Antony Thorpe
6348f2e3e8
Updated Form.php & 04_Form_Security.md
...
Changed the `strictFormMethodCheck` protected property from false to true to step out on the front foot with this security setting. In the documentation under the title [Cross-Site Request Forgery](https://github.com/silverstripe/silverstripe-framework/blob/master/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md#cross-site-request-forgery-csrf ) it states, "it is also recommended to limit form submissions to the intended HTTP verb (mostly GET or POST) through [api:Form::setStrictFormMethodCheck()]." The same advice is noted in [Form Security](c2292a4cc1/docs/en/02_Developer_Guides/03_Forms/04_Form_Security.md (strict-form-submission)
).
Why not make this the default behaviour? Is there a scenario where this would cause a problem? Have manually tested in the CMS (alpha7) and is working fine.
Note: Original commit that establised the API Form::setStrictFormMethodCheck is 14c59be8
.
2017-06-06 21:10:49 +12:00
Damian Mooyman
e7d87add9f
API Remove legacy HTMLEditor classes
2017-05-30 11:01:28 +12:00
Ingo Schommer
0d9b383631
API Removed legacy form fields ( fixes #6099 )
2017-05-09 11:16:41 +12:00
Ingo Schommer
3b94d14e42
MERGE
2017-04-03 12:11:21 +12:00
Ingo Schommer
326aa37ea4
API HTML5 date/time fields, remove member prefs ( fixes #6626 )
2017-03-31 15:21:47 +13:00
Christopher Joe
50deb17763
API remove UploadField, AssetField and associated files
...
Fixes #6481
2017-03-09 10:16:46 +13:00
Ingo Schommer
a9f2e9e73d
Fixed DateFieldSeparated docs
2017-02-16 08:26:51 +13:00
Damian Mooyman
014f0d23ed
API Create SeparatedDateField
...
API Restrict allowed values parsed via DBDate::setValue
API Remove NumericField_Readonly
API Remove DBTime::Nice12 / Nice24
2017-02-15 11:07:58 +13:00
Damian Mooyman
029a8b9586
API Substitute Zend_Currency with NumberFormatter based solution
...
API Substitute Zend_Locale with Locale / NumberFormatter
API Substitute Zend_Date with IntlDateFormatter
API Added DBTIme::Nice12, FormatFromSettings
API Added Short() method to DBDate / DBTime / DBDatetime
API Add Date::getTimestamp()
API Added setSubmittedValue api for FormField
API Add second arg to base FormField::setValue()
API Major refactor of i18n into component data parts
API Implement Resettable interface to reset objects between tests
ENHANCEMENT Changed DBField::create_field return type to `static` to support better type hinting
ENHANCEMENT i18nTextCollector supports __CLASS__
2017-02-09 15:28:59 +13:00
Jordan
b26e81d91a
Update 05_UploadField.md
2017-01-20 11:26:05 +13:00
Robbie Averill
c620063608
DOCS Update docs to reference PageController
without an underscore, implement some PSR-2
2017-01-11 09:59:28 +13:00
Daniel Hensby
664c0eafbe
Merge branch '3'
2016-12-28 14:30:54 +00:00
Myles Derham
18ff6bec6d
Updated location of custom field templates
2016-12-16 10:40:01 +13:00
Damian Mooyman
6e589aac75
API Updates to Form, ValidationResponse, ValidationException
...
API Implement form schema "errors" handling
2016-12-09 14:24:11 +13:00
Damian Mooyman
bfd9cb1aca
Rename SS_ prefixed classes ( #5974 )
2016-09-09 18:43:05 +12:00
Daniel Hensby
1d1227cc9a
Merge branch '3'
2016-08-23 10:37:47 +01:00
Daniel Hensby
088d88e978
Merge branch '3.2' into 3.3
2016-08-22 16:22:02 +01:00
Daniel Hensby
f4a6e9e517
Merge branch '3.1' into 3.2
2016-08-22 15:30:03 +01:00
Daniel Hensby
8e4e2b4fa8
Merge pull request #4173 from AntonyThorpe/patch-4
...
DOCS Update 06_Tabbed_Forms.md
2016-08-19 15:49:51 +01:00
Paul Clarke
b9445511b7
Bootstrap GridField
2016-08-03 18:35:18 +12:00
Daniel Hensby
d19955afc8
Merge branch '3'
2016-07-14 14:05:18 +01:00
Ironcheese
9b1a4b328c
Moving a field between tabs, wrong variable name
2016-06-15 15:36:43 +02:00
Ingo Schommer
5cace7c693
Fixed javascript/ docs references ( #5599 )
...
* More pointers to new build tooling docs in upgrading guide
* Fixed docs references to moved files
We don't want to mandate every module to switch from javascript/ to client/src,
but at the same time shouldn't reference non-existant files and confuse newcomers that way.
* More pointers to new React docs
2016-05-27 13:08:22 +12:00
Damian Mooyman
d52db0ba34
Merge 3 into master
...
# Conflicts:
# .travis.yml
# admin/css/ie7.css
# admin/css/ie7.css.map
# admin/css/ie8.css.map
# admin/css/screen.css
# admin/css/screen.css.map
# admin/javascript/LeftAndMain.js
# admin/scss/_style.scss
# admin/scss/_uitheme.scss
# control/HTTPRequest.php
# core/Object.php
# css/AssetUploadField.css
# css/AssetUploadField.css.map
# css/ConfirmedPasswordField.css.map
# css/Form.css.map
# css/GridField.css.map
# css/TreeDropdownField.css.map
# css/UploadField.css
# css/UploadField.css.map
# css/debug.css.map
# dev/Debug.php
# docs/en/00_Getting_Started/00_Server_Requirements.md
# docs/en/02_Developer_Guides/06_Testing/00_Unit_Testing.md
# docs/en/02_Developer_Guides/06_Testing/index.md
# docs/en/02_Developer_Guides/14_Files/02_Images.md
# docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Extend_CMS_Interface.md
# filesystem/File.php
# filesystem/Folder.php
# filesystem/GD.php
# filesystem/Upload.php
# forms/ToggleField.php
# forms/Validator.php
# javascript/lang/en_GB.js
# javascript/lang/fr.js
# javascript/lang/src/en.js
# javascript/lang/src/fr.js
# model/Image.php
# model/UnsavedRelationList.php
# model/Versioned.php
# model/connect/MySQLDatabase.php
# model/fieldtypes/DBField.php
# model/fieldtypes/Enum.php
# scss/AssetUploadField.scss
# scss/UploadField.scss
# templates/email/ChangePasswordEmail.ss
# templates/forms/DropdownField.ss
# tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsFormsContext.php
# tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
# tests/forms/EnumFieldTest.php
# tests/security/MemberTest.php
# tests/security/MemberTest.yml
# tests/security/SecurityTest.php
2016-04-29 17:50:55 +12:00
Daniel Hensby
745faebd81
Merge 3.2 into 3.3
...
Conflicts:
.travis.yml
2016-04-26 00:17:09 +01:00
Damian Mooyman
8b239a5011
Docs and tests for exempt validation actions
2016-04-22 14:52:38 +12:00
Damian Mooyman
b8e7f9a934
Standardise spelling of "customise"
...
Fixes #3988
2016-03-30 13:17:28 +13:00
Cam Findlay
14044fff35
DOCS Added a useful code example around positioning of tabs in CMS.
...
This useful example wasn't in the docs when I needed it. I ended up tracking this information down at http://stackoverflow.com/questions/5033028/silverstripe-how-do-i-insert-a-tab-before-another-tab
It should really be in the docs.
2016-03-08 16:18:49 +13:00
Ingo Schommer
f36b110db3
Merge remote-tracking branch 'origin/3.3'
2016-03-04 17:06:04 +13:00
Damian Mooyman
2c1f837442
Merge branch '3.1' into 3.2
...
# Conflicts:
# docs/en/01_Tutorials/02_Extending_A_Basic_Site.md
# docs/en/01_Tutorials/03_Forms.md
# docs/en/02_Developer_Guides/00_Model/08_SQL_Query.md
# docs/en/02_Developer_Guides/00_Model/10_Versioning.md
# docs/en/02_Developer_Guides/03_Forms/Field_types/01_Common_Subclasses.md
# docs/en/02_Developer_Guides/03_Forms/Field_types/05_UploadField.md
# docs/en/02_Developer_Guides/09_Security/01_Access_Control.md
# docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
# docs/en/02_Developer_Guides/14_Files/01_Image.md
# docs/en/02_Developer_Guides/14_Files/index.md
# lang/cs.yml
# lang/fi.yml
# lang/sk.yml
2016-02-29 16:59:20 +13:00
Damian Mooyman
3b0a9f4ba2
Merge remote-tracking branch 'origin/3'
...
# Conflicts:
# admin/javascript/LeftAndMain.Menu.js
# control/HTTPRequest.php
# css/GridField.css
# css/GridField.css.map
# docs/en/02_Developer_Guides/03_Forms/Field_types/01_Common_Subclasses.md
# docs/en/02_Developer_Guides/06_Testing/00_Unit_Testing.md
# docs/en/02_Developer_Guides/06_Testing/index.md
# docs/en/02_Developer_Guides/14_Files/01_File_Management.md
# docs/en/02_Developer_Guides/14_Files/02_Images.md
# filesystem/Upload.php
# javascript/HtmlEditorField.js
# model/Image.php
# model/connect/MySQLDatabase.php
# model/fieldtypes/Enum.php
# model/versioning/Versioned.php
# scss/GridField.scss
2016-02-25 14:51:59 +13:00
David Alexander
903379bde2
DOCS 3.2 : fixing api: links now that api: tag parser working
...
fixed a couple of external links
fixed a docs link
2016-02-17 18:02:38 -07:00
David Alexander
febbd35b51
DOCS 3.1 : fixing api: links
...
missed one
2016-02-17 03:00:22 -07:00
Damian Mooyman
e6b877df27
Merge remote-tracking branch 'origin/3'
...
# Conflicts:
# control/Director.php
# control/HTTP.php
# core/startup/ParameterConfirmationToken.php
# docs/en/00_Getting_Started/01_Installation/05_Common_Problems.md
# docs/en/00_Getting_Started/04_Directory_Structure.md
# docs/en/00_Getting_Started/05_Coding_Conventions.md
# docs/en/01_Tutorials/01_Building_A_Basic_Site.md
# docs/en/01_Tutorials/02_Extending_A_Basic_Site.md
# docs/en/01_Tutorials/03_Forms.md
# docs/en/01_Tutorials/04_Site_Search.md
# docs/en/01_Tutorials/05_Dataobject_Relationship_Management.md
# docs/en/02_Developer_Guides/12_Search/01_Searchcontext.md
# docs/en/02_Developer_Guides/13_i18n/index.md
# docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/06_Javascript_Development.md
# docs/en/03_Upgrading/index.md
# docs/en/changelogs/index.md
# docs/en/howto/customize-cms-menu.md
# docs/en/howto/navigation-menu.md
# docs/en/index.md
# docs/en/installation/index.md
# docs/en/installation/windows-manual-iis-6.md
# docs/en/misc/contributing/code.md
# docs/en/misc/contributing/issues.md
# docs/en/misc/module-release-process.md
# docs/en/reference/dataobject.md
# docs/en/reference/execution-pipeline.md
# docs/en/reference/grid-field.md
# docs/en/reference/modeladmin.md
# docs/en/reference/rssfeed.md
# docs/en/reference/templates.md
# docs/en/topics/commandline.md
# docs/en/topics/debugging.md
# docs/en/topics/email.md
# docs/en/topics/forms.md
# docs/en/topics/index.md
# docs/en/topics/module-development.md
# docs/en/topics/modules.md
# docs/en/topics/page-type-templates.md
# docs/en/topics/page-types.md
# docs/en/topics/search.md
# docs/en/topics/testing/index.md
# docs/en/topics/testing/testing-guide-troubleshooting.md
# docs/en/topics/theme-development.md
# docs/en/tutorials/1-building-a-basic-site.md
# docs/en/tutorials/2-extending-a-basic-site.md
# docs/en/tutorials/3-forms.md
# docs/en/tutorials/4-site-search.md
# docs/en/tutorials/5-dataobject-relationship-management.md
# docs/en/tutorials/building-a-basic-site.md
# docs/en/tutorials/dataobject-relationship-management.md
# docs/en/tutorials/extending-a-basic-site.md
# docs/en/tutorials/forms.md
# docs/en/tutorials/index.md
# docs/en/tutorials/site-search.md
# main.php
# model/SQLQuery.php
# security/ChangePasswordForm.php
# security/MemberLoginForm.php
# tests/control/ControllerTest.php
# tests/core/startup/ParameterConfirmationTokenTest.php
# tests/model/SQLQueryTest.php
# tests/security/SecurityTest.php
# tests/view/SSViewerTest.php
# view/SSTemplateParser.php
# view/SSTemplateParser.php.inc
# view/SSViewer.php
2016-01-20 13:16:27 +13:00
Damian Mooyman
46cbe809ac
Merge remote-tracking branch 'origin/3.1' into 3.2
...
# Conflicts:
# docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
# docs/en/02_Developer_Guides/14_Files/01_Image.md
# docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_CMS_Menu.md
# docs/en/03_Upgrading/index.md
# docs/en/05_Contributing/01_Code.md
# forms/TreeMultiselectField.php
# security/Permission.php
2016-01-19 14:00:19 +13:00
David Alexander
5c99e33eb2
DOCS 3.1 - fixes broken internal links
2016-01-14 23:59:53 +13:00
Peter Thaleikis
7db7140a70
fixing example
2015-12-04 11:14:02 +13:00
Daniel Hensby
572945a2fd
Merge pull request #4704 from spekulatius/patch-1
...
fixing syntax error
2015-11-23 14:18:50 +00:00
Hamish Friedlander
b61d6dcd57
[ss-2015-027]: FIX HtmlEditorField_Toolbar#viewfile not whitelisting URLs
2015-11-13 15:20:09 +13:00
Damian Mooyman
1e1a7a345c
Merge remote-tracking branch 'origin/3'
...
Conflicts:
control/Director.php
filesystem/File.php
filesystem/GD.php
filesystem/ImagickBackend.php
forms/HtmlEditorField.php
javascript/UploadField_uploadtemplate.js
model/Image.php
model/Image_Backend.php
model/fieldtypes/Enum.php
templates/AssetUploadField.ss
tests/model/ImageTest.php
tests/search/FulltextFilterTest.php
2015-11-03 14:23:16 +13:00
Damian Mooyman
e07f80014c
Merge remote-tracking branch 'origin/3.1' into 3.2
...
Conflicts:
lang/cs.yml
lang/sk.yml
2015-11-03 11:10:46 +13:00
Peter Thaleikis
791c52c6bd
fixing syntax error
2015-10-25 22:41:13 +13:00
Damian Mooyman
d1ea74e40d
API Implement AssetField to edit DBFile fields
2015-10-23 16:57:44 +13:00
Damian Mooyman
be239896d3
API Refactor of File / Folder to use DBFile
...
API Remove filesystem sync
API to handle file manipulations
2015-10-13 11:57:39 +13:00
Liam Whittle
71a2ef1350
fixed minor GridField initialization syntax.
2015-09-29 18:51:08 -04:00
Damian Mooyman
a8ace75341
API Support for multiple HTMLEditorConfig per page
2015-06-09 12:17:55 +12:00
Damian Mooyman
8331171f2c
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
.scrutinizer.yml
admin/javascript/LeftAndMain.Panel.js
core/startup/ParameterConfirmationToken.php
dev/Debug.php
dev/FixtureBlueprint.php
docs/en/00_Getting_Started/05_Coding_Conventions.md
docs/en/00_Getting_Started/index.md
docs/en/02_Developer_Guides/01_Templates/01_Syntax.md
filesystem/File.php
filesystem/Folder.php
forms/FieldList.php
forms/LabelField.php
forms/MoneyField.php
forms/TextField.php
forms/TreeDropdownField.php
forms/Validator.php
forms/gridfield/GridField.php
forms/gridfield/GridFieldExportButton.php
lang/de.yml
lang/fi.yml
model/DataObject.php
model/SQLQuery.php
parsers/ShortcodeParser.php
security/ChangePasswordForm.php
security/Security.php
tests/control/DirectorTest.php
tests/core/startup/ParameterConfirmationTokenTest.php
tests/dev/FixtureBlueprintTest.php
tests/forms/FieldListTest.php
tests/forms/MoneyFieldTest.php
tests/model/SQLQueryTest.php
tests/security/SecurityTest.php
2015-06-02 19:13:38 +12:00
Loz Calver
8a74dc3e0f
Merge pull request #4237 from silverstripe/docs-fix-caption-field-name
...
updated field name for caption text field.
2015-05-28 14:28:36 +01:00
Myles Beardsmore
06730bc1b3
updated field name for caption text field.
2015-05-28 13:34:59 +01:00
Cam Findlay
058a08f84f
DOCS Fix link to common subclasses of form fields
2015-05-23 17:30:09 +12:00