Commit Graph

126 Commits

Author SHA1 Message Date
Ingo Schommer
74f65540a2 Validate 'archiveDate' user data in Versioned
Not a security issue as such, since the user input is sanitized
before being used in Versioned->augmentSQL(). But it shouldn't
reach the session state either, since that's commonly assumed
to be sanitized data, and it leaves unnecessary room for error.

strtotime() has fairly loose validation rules around dates,
but its a good "first line of defence".
2013-08-15 22:17:38 +02:00
Jeremy Thomerson
80808a1537 ENHANCEMENT: allow disabling of Versioned prepopulate_versionnumber_cache
In large sites this can take a very long time, drastically slowing down the CMS
admin.  Even though the versions will then need to be queried individually,
this is still significantly faster than loading hundreds of thousands of
version numbers in one query and populating the cache array.
2013-06-04 13:43:58 +00:00
Will Rossiter
651c968915 Remove redundant get_extra_config(). (Fixes #1973) 2013-05-23 18:40:52 +12:00
Damian Mooyman
734a5fb469 BUG Fixed declaration of Versioned::updateCMSFields to be compatible with DataExtension::updateCMSFields 2013-05-22 08:08:11 +12:00
Will Rossiter
f6cd582dd9 FIX: Remove version field from default scaffolded CMS fields. 2013-05-21 22:47:54 +12:00
Will Rossiter
1bc945f98c Partial code formatting / phpdoc cleanup of Versioned 2013-05-10 21:19:16 +12:00
Sean Harvey
f1a4e7203e BUG Fixing queries on non-existent table breaking archive site
With a many to many relation, e.g. SiteTree_MyRelation, and listing
them in your template then adding ?archiveDate=x in the URL, a SQL
error is shown because Versioned::augmentSQL() tries to query the
non-existent table "SiteTree_MyRelation_versions" assuming there's
versioning setup, but there isn't.
2013-05-07 12:34:46 +12:00
Ingo Schommer
9856fcef21 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	javascript/DateField.js
	model/DataQuery.php
	model/Versioned.php
	tests/forms/RequirementsTest.php
	tests/model/DataObjectLazyLoadingTest.php
	view/Requirements.php
2013-04-09 14:45:35 +02:00
Ingo Schommer
e2b42ca4c2 Fixed Versioned hook regression
Introduced by 5238e9cf48
2013-04-06 12:24:57 +02:00
Will Rossiter
5238e9cf48 API: add onBeforeRollback() and onAfterRollback() hooks. 2013-04-06 22:59:33 +13:00
Ingo Schommer
f0d92f7bcc Merge pull request #1094 from silverstripe-big-o/pulls/3.1-versioned-relfield
BUGFIX Versioned_Version->relField()
2013-04-02 02:49:27 -07:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Julian Seidenberg
10199f908a API Data corruption on Versioned due to lazy loading
Lazy loading no longer loads fields from the versions table when querying. This could lead to incorrect data being displayed if the data on the object and the version it pointed to did not match.

API methods to allow setting of the context of the query that generated the DataObject on that object (used by the lazy loading mechanism to correctly query the Stage, Live, or Versions tables)

See https://github.com/silverstripe/sapphire/pull/1178 for context.
2013-02-14 14:28:42 +01:00
jean
e2bf9649f3 FIX 7934 When lazy loading fields respect version of the record 2013-02-14 14:27:44 +01:00
Julian Seidenberg
f931b8d326 API Data corruption on Versioned due to lazy loading
Lazy loading no longer loads fields from the versions table when querying. This could lead to incorrect data being displayed if the data on the object and the version it pointed to did not match.

API methods to allow setting of the context of the query that generated the DataObject on that object (used by the lazy loading mechanism to correctly query the Stage, Live, or Versions tables)

See https://github.com/silverstripe/sapphire/pull/1178 for context.
2013-02-14 14:18:10 +01:00
Simon Welsh
3439e30ac1 Corrects indentation and line length 2013-01-24 19:56:02 +13:00
Ingo Schommer
f7cd316d1f BUGFIX Versioned_Version->relField() so fields can be used in GridField etc
Copied from DataObject, since we can't use the $fallback opion in this case
(will try to retrieve from wrong class)
2013-01-14 17:01:44 +01:00
Ingo Schommer
f07ad307e4 API Removed non-functional $join argument from DataObject::get() and other APIs
See 68bb74820
2013-01-09 18:28:55 +01:00
Damian Mooyman
b01b91ffc3 BUG When selecting stage_unique from Versioned the augmentSQL function would permanantly alter the DataQuery while doing a recursive augmentSQL. This fix correctly maintains the correct Versioned.mode so that subsequent calls to this function exhibit the same expected behaviour. 2012-12-18 10:11:30 +13:00
Damian Mooyman
6aa16e1f01 BUG Test case for versioned now correctly checks IDs returned from Versioned::get_including_deleted
BUG Issue with deleted records not being queried properly.
API DataQuery::expressionForField no longer requires a second parameter. Rather the query object is inferred from the DataQuery itself. This should improve consistency of use of this function.
2012-12-17 17:15:26 +13:00
Hamish Friedlander
27113f82c3 API Make DataList and ArrayList immutable
In 3.0 there was some confusion about whether DataLists and ArrayLists
were mutable or not. If DataLists were immutable, they'd return the result, and your code
would look like

  $list = $list->filter(....);

If DataLists were mutable, they'd operate on themselves, returning nothing, and your code
would look like

 $list->filter(....);

This makes all DataLists and ArrayList immutable for all _searching_ operations.
Operations on DataList that modify the underlying SQL data store remain mutating.

- These functions no longer mutate the existing object, and if you do not capture the value
returned by them will have no effect:

  ArrayList#reverse
  ArrayList#sort
  ArrayList#filter
  ArrayList#exclude

  DataList#dataQuery (use DataList#alterDataQuery to modify dataQuery in a safe manner)
  DataList#where
  DataList#limit
  DataList#sort
  DataList#addFilter
  DataList#applyFilterContext
  DataList#innerJoin
  DataList#leftJoin
  DataList#find
  DataList#byIDs
  DataList#reverse

- DataList#setDataQueryParam has been added as syntactic sugar around the most common
cause of accessing the dataQuery directly - setting query parameters

- RelationList#setForeignID has been removed. Always use RelationList#forForeignID
when querying, and overload RelationList#foreignIDList when subclassing.

- Relatedly,the protected variable RelationList->foreignID has been removed, as the ID is
now stored on a query parameter. Use RelationList#getForeignID to read it.
2012-12-14 13:30:35 +13:00
Simon Welsh
b0121b541c Add codesniffer that ensures indentation is with tabs. 2012-12-12 17:33:31 +13:00
Simon Welsh
fc5dd2994c Add codesniffer that ensures indentation is with tabs. 2012-12-12 00:12:11 +13:00
jean
fbfff8df28 FIX 7934 When lazy loading fields respect version of the record 2012-11-27 17:31:45 +01:00
Sam Minnee
1f7fc1f76a FIX Remove instances of lines longer than 120c
The entire framework repo (with the exception of system-generated files) has been amended to respect the 120c line-length limit.  This is in preparation for the enforcement of this rule with PHP_CodeSniffer.
2012-09-30 17:18:13 +13:00
Ingo Schommer
e2f073f38a Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
Damian Mooyman
30e15d11a7 FIXED: Generation of tables with fulltext indexes now no longer incorrectly thinks that all fulltext indexes have changed.
ADDED: Test cases correctly checking for changes (and no changes) to the data model for both fields and indexes.
FIXED: References to indexes throughough the code that probably should have quoted field names. This prevents a lot of 'spam' during dev build. This includes an updated FulltextSearchable test case.
2012-09-11 12:53:08 +12:00
Hamish Friedlander
2f00884e79 FIX If ClassName read from DB doesnt exist, dont break
We know the subclass of a record by its ClassName value, but code changes
might have meant that class no longer exists. We used to just break,
but this patch overrides the apparent value of ClassName to be
one that exists in that situation
2012-08-30 11:02:50 +12:00
Sean Harvey
674b52b4f7 Merge pull request #734 from silverstripe-rebelalliance/trac/7799
API Reverse config extra statics control flow
2012-08-26 14:24:05 -07:00
Sam Minnee
87685eefdd BUGFIX: Fix Versioned's stage_unique mode on PostgreSQL. 2012-08-23 12:56:06 +12:00
Sam Minnee
296ee1fa0f BUGFIX: Add double quotes to index columns for more reliable DB-schema management. 2012-08-23 12:38:44 +12:00
Sam Minnee
dd302a68a7 BUGFIX: Ensure that all_versions are sorted explicitly for better cross-db behaviour. 2012-08-23 12:38:37 +12:00
Hamish Friedlander
fa37c448a5 API Reverse config extra statics control flow
Config system used to provide an add_static_source method, which was intended for
use by Extensions to add statics. But extensions for a class arent initialised
until at least one instance of that class is created, so before that the
Config system didnt include values from extensions

This patch reverses the control flow, so that the Config system explictly asks
each Object for its additional config sources via the new method
get_extra_config_sources. This method returns an array that can contain
string names of classes and also raw associative arrays.

The developer visible change is that Extension#add_to_class has been
deprecated. Instead there is a new method, get_extra_config, which has
the same method signature but needs to guarantee that it doesnt
cause side effects. Additionally there is no need to call
parent::get_extra_config - this is handled automatically.
2012-08-23 09:29:13 +12:00
Sam Minnée
e0e96343cf Merge pull request #729 from silverstripe-rebelalliance/trac/7717
FIX Hierarchy#liveChildren couldnt handle lots of pages
2012-08-20 20:59:41 -07:00
Hamish Friedlander
d0bc9c6d23 FIX Hierarchy#liveChildren couldnt handle lots of pages
Hierarchy#liveChildren was generating a list of all IDs of all pages
on staging. When a site had lots of pages, this basically killed the
tree.

Fix by adding new versioned mode, stage_unique, which uses a
subselect to only return items from a stage that are in no
other stage.
2012-08-21 15:52:12 +12:00
Damian Mooyman
f7ffb79542 FIXED: Compatibility fixes for MS SQL Server. Replaced back ticks (which are mysql specific) with double quotes 2012-08-21 13:46:19 +12:00
Sam Minnée
47b56d4ef8 Merge pull request #716 from tractorcow/3.0-versioned-fixes
FIXED: Crashed caused by viewing versioned page
2012-08-19 19:02:24 -07:00
Damian Mooyman
0f09305e3d FIXED: Issue where temporary table would cause unpredictable behaviour. Temporary table functionality was substituted with subqueries in each use case.
ADDED: Test case for version archive functionality.
2012-08-20 13:24:28 +12:00
Damian Mooyman
c55b018feb FIXED: Issue where versioned would join _versions tables on ID,Version instead of RecordID,Version 2012-08-10 13:54:29 +12:00
Damian Mooyman
22c5f3129c FIXED: Issue where viewing an archived version of a page caused invalid SQL to be generated. This would only occur with subclasses of Page. 2012-08-10 12:45:37 +12:00
Mateusz Uzdowski
143ecebbfb BUG Correct wrong parameter order. 2012-07-24 14:17:12 +12:00
Sam Minnee
b654b95472 BUGFIX: Allow Versioned::get_latest_version() and Version::get_version() to return results if the classname has changed.
Without this bugfix, if you had a Page that used to be a SiteTree, and you tried to use Versiond::get_version() or Versioned::get_latest_version() to return the older SiteTree version, nothing would be returned, because the results were being filtered by ClassName.  This caused bugs in the history panel for certain combinbations of page classname alteration.
2012-06-28 13:00:40 +12:00
Ingo Schommer
34a2ce23d8 NEW Documentation for Versioned 2012-06-27 16:09:31 +02:00
Marcus Nyeholt
ae7fc6f4d2 RECOMMIT This is a recommit of a previously merged, but reverted, commit. The initial commit had problems when running "tests/all flush=all" when dev/build would re-analyse a bunch of stuff; fixes to address this went into https://github.com/silverstripe/sapphire/pull/487, but for some reason the actual base changes didn't, so I'm re-submitting them in a separate pull.
BUGFIX Versioned's constructor doesn't provide suitable defaults. Previously a bug/feature in singleton, where it would pass null,true as params to strong_create, which would then get passed through as params to Versioned's constructor, meant that the code still executed fine (as was set to something that wasn't an array, so the null and true were instead taken as args). The fact that the usage of singleton(Versioned) never really used the classes code, purely for value lookup, meant that this never propagated errors. I've now switched singleton() to use the injector for retrieving values, which means these dud values are no longer passed through

CHANGE Given that Config::inst is an implementation of the singleton pattern itself, I've removed the extra call to singleton(). A side effect of this is that it gets around a possibly nasty circular reference with the dependency injector (which relies on the config object); in future, this dependency structure should really be structured from the DI directly.

MINOR Change singleton and strong_create to use dependency injector
2012-06-03 20:41:00 +10:00
Sean Harvey
c3eabffcb9 MINOR Use shorthand {class}::get() syntax instead of DataList::create()
in core code.
2012-05-28 21:13:42 +12:00
Sean Harvey
29e04a1049 Revert "BUGFIX Versioned's constructor doesn't provide suitable defaults. Previously a bug/feature in singleton, where it would pass null,true as params to strong_create, which would then get passed through as params to Versioned's constructor, meant that the code still executed fine (as was set to something that wasn't an array, so the null and true were instead taken as args). The fact that the usage of singleton(Versioned) never really used the classes code, purely for value lookup, meant that this never propagated errors. I've now switched singleton() to use the injector for retrieving values, which means these dud values are no longer passed through"
This reverts commit 5eaca340b4.
2012-05-23 09:52:57 +12:00
Marcus Nyeholt
5eaca340b4 BUGFIX Versioned's constructor doesn't provide suitable defaults. Previously a bug/feature in singleton, where it would pass null,true as params to strong_create, which would then get passed through as params to Versioned's constructor, meant that the code still executed fine (as was set to something that wasn't an array, so the null and true were instead taken as args). The fact that the usage of singleton(Versioned) never really used the classes code, purely for value lookup, meant that this never propagated errors. I've now switched singleton() to use the injector for retrieving values, which means these dud values are no longer passed through
CHANGE Given that Config::inst is an implementation of the singleton pattern itself, I've removed the extra call to singleton(). A side effect of this is that it gets around a possibly nasty circular reference with the dependency injector (which relies on the config object); in future, this dependency structure should really be structured from the DI directly.

MINOR Change singleton and strong_create to use dependency injector
2012-05-22 19:09:35 +10:00
Sean Harvey
46f51d5653 MINOR Fixing deprecated use of SQLQuery 2012-05-11 11:39:06 +12:00
Sean Harvey
051d9de482 API CHANGE Deprecated internal access to SQLQuery properties, update core code to reflect these changes.
Using set/add instead in accessor methods, and use Database::sql*ToString() to allow easier per-database adapter SQL overloading.
2012-05-07 14:21:44 +12:00
Ingo Schommer
68051fdb96 Merge pull request #371 from halkyon/sapphire
---

Dont start the session until its actually necessary, which is to say there is a cookie available with the current PHP session name (or a request variable with the session_name() - typically PHPSESSID.) The latter allows for passing session ID through as an alternative to cookies.
2012-05-03 14:58:09 +02:00
Sam Minnee
8661164c19 API CHANGE: Add SQLQuery::clearSelect(), SQLQuery::selectField() and SQLQuery::itemisedSelect() to make it easier for other subsystems to use SQLQuery without resorting to direct property access.
API CHANGE: Remove DataQuery::select() in place of DataQuery::selectField().
BUGFIX: Remove direct property access to SQLQuery::$select
2012-05-01 17:57:39 +12:00
Sean Harvey
f63d137d49 ENHANCEMENT Session::start() now only called when there is changed
session data to be saved, and started on Director::direct() when there
is a cookie (or request var) containing the current PHP session name.
2012-04-27 16:28:46 +12:00
Sean Harvey
4c6be2931b BUGFIX Removing use of deprecated Object static functions like
get_static(), set_static(), uninherited() etc. Replace with equivalent
Config system get(), update()
2012-04-18 23:10:57 +12:00
Ingo Schommer
d44f6b3e1f MINOR Removed deprecated usage of $priority argument in _t() calls 2012-04-15 17:17:17 +02:00
Simon Welsh
f07258f3cf MINOR Update @package values to match renaming sapphire 2012-04-15 10:50:19 +12:00
Sean Harvey
9a9cebb369 MINOR Versioned::add_to_class() now conforms to parent
DataExtension::add_to_class() with $args being optional (default to
null). This is for E_STRICT compliance.
2012-04-12 12:07:35 +12:00
Sean Harvey
e097f6e1a8 MINOR Fixes to method arguments in core classes for E_STRICT support.
API CHANGE Remove abstract static function and just use static functions
in Authenticator (PHP 5.3+ doesn't support abstract static functions)
2012-03-28 22:41:42 +13:00
Normann Lou
9e60225064 MINOR : Update core docs to use DataList::create() rather than DataObject::get()/get_one()/get_by_id() where appropriate - Trac#6891 2012-03-27 17:02:18 +02:00
Sean Harvey
f63497d6f9 ENHANCEMENT Extension arguments are now passed through to add_to_class()
static function on Extension classes.
BUGFIX FulltextSearchable didn't pass through arguments, use now
available $args parameter with FulltextSearchable::add_to_class()
2012-03-12 16:14:47 +13:00
Hamish Friedlander
9c2ebc3e5f BUGFIX: Replace deprecated extraStatics with new methods on Versioned and Hierarchy 2012-03-09 18:16:44 +13:00
Ingo Schommer
9451993d74 API CHANGE Moved DataObject->writeWithoutVersion() to Versioned extension
BUGFIX Don't create new version on related VirtualPage records in SiteTree->onAfterWrite() when the write was triggered through writeWithoutVersion(). Use a new $_nextWriteWithoutVersion flag replacing the -1 Version number for this purpose (AIR-97)
2012-01-14 13:07:12 +01:00
Stig Lindqvist
260a9e230c BUGFIX Versioned returns error on singleton($className)->summaryFields()
This solves a bugfix when calling singleton($className)->summaryFields() and Versioned kicks back. It is needed to by the GridField functionality to get default columns to show.

This is due to DataExtension calls ClassName::extraStatics() when calling ::load_extra_statics() statically, we need to pass in class and extension.
2011-10-31 11:17:37 +13:00
Sam Minnee
a5a94b520f MINOR: Remove uses of deprecated extendedSQL() 2011-10-29 17:36:39 +13:00
Stig Lindqvist
e38dd08ea5 MINOR: Fix docblocks to reference SS_List instead of (now deprecated) DataObjectSet where appropriate 2011-10-28 15:58:55 +13:00
Ingo Schommer
54b81a3953 MINOR Don't set cookies in CLI mode for Versioned (AIR-75) 2011-10-07 14:12:48 +02:00
Stig Lindqvist
75c0fcd052 MINOR Better isset checks on Versioned#allVersions() due to changes in SQLQuery 2011-09-28 12:33:02 +13:00
Will Rossiter
1732a17114 Merged new-orm into datagrid 2011-09-26 16:47:54 +13:00
Will Rossiter
4c6ddb142d ENHANCEMENT: added isLatestVersion() method for checking whether a record is the latest version of this ID 2011-09-19 17:26:21 +02:00
simonwelsh
718b9b5b34 Pass create_table_options for the owner class's table to DB::requireTable() when creating tables for the stages and the _version table. 2011-09-17 00:21:54 +12:00
Ingo Schommer
c776a1cd67 BUGFIX Consistently using Convert::raw2sql() instead of DB::getConn()->addslashes() or PHP's deprecated addslashes() for database escaping 2011-09-15 14:24:46 +02:00
ajshort
3f132a105b API CHANGE: Replaced DataObjectSet instances with ArrayList. 2011-05-05 20:40:24 +10:00
ajshort
81c0caaddb API CHANGE: Renamed DataList::filter() and DataQuery::filter() to ::where(). 2011-05-01 15:26:30 +12:00
Sam Minnee
c57378753d ENHANCEMENT: Improved Versioned to pass different query styles as DataQuery modes. 2011-05-01 15:25:46 +12:00
Sam Minnee
de1494e3a8 ENHANCEMENT: Implemented DataList as the successor of DataObjectSet. DataList doesn't execute the query until it's actually needed, allowing for a more flexible ORM.
API CHANGE: augmentSQL is now passed a DataQuery object from which query parameters can be extracted.
API CHANGE: DataObjectDecorators that manipulate the query can now define augmentDataQueryCreation().
API CHANGE: The container class argument for DataObject::get() is deprecated.
API CHANGE: DataObject::buildSQL() and DataObject::extendedSQL() are deprecated; just use DataObject::get() now.
API CHANGE: DataObject::instance_get() and DataObject::instance_get_one() are deprecated, and can no longer be overloaded.
API CHANGE: DataObject::buildDataObjectSet() is deprecated.
API CHANGE: Cant't call manual manipulation methods on DataList such as insertFirst()
2011-05-01 15:25:45 +12:00
ajshort
3a1c2df4e7 API CHANGE: Renamed DataObjectDecorator to DataExtension.
API CHANGE: Renamed LeftAndMainDecorator to LeftAndMainExtension.
MINOR: Replaced all references to decorators with extension.
2011-04-26 11:01:38 +10:00
Ingo Schommer
9b29616710 API CHANGE Rearranged files in sapphire to reflect core dependencies more accurately, and have the tests/ folder mirror its folder structure 2011-03-31 09:56:21 +13:00