Commit Graph

56 Commits

Author SHA1 Message Date
Damian Mooyman
97f21fddb3 [ss-2015-021] Fix rewrite hash links XSS 2015-11-11 17:46:27 +13:00
Damian Mooyman
7ff131daa7 BUG Fix default casted (boolean)false evaluating to true in templates 2015-06-12 15:47:15 +12:00
Daniel Hensby
c062670ba3 Removing unreachable test line 2015-06-09 16:01:33 +01:00
Christopher Pitt
604c328712 Fixed XSS vulnerability relating to rewrite_hash 2015-03-20 18:17:51 +13:00
Will Morgan
7c9810bf49 Merge pull request #3432 from IgorNadj/3.1-fix-minify
FIX making minify javascript fail-safe
2015-02-06 11:17:59 +00:00
Igor Nadj
77e30d4524 Cleanup, removing redundant returns 2014-11-26 15:31:07 +13:00
Igor Nadj
657606e8c8 Updating code to allow unit test to use try-catch block to catch warning
without stopping code execution inside try
2014-11-26 15:27:54 +13:00
Nik
5258b84e5c Updated SSViewerTest to test for SSTemplateParser rewrite_hash_links fix 2014-09-26 17:41:27 +12:00
Igor Nadj
f823831a63 FIX making minify javascript fail-safe 2014-08-25 11:49:38 +12:00
Simon Welsh
f9c44e4ceb Merge branch '3.0' into 3.1
Conflicts:
	model/Versioned.php
	view/SSTemplateParser.php
	view/SSViewer.php
2014-03-30 18:15:12 +13:00
Damian Mooyman
4415a75d93 BUG Fix issue with versioned dataobjects being cached between stages 2014-03-27 13:17:29 +13:00
micmania1
b89ab1eb16 Added SSViewer::get_templates_by_class() to make the functionality in LeftAndMain::getTemplatesWithSuffix() more open. 2013-12-01 07:42:37 +00:00
Cam Spiers
14486902fb Allow users to extend the SSTemplateParser by defining open & closed blocks
Currently the only way the extend SSTemplateParser is to define a class
extension of it and then tell the injector component to use your new
custom class. This new change allows a user to define new "open blocks"
and "closed blocks" for SSTemplateParser to use without needing to
recompile the real SSTemplateParser class.

The following example shows how the functionality can be used
to add a new <% minify %>…<% end_minify %> syntax to the template parser

In a config.yml file, define the new minify closed block to call the
static function "Minifier::minify"

```
Injector:
	SSTemplateParser:
		properties:
			closedBlocks:
				minify: "Minifier::minify"
```

Define a new class with the minify static method that returns the new
template code when regenerating templates:

```
class Minifier {
    public static function minify(&$res) {
        return <<<PHP
{$res['Template']['php']}
\$val = zz\Html\HTMLMinify::minify(\$val, array('optimizationLevel' => zz\Html\HTMLMinify::OPTIMIZATION_ADVANCED));
PHP;
    }
}
```
2013-11-04 14:24:58 +13:00
Jeremy Thomerson
f6ff39369f FEATURE: <% include %> inherits iterator scope of parent template 2013-07-07 12:39:42 +00:00
Hamish Friedlander
ae3e3f3b44 FIX Arguments to method calls reseting scope 2013-06-25 17:35:16 +12:00
Jeremy Thomerson
964b3f2d48 FIX: <% if Link %> wasn't working
Since ViewableData was returning a casting helper for Link, but DataObject was
only using $this->$fieldname to set values on that casting helper, you could
not use <% if Link %> (or <% if $Link %>) in your templates because Link is not
a field, and thus had no value to be set on the casting helper, causing
hasValue to think that there was no value.  Since DataObject->dbObject says that
"it only matches fields and not methods", it seems safe to have it call db(..)
to get the field spec, and not call ViewableData->castingHelper at all.
2013-06-15 13:44:03 +00:00
Zauberfisch
809e0e547a MINOR: updated and extended Tests 2013-04-22 18:17:31 +00:00
s-m
acf2ff8ce6 BUG: Fix for #1487
The parser could sometimes generate invalid code if the
source-file-comments were enabled, this moves the comments outside the
html-tag to circumvent these problems, update test as well.
2013-04-15 19:54:41 +02:00
s-m
29e6bd513c BUG: Allow empty else- and else_if-blocks
This fix allows empty else and else-if blocks to be processed, fixes #1660
2013-04-10 16:17:44 +02:00
s-m
6a95db0eff API: Support inequalities in templates
This adds support for <, <=, >, >= in templates
2013-04-08 17:07:39 +02:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Ingo Schommer
0a9f3b75a9 Fixed deprecated usage of <% control %> 2013-03-19 12:58:14 +01:00
Hamish Friedlander
9bd6dd9ade API Make default_cast Text and not HTMLText 2013-03-14 12:49:03 +13:00
Hamish Friedlander
d2650bbc44 NEW Disable shortcodes in $Layout and $Content in SSViewer 2013-03-14 12:49:03 +13:00
miiihi
5af35a89ce ENHANCEMENT Allow multiline comments in SS3 templates 2013-03-07 18:45:07 +01:00
ajshort
d3629be344 BUG: Pass named include argument as objects.
This means you can pass objects such as lists as named parameters, not
just strings.
2013-02-14 18:31:40 +11:00
Will Rossiter
dfd3455802 BUG Only include processed requirements at the top level. (Fixes #7847)
After each sub template was processed Requirements::includeInHTML() is included which appended requirements again.
2012-11-04 17:54:09 +13:00
Sam Minnee
1f7fc1f76a FIX Remove instances of lines longer than 120c
The entire framework repo (with the exception of system-generated files) has been amended to respect the 120c line-length limit.  This is in preparation for the enforcement of this rule with PHP_CodeSniffer.
2012-09-30 17:18:13 +13:00
Ingo Schommer
e2f073f38a Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
Ingo Schommer
d5313aa6a4 BUG Fixed SSViewerTest execution in non-dev environments 2012-09-12 09:50:10 +02:00
Hamish Friedlander
e160b76df5 BUG 7362 dont include trailing space in bare string 2012-07-23 15:42:58 +12:00
Sean Harvey
792c89e103 ENHANCEMENT Adding List() in the GenericTemplateGlobalProvider so
templates can use <% cached List(Member).max(LastEdited) %> instead
of deprecated "Aggregate" syntax.
2012-05-29 20:04:51 +12:00
Sean Harvey
b68e426844 MINOR Removing dodgy conditional tests in SSViewerTest 2012-05-19 18:09:57 +12:00
Simon Welsh
ab34688273 BUGFIX: Looping over a PaginatedList in the template caused a seg fault/bus error. 2012-05-11 14:03:31 +12:00
Julian Seidenberg
192237cb7d BUGFIX: fixes to i18n Unit Tests 2012-04-18 17:35:31 +12:00
Simon Welsh
3a6341a251 API-CHANGE sapphire folder can now be renamed. 2012-04-15 10:50:19 +12:00
Hamish Friedlander
521742aaf8 ENHANCEMENT: Split arguments passed to SSViewer into underlay and overlay arguments to control precedence. Also fixes breakage of SecurityAdmin 2012-04-13 12:15:34 +12:00
Sam Minnée
1189322b41 Merge pull request #302 from robert-h-curry/7113-nested-controls-breaking-last
BUGFIX: Issue #7113: Recalculate itemIteratorCount when popping viewer state.
2012-04-11 17:19:46 -07:00
Robert Curry
695ae711e7 MINOR: Issue #7113: Add test for nested loops. 2012-04-12 11:56:49 +12:00
Hamish Friedlander
e4a043ac0b ENHANCEMENT: Allow arguments to be passed to templates via an array passed to SSViewer#process and via keyword=value pairs in the <% include %> tag 2012-04-11 21:34:27 +12:00
Sean Harvey
e097f6e1a8 MINOR Fixes to method arguments in core classes for E_STRICT support.
API CHANGE Remove abstract static function and just use static functions
in Authenticator (PHP 5.3+ doesn't support abstract static functions)
2012-03-28 22:41:42 +13:00
Ingo Schommer
71c026c75a MINOR Removed SiteTree dependency from SSViewerTest (fixes #6907) 2012-03-14 16:11:23 +01:00
Sam Minnee
d896c7dc03 MINOR: Removed PHP 5.3-only code from SSViewerTest. 2012-03-09 18:32:10 +13:00
Hamish Friedlander
374ed19406 API CHANGE: Change variable expose method in TemplateGlobalProvider and TemplateIteratorProvider to (a) not clash with each other and, (b) be less generic 2012-03-06 09:31:57 +13:00
Hamish Friedlander
2c65d3a398 BUGFIX: Add casting support to global and iterator variable injection 2012-03-06 09:31:57 +13:00
Hamish Friedlander
156d2226fc BUGFIX: Replaced deprecated DataObjectSet use with ArrayLists in SSViewerTest 2012-03-06 09:31:56 +13:00
Hamish Friedlander
91f4ba15f1 ENHANCEMENT: supporting "current scope" loop and with: (with Children) (loop) $Title (end_loop) (end_with) 2012-03-06 09:31:55 +13:00
Hamish Friedlander
28bb83552a API-CHANGE: moving iterator support from ViewableData to SSViewer. New set of unit tests for iterator support functions. 2012-03-06 09:31:55 +13:00
Hamish Friedlander
927dbbe717 API-CHANGE: Global template variables can now be called directly using SSViewer_DataPresenter instead of needing to inherit off ViewableData 2012-03-06 09:11:46 +13:00
Ingo Schommer
68914efb8d MINOR SSViewer->testCastingHelpers() 2012-02-29 21:06:43 +01:00