditForm",
causing a mismatch. See https://github.com/silverstripe/silverstripe-framework/pull/2084/files#r6338249 for discussion
2013-09-18 14:30:37 +02:00
Ingo Schommer
cc33427218
Merge pull request #2123 from willmorgan/forajaxtemplate-session-message
...
MINOR clear session message whenever forAjaxTemplate is used
2013-07-10 16:04:48 -07:00
Simon Welsh
fbce9fd7cd
Merge branch '3.1'
...
Conflicts:
.travis.yml
docs/en/misc/contributing/code.md
javascript/HtmlEditorField.js
2013-07-05 10:22:58 +12:00
Daniel Hensby
336ddf1a55
FormFields now allow setting of extra CSSClasses en masse
...
Each CSS class passed in to `addExtraClass` or `removeExtraClass` will be set as their own key in the `extraClasses` array
Also make `Form` consistent with `FormField`
2013-06-29 13:27:26 +01:00
Ingo Schommer
09b31c642f
Allow Form->forTemplate() URL access ( fixes #788 )
...
Need to specifically whitelist URL-accessible actions now.
Used in "Insert Link" form in HtmlEditorField.
Regression from 1edf45fbed
2013-06-25 16:33:00 +02:00
Ingo Schommer
fb784af738
API Enforce $allowed_actions in RequestHandler->checkAccessAction()
...
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk
Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.
Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Will Morgan
a99b430fec
Clearing the session message whenever forAJAXTemplate is used.
2013-06-19 14:03:35 +01:00
Ingo Schommer
94b4237372
Merge remote-tracking branch 'origin/3.1'
2013-06-19 11:17:33 +02:00
Ingo Schommer
63eb9518d2
Consistent Form setters (returning $this on setHTMLID())
2013-06-13 07:51:08 +02:00
Ingo Schommer
bfff11eb9c
API New CMSForm class to allow validation responses in CMS ( fixes #1777 )
...
Thanks to @willmorgan for getting this discussion started
(see https://github.com/silverstripe/sapphire/pull/1814 ).
2013-06-13 07:51:05 +02:00
Ingo Schommer
5a1d476e8d
Merge branch 'idvalidattr' of git://github.com/wilr/sapphire into wilr-idvalidattr
2013-05-31 19:27:19 +02:00
Ingo Schommer
88536998b9
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
.travis.yml
2013-05-31 18:08:59 +02:00
Will Rossiter
4921173209
Code formatting
2013-05-30 21:06:54 +12:00
Will Rossiter
c7468caeb6
FIX: Generate Form::FormName() through
2013-05-30 21:06:41 +12:00
Fred Condo
59657d94bb
Use upper case to represent HTTP methods for forms
...
Per [RFC 2616 section 5.1.1][ietf], HTTP methods are case-sensitive.
- Change the internal representation of the form's method to upper case
- Update FormTest to accommodate the case changes
- Change method to lower case for HTML in Form#getAttributesHTML()
[ietf]: http://tools.ietf.org/html/rfc2616#section-5.1.1
2013-05-28 17:51:56 -07:00
Will Rossiter
ca87b8b794
API: Form Field ID attribute should follow HTML specification
...
Fixes: http://open.silverstripe.org/ticket/4431 .
Changes Form and Form Field classes to make use of Convert::raw2htmlid() which follows http://www.w3.org/TR/REC-html40/types.html#type-cdata .
Introduces a FormTemplateHelper class to assist in these sort of updates in the future.
2013-05-26 11:11:55 +12:00
uniun
5596442081
FIX: Form::set_current_action() never gets called.
2013-05-24 11:25:36 +03:00
Ingo Schommer
14c59be85e
API Form::setStrictFormMethodCheck() and strict argument to setFormMethod()
...
Thanks to @sminnee for getting this started
2013-05-08 10:25:13 +02:00
Will Morgan
9732a7fb3b
Fixing typo on Validator exception message
2013-04-24 18:50:40 +02:00