Robbie Averill
8b750b3d80
Merge remote-tracking branch 'origin/3.5.8' into 3.6.6
2018-05-10 15:52:23 +12:00
Damian Mooyman
5771388821
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-09 15:12:40 +12:00
Damian Mooyman
4da99efd5d
Merge remote-tracking branch 'origin/3.5' into 3.6
2018-01-31 16:03:42 +13:00
Damian Mooyman
72e2326731
Merge pull request #7798 from kinglozzer/member-groupset-delete
...
FIX: Fix Member_GroupSet::removeAll() (fixes #3948 )
2018-01-25 09:20:30 +13:00
Loz Calver
c2cd6b3832
FIX: Fix Member_GroupSet::removeAll() ( fixes #3948 )
2018-01-24 17:17:20 +00:00
Daniel Hensby
7b0500982e
Merge branch '3.5' into 3.6
2017-12-14 15:25:36 +00:00
Daniel Hensby
81150c5922
FIX Use PHP 5.3 array syntax
2017-12-14 15:24:53 +00:00
Damian Mooyman
d6a93f5215
Merge remote-tracking branch 'silverstripe-security/3.5' into 3.6
...
# Conflicts:
# security/Member.php
2017-12-06 17:26:45 +13:00
Damian Mooyman
91cf85087b
Merge remote-tracking branch 'origin/3.5' into 3.6
2017-12-06 17:21:09 +13:00
Damian Mooyman
dd4c5417e7
Merge pull request #49 from silverstripe-security/pulls/3.5/ss-2017-007
...
[ss-2017-007] Ensure xls formulae are safely sanitised on output (3.5)
2017-12-06 16:25:58 +13:00
Damian Mooyman
44de03da01
Merge pull request #53 from silverstripe-security/pulls/3.5/ss-2017-006
...
[ss-2017-006] Fix user agent invalidation on session startup (3.5 branch)
2017-12-06 16:25:39 +13:00
Damian Mooyman
3e2bcaa0b4
Merge pull request #54 from silverstripe-security/pulls/3.5/ss-2017-009
...
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt (3.5 branch)
2017-12-06 16:25:19 +13:00
Daniel Hensby
2aa1d8f2c4
remove create_function usage
2017-12-05 14:20:13 +00:00
Damian Mooyman
25e276cf37
[ss-2017-006] Fix user agent invalidation on session startup
2017-12-01 10:55:00 +13:00
Damian Mooyman
22ccf3e2f9
[ss-2017-007] Ensure xls formulae are safely sanitised on output
...
CSVParser now strips leading tabs on cells
2017-12-01 10:19:48 +13:00
Damian Mooyman
6ba00e829a
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt
2017-11-30 15:53:50 +13:00
Damian Mooyman
bac5f4c8aa
Merge branch '3.5' into pulls/3.5/update-pwd-encryption-on-change
2017-11-27 14:42:32 +13:00
Daniel Hensby
badeb0cc8c
Merge branch '3.5' into 3.6
2017-11-25 16:17:36 +00:00
Daniel Hensby
09a003bc13
Fix deprecated usage of getMock in unit tests
2017-11-24 14:48:30 +00:00
Daniel Hensby
2ad3cc07d5
FIX Update meber passwordencryption to default on password change
2017-11-23 21:17:31 +00:00
Loz Calver
13b02feed7
Merge pull request #7602 from dhensby/pulls/3.5/fix-filter-any-inner-join
...
FIX ManyMany link table joined with LEFT JOIN
2017-11-16 13:48:07 +00:00
Daniel Hensby
4f3deb13e0
TEST filterAny on many_many relations return correct items
2017-11-16 11:10:12 +00:00
Daniel Hensby
3d3096485b
TEST Uppercase file extensions return correct mime type
2017-11-16 11:01:25 +00:00
Daniel Hensby
4731d3c671
Merge branch '3.5' into 3.6
2017-11-14 12:00:53 +00:00
Andrew Aitken-Fincham
c4a50a3d10
Spelling in DataQueryTest
2017-10-20 12:00:35 +01:00
Robbie Averill
2f579b64cb
FIX Files without extensions (folders) do not have a trailing period added
2017-10-18 09:25:27 +13:00
Daniel Hensby
bd7abc73de
Merge branch '3.5.5' into 3.6.2
2017-09-20 16:26:30 +01:00
Daniel Hensby
091d99f599
FIX Authenticators are more resilient to incomplete configuration
2017-09-12 15:57:03 +01:00
Daniel Hensby
921f615e19
Merge branch '3.5' into 3.6
2017-08-17 14:14:31 +01:00
Daniel Hensby
1ae07ac2a3
TEST Prove LastEdited is updated when no changes are made
2017-08-16 22:26:47 +01:00
Daniel Hensby
90be7e806d
Merge branch '3.5' into 3.6
2017-07-19 15:40:01 +01:00
Daniel Hensby
7b6aad8a65
Revert "TreeDropDown performance boost."
2017-07-19 12:44:43 +01:00
Daniel Hensby
7e732da709
Merge branch '3.5' into 3.6
2017-07-18 12:00:04 +01:00
Loz Calver
960a0f8343
Fix: Make File::ini2bytes() compliant with binary prefixes ( fixes #7145 )
2017-07-10 09:41:36 +01:00
Roman Schmid
a6db16b229
Fix OS X issue with Convert::html2raw
, HTMLText::FirstSentence
, HTMLText::Summary
and Text::FirstSentence
.
...
Use unicode modifier for regular expressions that deal with whitespace.
Added unit-tests to ensure no invalud utf-8 gets generated by these methods.
2017-07-10 09:49:55 +02:00
Daniel Hensby
1e5592a3d9
Merge branch '3.5' into 3.6
2017-06-27 13:14:39 +01:00
Mojmir Fendek
5b6a39e71a
TreeDropDown performance boost.
2017-06-19 15:10:23 +12:00
Loz Calver
2afe018dc7
FIX: Ensure HasManyList foreign ID filter includes table name ( fixes #7023 )
2017-06-15 12:06:30 +01:00
Loz Calver
4ad2cae864
FIX: Upload_Validator failed to fetch max size from PHP ini values ( fixes #6999 )
2017-06-06 14:28:03 +01:00
Daniel Hensby
cda7e8dc39
Merge remote-tracking branch 'security/3.5.4' into 3.6.0
2017-05-29 01:29:05 +01:00
Daniel Hensby
24166700e8
Merge remote-tracking branch 'security/3.4.6' into 3.5.4
2017-05-29 01:02:35 +01:00
Daniel Hensby
f71efb5063
Merge pull request #40 from silverstripe-security/patch/3.4/ss-2017-002
...
[SS-2017-002] FIX Lock out users who dont exist in the DB
2017-05-28 22:18:56 +01:00
Daniel Hensby
24a768ae14
Merge branch '3.4' into 3.5
2017-05-26 14:57:15 +01:00
Daniel Hensby
447ce0f84f
[SS-2017-002] FIX Lock out users who dont exist in the DB
2017-05-25 16:14:52 +01:00
Daniel Hensby
85f0650796
Remove unnecessary nesting of config/injector in tests
2017-05-24 16:05:39 +01:00
Daniel Hensby
cc70d893bc
Merge branch '3.4' into 3.5
2017-05-18 13:53:49 +01:00
Daniel Hensby
49a0354998
Make sure that nested relations dont break
2017-05-17 23:01:42 +01:00
Thomas Portelange
efbf14be63
Allow filtering if a relation is defined or a formatting
2017-05-17 21:05:21 +01:00
Daniel Hensby
1f0e1913cd
Merge branch '3.5' into 3
2017-04-08 20:25:27 +01:00
Robbie Averill
55eb7ebdcc
FIX Do not insert requirements more than once in includeInHTML
...
This change consolidates the string replacements used to insert requirements into the page content to help ensure
that they are not compounding and overwriting eachother.
The added test case includes where a user may have a Javascript snippet that contains a closing head tag, and the
test ensures that it does not get injected with requirements as well as the actual head tag in the DOM.
2017-04-07 17:04:17 +12:00