Damian Mooyman
cfe1d4f481
[ss-2017-007] Ensure xls formulae are safely sanitised on output
...
CSVParser now strips leading tabs on cells
2017-12-01 10:24:49 +13:00
Thomas Portelange
e729cd2c37
TinyMCE lang is fr_FR for all French languages
...
"fr" is not a valid tiny mce lang
https://www.tinymce.com/docs/configure/localization/
having "fr" as it is currently prevents loading the language file
2017-11-29 12:54:27 +01:00
Damian Mooyman
eae3d0cfaa
Merge remote-tracking branch 'origin/4.0' into 4
2017-11-16 10:16:44 +13:00
Chris Joe
bee3c404fa
Merge pull request #7545 from open-sausages/pulls/4.0/deprecated-each
...
BUG Remove usage of deprecated each() and use a helper method instead
2017-11-15 16:30:20 +13:00
Damian Mooyman
ba86a1dce9
Merge pull request #7595 from andrewandante/pulls/sanitise_select_tag_4
...
sanitise select tag in DropdownField Docblock
2017-11-15 14:17:55 +13:00
Daniel Hensby
cf321895ba
Merge branch '4.0' into 4
2017-11-14 13:24:15 +00:00
Andrew Aitken-Fincham
3274f29c00
sanitise more docblocks
2017-11-14 10:02:24 +00:00
Andrew Aitken-Fincham
25d8795c70
sanitise FormField docblock
2017-11-14 09:52:06 +00:00
Andrew Aitken-Fincham
6cfb0a3d86
sanitise ListboxField docblock
2017-11-14 09:47:39 +00:00
Andrew Aitken-Fincham
e5b3f82f8c
sanitise select tag in DropdownField Docblock
2017-11-14 08:17:39 +00:00
Daniel Hensby
2f9fae32c1
DOCS Improve return tags for requiredfields class
2017-11-08 15:29:15 +00:00
Reece Alexander
642cbdafc8
API Allow an array as a param to makeFieldReadOnly()
2017-11-07 15:51:13 +13:00
Damian Mooyman
3298cf061b
Merge pull request #7543 from zanderwar/patch-1
...
Allow chain-ability on adding and removing fields
2017-11-03 11:15:51 +13:00
Chris Joe
cd55a039e7
Merge pull request #7520 from open-sausages/pulls/4.0/config-redirect-works
...
API / BUG - Introduce new request resolver middleware and fix broken forceWWW / forceSSL
2017-11-02 10:01:58 +13:00
Damian Mooyman
5bc4f3d1fc
BUG Remove usage of deprecated each() and use a helper method instead
2017-11-01 16:04:35 +13:00
zanderwar
91f1a58018
ENHANCEMENT: Allow chain-ability on adding and removing fields
2017-11-01 14:24:21 +13:00
Damian Mooyman
0c178f934d
ENHANCEMENT Adjust tinymce footer, remove branding and restore path
...
FIxes #294
2017-10-31 12:12:59 +13:00
Damian Mooyman
3c8848a090
Update code style and fix tests
2017-10-30 17:34:15 +13:00
Damian Mooyman
9d3277f3d3
BUG Fix forceWWW and forceSSL not working in _config.php
...
API Introduce CanonicalURLMiddleware
BUG Fix Director::makeRelative() failing on multi-domain sites
2017-10-30 14:42:36 +13:00
Christopher Joe
f6b7cf8889
Feature disable current user from removing their admin permission
2017-10-30 12:34:06 +13:00
Damian Mooyman
324bdad48c
ENHANCEMENT Ensure DBVarchar scaffolds text field with TextField with appropriate max length
...
Fixes #1413
2017-10-26 16:21:51 +13:00
Damian Mooyman
68c3279fd9
BUG Ensure readonly tree dropdown is safely encoded
...
Removed legacy entwine dead code
Added soft-deprecation to label field
2017-10-26 13:04:30 +13:00
Robbie Averill
da4989e8f6
FIX Do not escape the readonly values since they get escaped when rendered
2017-10-25 17:36:54 +13:00
Dylan Wagstaff
7c354525fb
Remove dead code from GridFieldDetailForm
...
There is no action for 'autocomplete', there is no method 'handleAutocomplete', and out of the box there is no extension that applies it.
Manually testing the URL that would take us through such a handler does not give an exception about missing details from the URI (such as a required query string), but instead gives us an exception on there not being a handler for such.
`[Emergency] Uncaught BadMethodCallException: Object->__call(): the method 'handleAutocomplete' does not exist on 'SilverStripe\Forms\GridField\GridFieldDetailForm'`
@ e.g. `http://localhost/admin/pages/edit/EditForm/1/field/ElementalArea/autocomplete `.
Auto complete should be (and is) handled in it's own component code, such as https://github.com/silverstripe/silverstripe-framework/blob/4.0/src/Forms/GridField/GridFieldAddExistingAutocompleter.php#L210
2017-10-24 12:57:08 +13:00
Christopher Joe
4caf34506a
Fix switch to using the Convert class for decoding
2017-10-20 14:43:19 +13:00
Christopher Joe
076d7d78c6
BUG cache the cacheKey in TreeDropdownField, so it doesn't need to query for it multiple times in the same request
2017-10-18 11:49:28 +13:00
Chris Joe
d876e36424
Merge pull request #7467 from open-sausages/pulls/4.0/adjust-field-onbeforerender
...
Adjust FormField::onBeforeRendor so that it can influence both context and passed properties
2017-10-12 12:11:32 +13:00
Damian Mooyman
eff5c28f24
Adjust FormField::onBeforeRendor so that it can influence both context and passed properties
...
Fixes #7466
2017-10-11 11:43:57 +13:00
Will Rossiter
dc9307bd99
Add updateBreadcrumbs hook to GridFieldDetailForm
2017-10-10 16:03:20 +13:00
Daniel Hensby
d8f49a1bda
Merge pull request #7426 from silverstripe/filefield-accept-attr
...
NEW: Implement accept attribute in FileField (closes #7279 )
2017-10-06 15:01:12 +01:00
Chris Joe
58cd83e4f7
Merge pull request #7434 from open-sausages/pulls/4.0/the-tree-needs-cutting
...
Fix refactor TreeMultiselectField to be clearable if nothing is selected
2017-10-06 15:16:10 +13:00
Chris Joe
90ce2abecb
Merge pull request #7422 from open-sausages/pulls/4.0/flags-in-gridfield
...
Add gridfield versioned columns
2017-10-06 14:39:02 +13:00
Saophalkun Ponlu
1a324d9d77
Wrap content gridfield cell in another non-td element for styling
2017-10-06 11:47:38 +13:00
Christopher Joe
e07658ef50
Fix linting issues and fix doc
2017-10-05 15:28:58 +13:00
Saophalkun Ponlu
6424f4dea0
Changes based on peer review feedbacks
2017-10-05 15:04:46 +13:00
Christopher Joe
a1a8341929
Fix refactor TreeMultiselectField to be clearable if nothing is selected
2017-10-05 14:58:27 +13:00
Damian Mooyman
1b6d0144c5
BUG Fix resource mapping for TinyMCE
...
API add ModuleResource::getRelativeResource()
2017-10-04 17:44:04 +13:00
Saophalkun Ponlu
ae930833ad
Add gridfield versioned columns
2017-10-04 17:33:15 +13:00
Loz Calver
43ec2f87ed
NEW: Implement accept attribute in FileField ( closes #7279 )
2017-10-03 16:48:49 +01:00
Damian Mooyman
5ffe64f024
Fix tinymce plugins
2017-10-03 14:08:24 +13:00
Damian Mooyman
cdefd19091
Ensure HTMLEditor can load vendor css
2017-10-03 13:08:22 +13:00
Ingo Schommer
e1b98d154e
Fix tinymce operation for resource paths
...
It was referencing secondary TinyMCE assets in the vendor/* folder
from its generated files (e.g. skin.min.css).
2017-10-03 09:03:37 +13:00
Damian Mooyman
3011650b5a
Remove superfluous datefield props
...
Fixes #7397
2017-09-29 10:25:22 +13:00
Christopher Joe
90d0361a6c
Enhancement update set_themes to not update config
2017-09-28 16:47:13 +13:00
Christopher Joe
7e92b053f4
Enhancement Add setter and getter for certain classes, so that LeftAndMain no longer updates config during init
2017-09-28 16:47:13 +13:00
Chris Joe
c3f7165023
Merge pull request #7371 from open-sausages/pulls/4.0/fix-gridfield-print
...
BUG Fix gridfield print styles
2017-09-13 15:58:05 +12:00
Damian Mooyman
d05d22abc2
Merge pull request #7343 from creative-commoners/pulls/4.0/add-extra-class
...
NEW Allow GridFieldEditButton to have configurable HTML classes. Change edit icon.
2017-09-13 15:39:38 +12:00
Sacha Judd
c707fccf69
NEW Allow GridFieldEditButton to have configurable HTML classes. Change edit icon.
2017-09-13 13:11:17 +12:00
Damian Mooyman
f8ef97c167
BUG Fix import modal
...
Fixes https://github.com/silverstripe/silverstripe-admin/issues/251
2017-09-13 12:52:20 +12:00
Damian Mooyman
1892a02076
BUG Fix gridfield print styles
2017-09-13 11:48:42 +12:00
Bernard Hamlin
fa86f42ab9
BEM class names for filter-buttons
2017-09-12 10:16:03 +12:00
Chris Joe
1f5644d143
Merge pull request #7340 from open-sausages/pulls/4.0/toolbar-button-margin
...
Fix toolbar button margin and spacing
2017-09-05 16:07:32 +12:00
Saophalkun Ponlu
2f7f4e73d9
Fix toolbar button margin and spacing
2017-09-05 15:08:05 +12:00
Christopher Joe
afda58c515
Fix add schema to the "auto" parts request
2017-09-05 13:12:51 +12:00
Christopher Joe
120c772966
Add TreeDropdownField from React to Entwine
2017-09-04 12:15:41 +12:00
Saophalkun Ponlu
08fa3d6e3d
Enable TinyMCE list buttons
2017-09-04 09:30:07 +12:00
Robbie Averill
c4ff9df1b0
FIX Use correct bootstrap class or GridFieldDetailForm delete button
2017-08-24 14:34:06 +12:00
Damian Mooyman
d5b3280498
Merge pull request #7302 from robbieaverill/pulls/4.0/has-class-returns-bool
...
API Make FormField::hasClass return a boolean instead of an int
2017-08-24 13:19:30 +12:00
Robbie Averill
595ba75a50
API Make FormField::hasClass return a boolean instead of an int
2017-08-23 16:23:28 +12:00
Robbie Averill
8ebc13ae4e
Replace use of Configurable stat() with config()->get(), will be deprecated in future
2017-08-23 09:42:10 +12:00
Damian Mooyman
9b4d689bb2
Lazy-load custom methods and extensions on CustomMethods and Extensible traits
...
No longer need constructExtensions()
2017-08-22 15:47:24 +12:00
Damian Mooyman
ce5e15df6e
BUG Fix issue with multiple editors breaking plugins
2017-08-18 16:33:16 +12:00
Christopher Joe
9dc11eff43
Enhancement Add a path option for the schema data, so a full tree is not required for this data
2017-08-17 16:08:27 +12:00
Damian Mooyman
bbded44056
Upgrade bootstrap class names
2017-08-16 10:50:09 +12:00
Daniel Hensby
c0211927aa
Merge branch '3' into 4
2017-08-14 21:18:03 +01:00
Damian Mooyman
06efd2ac12
ENHANCEMENT Ensure flush destroys temp tinymce files
2017-08-03 13:21:48 +12:00
Robbie Averill
e307f067ed
FIX Replace deprecated %s placeholders in translations with named placeholders
...
* Remove the use of sprintf and %s placeholders in the i18n tests
2017-08-02 13:03:55 +12:00
Damian Mooyman
ae97c15e42
ENHANCEMENT Soft-code CSS explicit height and compute against rows
2017-08-01 15:46:49 +12:00
Damian Mooyman
078a508d71
API Replace legacy tiny_mce_gzip compressor with asset generator
...
Fixes https://github.com/silverstripe/silverstripe-admin/issues/74
2017-08-01 13:43:30 +12:00
vagrant
f02949fc09
Initially set a default height for the html editor to 350px
2017-07-31 16:49:48 +12:00
Damian Mooyman
9bff74bd61
Clean up all fluent property accessors
2017-07-26 18:14:27 +12:00
Christopher Joe
78d4d0d5dd
Enhancement add support for TreeMultiselectField in react
2017-07-26 18:14:08 +12:00
Daniel Hensby
884f53e0f2
Merge branch '3' into 4
2017-07-25 16:17:44 +01:00
Chris Joe
6a3c51e072
Merge pull request #7036 from fullscreeninteractive/wilr-patch-1
...
Fix ImportButton not opening the modal
2017-07-21 14:10:31 +12:00
Saophalkun Ponlu
c2841b6d64
Enhancement Remove "Remove link" button from the editor's main toolbar
...
Fix behat for selecting link should focus on field
2017-07-18 13:11:27 +12:00
Damian Mooyman
3a7f9e8eb5
Merge pull request #7167 from open-sausages/pulls/4.0/tree-search-in-forest
...
API TreeDropdown tree parameter
2017-07-14 16:23:30 +12:00
Robbie Averill
823e49526f
NEW Allow SSViewer and SSViewer_FromString to be injectable
2017-07-13 20:48:58 +12:00
Christopher Joe
ccda816f90
API added flatList argument for generating the json tree list with a context string property
2017-07-13 17:04:35 +12:00
Aaron Carlino
2b266276c2
API Implement new module sorting pattern
2017-07-13 10:27:27 +12:00
John Milmine
f14e6bae2c
fix numeric field for null values
2017-07-05 07:35:13 +12:00
Damian Mooyman
f65e3627dc
BUG Implement or exclude all pending upgrader deltas
2017-07-03 12:21:47 +12:00
Damian Mooyman
92903d883e
Allow editor themes to fall back safely
2017-07-03 10:38:50 +12:00
Aaron Carlino
cddaaf1444
Update TinyMCEConfig to use theme CSS
2017-07-03 10:38:50 +12:00
Aaron Carlino
ad9d4e6820
Pulls/4.0/shortcode namespacing ( #7085 )
...
* New shortcode providers, update config, docs
* Use new ImageShortcodeProvider
* Move tests
* New shortcodes namespace
* Move file and image shortcode registrations from framework to assets
2017-06-29 18:45:17 +12:00
Sam Minnee
741166e369
API: ModulePath template global now takes any composer package name.
...
NEW: URL generation now handled by pluggable ResourceURLGenerator service.
NEW: Requirements::javascript() and Requirements::css() now support “vendor/package:resource” syntax.
These changes will make it easier to us to fully abstract:
- file access from module location
- file location from URL generation
API: ModulePath template global now takes any composer package name.
NEW: URL generation now handled by pluggable ResourceURLGenerator service.
NEW: Requirements::javascript() and Requirements::css() now support “vendor/package:resource” syntax.
These changes will make it easier to us to fully abstract:
- file access from module location
- file location from URL generation
2017-06-28 16:59:28 +12:00
Saophalkun Ponlu
288de2eb14
BUG Add flag on form whether to notify user when there's unsaved changes
2017-06-28 11:14:12 +12:00
Sam Minnee
10866c0809
API: Replace Director::direct() with Director::handleRequest().
...
There was no longer any code in direct() and so I opted to expose the
handleRequest() method instead.
2017-06-27 13:32:39 +12:00
Will Rossiter
ad54e7eb30
Fix ImportButton not opening the modal
2017-06-23 10:10:01 +12:00
Damian Mooyman
3873e4ba00
API Refactor bootstrap, request handling
...
See https://github.com/silverstripe/silverstripe-framework/pull/7037
and https://github.com/silverstripe/silverstripe-framework/issues/6681
Squashed commit of the following:
commit 8f65e56532
Author: Ingo Schommer <me@chillu.com>
Date: Thu Jun 22 22:25:50 2017 +1200
Fixed upgrade guide spelling
commit 76f95944fa
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 16:38:34 2017 +1200
BUG Fix non-test class manifest including sapphiretest / functionaltest
commit 9379834cb4
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 15:50:47 2017 +1200
BUG Fix nesting bug in Kernel
commit 188ce35d82
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 15:14:51 2017 +1200
BUG fix db bootstrapping issues
commit 7ed4660e7a
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 14:49:07 2017 +1200
BUG Fix issue in DetailedErrorFormatter
commit 738f50c497
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 11:49:19 2017 +1200
Upgrading notes on mysite/_config.php
commit 6279d28e5e
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 11:43:28 2017 +1200
Update developer documentation
commit 5c90d53a84
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 10:48:44 2017 +1200
Update installer to not use global databaseConfig
commit f9b2ba4755
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 21:04:39 2017 +1200
Fix behat issues
commit 5b59a912b6
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 17:07:11 2017 +1200
Move HTTPApplication to SilverStripe\Control namespace
commit e2c4a18f63
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 16:29:03 2017 +1200
More documentation
Fix up remaining tests
Refactor temp DB into TempDatabase class so it’s available outside of unit tests.
commit 5d235e64f3
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 12:13:15 2017 +1200
API HTTPRequestBuilder::createFromEnvironment() now cleans up live globals
BUG Fix issue with SSViewer
Fix Security / View tests
commit d88d4ed4e4
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 16:39:43 2017 +1200
API Refactor AppKernel into CoreKernel
commit f7946aec33
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 16:00:40 2017 +1200
Docs and minor cleanup
commit 12bd31f936
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 15:34:34 2017 +1200
API Remove OutputMiddleware
API Move environment / global / ini management into Environment class
API Move getTempFolder into TempFolder class
API Implement HTTPRequestBuilder / CLIRequestBuilder
BUG Restore SS_ALLOWED_HOSTS check in original location
API CoreKernel now requires $basePath to be passed in
API Refactor installer.php to use application to bootstrap
API move memstring conversion globals to Convert
BUG Fix error in CoreKernel nesting not un-nesting itself properly.
commit bba9791146
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 18:07:53 2017 +1200
API Create HTTPMiddleware and standardise middleware for request handling
commit 2a10c2397b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 17:42:42 2017 +1200
Fixed ORM tests
commit d75a8d1d93
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 17:15:07 2017 +1200
FIx i18n tests
commit 06364af3c3
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 16:59:34 2017 +1200
Fix controller namespace
Move states to sub namespace
commit 2a278e2953
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 12:49:45 2017 +1200
Fix forms namespace
commit b65c21241b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 15 18:56:48 2017 +1200
Update API usages
commit d1d4375c95
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 15 18:41:44 2017 +1200
API Refactor $flush into HTPPApplication
API Enforce health check in Controller::pushCurrent()
API Better global backup / restore
Updated Director::test() to use new API
commit b220534f06
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 22:05:57 2017 +1200
Move app nesting to a test state helper
commit 603704165c
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 21:46:04 2017 +1200
Restore kernel stack to fix multi-level nesting
commit 2f6336a15b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 17:23:21 2017 +1200
API Implement kernel nesting
commit fc7188da7d
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:43:13 2017 +1200
Fix core tests
commit a0ae723514
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:23:52 2017 +1200
Fix manifest tests
commit ca03395251
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:00:00 2017 +1200
API Move extension management into test state
commit c66d433977
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 14:10:59 2017 +1200
API Refactor SapphireTest state management into SapphireTestState
API Remove Injector::unregisterAllObjects()
API Remove FakeController
commit f26ae75c6e
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 12 18:04:34 2017 +1200
Implement basic CLI application object
commit 001d559662
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 12 17:39:38 2017 +1200
Remove references to SapphireTest::is_running_test()
Upgrade various code
commit de079c041d
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 7 18:07:33 2017 +1200
API Implement APP object
API Refactor of Session
2017-06-22 22:50:45 +12:00
Damian Mooyman
64e802f795
API Move createTag to HTML class
...
ENHANCEMENT Better HTML generation behaviour for Requirements_Backend
2017-06-16 12:22:05 +12:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services
...
API Improve validation of authentication process
2017-06-15 15:53:57 +12:00
Simon Erkelens
576eee72dc
Remove DefaultAdmin things from Security and Member into the MemberAuthenticator, unifying and removing duplicate code.
2017-06-15 14:20:29 +12:00
Simon Erkelens
082db89550
Feedback from Damian.
...
- Move the success and message to a validationresult
- Fix tests for validationresult return
- We need to clear the session in Test logOut method
- Rename to MemberAuthenticator and CMSMemberAuthenticator for consistency.
- Unify all to getCurrentUser on Security
- ChangePasswordHandler removed from Security
- Update SapphireTest for CMS login/logout
- Get the Member ID correctly, if it's an object.
- Only enable "remember me" when it's allowed.
- Add flag to disable password logging
- Remove Subsites coupling, give it an extension hook to disable itself
- Change cascadeLogInTo to cascadeInTo for the logout method logic naming
- Docblocks
- Basicauth config
2017-06-08 17:50:20 +12:00
Simon Erkelens
2b26cafcff
Separate out the log-out handling.
...
Repairing tests and regressions
Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()`
Fix for the logout handler to properly logout, some minor wording updates
Remove the login hashes for the member when logging out.
BasicAuth to use `HTTPRequest`
2017-06-07 21:11:58 +12:00
Sam Minnee
e226b67d06
Refactoring of authenticators
...
Further down the line, I'm only returning the `Member` on the doLogin, so it's possible for the Handler or Extending Handler to move to a second step.
Also cleaned up some minor typos I ran in to. Nothing major.
This solution works and is manually tested for now. Supports multiple login forms that end up in the correct handler. I haven't gotten past the handler yet, as I've yet to refactor my Yubiauth implementation.
FIX: Corrections to the multi-login-form support.
Importantly, the system provide a URL-space for each handler, e.g.
“Security/login/default” and “Security/login/other”. This is much
cleaner than identifying the active authenticator by a get parameter,
and means that the tabbed interface is only needed on the very first view.
Note that you can test this without a module simply by loading the
default authenticator twice:
SilverStripe\Security\Security:
authenticators:
default: SilverStripe\Security\MemberAuthenticator\Authenticator
other: SilverStripe\Security\MemberAuthenticator\Authenticator
FIX: Refactor delegateToHandler / delegateToHandlers to have less
duplicated code.
2017-06-07 21:11:52 +12:00
Damian Mooyman
8c0ced311f
Merge pull request #6998 from AntonyThorpe/StrictFormMethodCheck
...
Updated Form.php & 04_Form_Security.md - strictFormMethodCheck to true
2017-06-06 23:06:11 +12:00
Antony Thorpe
6348f2e3e8
Updated Form.php & 04_Form_Security.md
...
Changed the `strictFormMethodCheck` protected property from false to true to step out on the front foot with this security setting. In the documentation under the title [Cross-Site Request Forgery](https://github.com/silverstripe/silverstripe-framework/blob/master/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md#cross-site-request-forgery-csrf ) it states, "it is also recommended to limit form submissions to the intended HTTP verb (mostly GET or POST) through [api:Form::setStrictFormMethodCheck()]." The same advice is noted in [Form Security](c2292a4cc1/docs/en/02_Developer_Guides/03_Forms/04_Form_Security.md (strict-form-submission)
).
Why not make this the default behaviour? Is there a scenario where this would cause a problem? Have manually tested in the CMS (alpha7) and is working fine.
Note: Original commit that establised the API Form::setStrictFormMethodCheck is 14c59be8
.
2017-06-06 21:10:49 +12:00
Christopher Joe
d12c986dd5
Fixes printing from crashing
2017-06-06 13:31:37 +12:00
Damian Mooyman
e7d87add9f
API Remove legacy HTMLEditor classes
2017-05-30 11:01:28 +12:00
Damian Mooyman
0cd40ca6e5
BUG Fix minor accessors of legacy ->class property
2017-05-25 11:55:12 +12:00
Damian Mooyman
d15b9ee0b0
Response to feedback
2017-05-23 13:50:35 +12:00
Damian Mooyman
fba8e2c245
API Remove Object class
...
API DataObjectSchema::manyManyComponent() return array is now associative array
2017-05-23 13:50:35 +12:00
Damian Mooyman
7bc8172bc1
Merge pull request #6937 from caffeineinc/2930-checkboxfield-invalid-html
...
CheckboxField creates invalid HTML when required #2939
2017-05-22 13:44:58 +12:00
Simon Gow
cdc03602ed
CheckboxField creates invalid HTML when required #2939
...
- Updated CheckboxField, CheckboxSetField, DropdownField, OptionsetField
to validate with HTML5 attributes & aria-required.
https://www.w3.org/TR/wai-aria/states_and_properties#aria-required
2017-05-22 12:15:28 +12:00
Damian Mooyman
2aa3b5d5fa
Merge pull request #6934 from robbieaverill/pulls/4.0/consistent-instance-method
...
API Consistent use of inst() naming across framework
2017-05-22 11:57:20 +12:00
Damian Mooyman
80bff0d099
Merge pull request #6932 from mikenz/pulls/4.0/treedropdownfield-orphaned
...
Bugfix: Parent treedropdownfield for an orphaned page is broken
2017-05-22 10:53:33 +12:00
Robbie Averill
f2cbe86f03
Remove CustomMethods::createMethod and create_function implementations, replace with closures
2017-05-19 15:56:44 +12:00
Robbie Averill
ad43a82923
API Consistent use of inst() naming across framework
2017-05-19 14:38:06 +12:00
Mike Cochrane
31578d4771
Bugfix: Parent treedropdownfield for an orphaned page is broken
2017-05-19 12:15:36 +12:00
Ingo Schommer
adbf9d9f71
Process actions on Form subclasses
...
Regression introduced through https://github.com/silverstripe/silverstripe-framework/issues/6362 .
Quote from the RFC:
```
Thus the order of action precedence becomes
action callback
action on the Form
action on the FormRequestHandler
action on any parent controller (if given)
```
2017-05-18 22:47:39 +12:00
Damian Mooyman
8ed675d29b
Merge pull request #4542 from patricknelson/issue-4417-validator-remove-validation-master
...
FIX for #4417 : Ensuring ->removeValidation() is defined on instances of Validator. Setup new API for enabling/disabling validation. Documentation and better type handling.
2017-05-18 09:27:48 +12:00
Christopher Joe
0534a5ec0c
Fix TreeDowndropField copying
2017-05-17 16:52:21 +12:00
Christopher Joe
287ad35f0d
Fix change API to hasEmptyDefault() to be inline with SingleSelectField
2017-05-17 10:13:54 +12:00
Christopher Joe
3927e7e248
Fix added cache key for TreeDropdownField cache
2017-05-17 10:13:54 +12:00
Christopher Joe
6869e450a0
Enhancement added customisable emptyTitle and a showRootOption property in TreeDropdownField
2017-05-17 10:13:54 +12:00
Patrick Nelson
5fa3c85280
FIX for #4417 : Ensuring ->removeValidation() is defined on instances of Validator. Setup new API for enabling/disabling validation. Documentation and better type handling.
2017-05-16 12:58:00 +01:00
Saophalkun Ponlu
1ec7c4e523
Fix lint error
2017-05-16 11:53:23 +12:00
Saophalkun Ponlu
a975b88661
Pass autofocus flag to front-end
2017-05-16 11:53:23 +12:00
Daniel Hensby
e741af9127
Merge branch 'pull/6905'
2017-05-12 12:21:02 +01:00
Ralph Slooten
43a122cc36
Fix for meta closing tags
...
Prevent html errors when FormField::create_tag('meta') is called from $MetaTags() so
```
<meta name="generator" content="SilverStripe - http://silverstripe.org "></meta>
```
becomes
```
<meta name="generator" content="SilverStripe - http://silverstripe.org " />
```
Add all void elements to list
2017-05-12 08:49:15 +12:00
Christopher Joe
edcb220e4a
Enhancement add EmailLink form factory server-side
2017-05-11 09:57:55 +12:00
Christopher Joe
c58dc97d39
Fix optional $id param because of how methodSchema passes a parameter
2017-05-11 09:57:55 +12:00
Christopher Joe
2ee0d99806
Enhancement switch FormFactories to use RequestHandler instead of Controller
2017-05-11 09:57:55 +12:00
Christopher Joe
403f4db14d
Fix change titles to return schema values in schema
...
Enhancement Add EditorExternalLink call for toolbar
2017-05-11 09:57:55 +12:00
Aaron Carlino
4af71b9ed7
Pulls/4/remove reliance on admin dir ( #6876 )
...
* Stop relying on external constants
* Revise getTinyMCEPath method to throw exception when no path can be computed
* Throw exception on no gzip, better admin module check
2017-05-10 13:18:44 +12:00
Saophalkun Ponlu
fd51f35bc2
Update tests
2017-05-09 16:52:32 +12:00
Saophalkun Ponlu
97dac7028c
De-couple schema type and type attribute
2017-05-09 16:50:33 +12:00
Sam Minnée
33119a1f36
Merge branch 'master' into pulls/4.0/remove-deprecated-methods
2017-05-09 15:31:53 +12:00
Ingo Schommer
1d438d3fb5
API Remove deprecated FormAction::createTag()
2017-05-09 11:38:35 +12:00
Ingo Schommer
bbf15ab9f1
Allow type override in FormAction
2017-05-09 11:16:41 +12:00
Ingo Schommer
0d9b383631
API Removed legacy form fields ( fixes #6099 )
2017-05-09 11:16:41 +12:00
Aaron Carlino
afd1575267
ENHANCEMENT GridField passes in context for canCreate
2017-05-09 09:15:09 +12:00
Aaron Carlino
c99ed2d262
Reorganise i18n keys
2017-05-08 23:34:39 +12:00
Uncle Cheese
d51c4891e2
New namespaced i18n keys
2017-04-28 14:59:42 +12:00
Uncle Cheese
494cbd1875
Ran upgrader for lang files
2017-04-28 14:59:42 +12:00
Ingo Schommer
22f232ed4d
Mark up <time> in validation errors
...
Allow better localisation of values in JS
2017-04-27 21:44:52 +12:00
Ingo Schommer
cbe534c675
Fixed component capitalisation
2017-04-27 15:36:18 +12:00
Ingo Schommer
94b49e3e28
Removed unused field
2017-04-27 15:36:11 +12:00
Ingo Schommer
60706c8efd
Store $value in ISO and server timezone consistently, fix min/max timezone handling
2017-04-27 14:59:11 +12:00
Ingo Schommer
628fd216ad
PHPDoc fixes
2017-04-27 11:56:23 +12:00
Ingo Schommer
f01a20d5c4
Only used normalised ISO on HTML5
2017-04-27 11:56:18 +12:00
Ingo Schommer
de8abe1167
API rename
2017-04-27 11:53:43 +12:00
Ingo Schommer
b852a76334
Consistent schema keys
2017-04-27 11:47:04 +12:00
Ingo Schommer
14b3468eee
Removed setting format in getter
...
That’s already handled in getFormatter()
2017-04-27 11:09:59 +12:00
Ingo Schommer
655b047d80
Removed superfluous methods
2017-04-27 11:09:43 +12:00
Ingo Schommer
d3afa0c3b5
Remove array check since setSubmittedValue() no longer supports it
2017-04-27 10:59:44 +12:00
Ingo Schommer
958736502a
Removed “T” str_replace, more comments
2017-04-27 10:32:22 +12:00
Ingo Schommer
1ec2abe75f
Fixed timezone and normalised ISO handling
...
A few observations:
- ISO says “T” is optional (https://en.wikipedia.org/wiki/ISO_8601#cite_note-21 ),
- WHATWG says in the HTML5 spec that it’s optional (https://html.spec.whatwg.org/multipage/infrastructure.html#local-dates-and-times )
- W3C says it’s reqiured in 1997 (https://www.w3.org/TR/NOTE-datetime ), but then later says it’s optional in its HTML5 spec (https://www.w3.org/TR/html5/infrastructure.html#floating-dates-and-times ).
- Chrome doesn’t parse values with whitespace separators (requires "T")
- DataObject DBDatetime values and database columns use whitespace separators (and will have many devs relying on this format)
- MySQL only supports whitespace separators (https://dev.mysql.com/doc/refman/5.7/en/datetime.html )
- SQLite can parse both ways (https://sqlite.org/lang_datefunc.html )
So the goal here is to retain ORM/database compatibility with 3.x (whitespace separator),
while exposing "T" separators to the browser in HTML5 mode.
Regarding timezones, this fixes a regression where setValue() would not actually
apply the timezone (last $value assignment is ineffective now that sub fields are removed).
2017-04-26 22:55:29 +12:00
Ingo Schommer
e97783b057
Better second handling
2017-04-26 22:45:08 +12:00
Ingo Schommer
d2132e85db
More specific localisations
2017-04-26 22:45:07 +12:00