Commit Graph

266 Commits

Author SHA1 Message Date
Will Rossiter
58a2eb0155 Versioned documentation typo (Thanks aragonne) 2013-07-19 18:14:53 +12:00
Hamish Friedlander
d38bd7d5cb Merge branch 'origin/3.0' into 3.1 2013-07-19 14:18:49 +12:00
Hamish Friedlander
1298d4a5bd FIX Prevent DOS by checking for env and admin on ?flush=1 (#1692) 2013-07-19 12:24:32 +12:00
Ingo Schommer
d4a1e6d294 BUG Prevent clickjacking in CMS and Security controllers (fixes #2215) 2013-07-14 22:44:09 +02:00
Ingo Schommer
b58e2dbe3a Member.lock_out_delay_mins configurable, password security docs 2013-07-11 09:47:28 +02:00
Hamish Friedlander
7b7982969b Add some docs about admin-side HTML sanitisation 2013-07-10 16:44:51 +12:00
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Mateusz Uzdowski
f9ede95e5b Add configuration system tests for Only and Except combinations. 2013-07-02 15:51:53 +12:00
Hamish Friedlander
df218d76da Clarify how Only and Except rules combine 2013-07-02 14:09:11 +12:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Ingo Schommer
2160fb8000 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.js
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
	tests/control/ControllerTest.php
2013-06-19 14:03:43 +02:00
CheeseSucker
671b7a0cc7 Consolidated command line examples
Examples were broken into several <pre> blocks.
2013-06-18 15:50:32 +03:00
CheeseSucker
476df739a2 A few minor improvements to the "Module development" documentation 2013-06-16 12:55:39 +03:00
Will Rossiter
8fca3799c3 Update module development, remove outdated release steps 2013-06-15 12:06:25 +12:00
Will Rossiter
6d792adab2 Update documentation static declarations to private
Also spelling, grammar and line length clean up.
2013-06-08 15:16:59 +12:00
Sam Minnée
00e09f1493 Update commandline.md 2013-05-25 19:07:17 +12:00
Sam Minnée
99275ea783 Merge pull request #1760 from jedateach/patch-3
CommandLine: Info about running regular tasks with cron
2013-05-24 23:53:45 -07:00
Ingo Schommer
306d3b0c7e Merged existing shortcode docs with new topics docs from 3.0 2013-05-17 14:01:42 +02:00
Ingo Schommer
4c7c40e8b9 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	parsers/ShortcodeParser.php
2013-05-17 13:51:54 +02:00
Ingo Schommer
146b5a81cb Improved shortcode docs 2013-05-17 13:49:46 +02:00
Ingo Schommer
3b02d22989 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	dev/CsvBulkLoader.php
2013-05-09 10:34:20 +02:00
Sam Minnée
9672a22166 Merge pull request #1851 from chillu/pulls/form-strict-method-check
Form strict method check
2013-05-08 22:31:40 -07:00
Fred Condo
677dc9822e Edit forms documentation
Correct spelling and word choices.
2013-05-08 17:00:43 -07:00
Ingo Schommer
14c59be85e API Form::setStrictFormMethodCheck() and strict argument to setFormMethod()
Thanks to @sminnee for getting this started
2013-05-08 10:25:13 +02:00
Sam Minnee
b5a83878dd Added docs for i81n.moduole_priority. 2013-05-06 12:51:46 +12:00
Simon Welsh
a5d69f2bf5 Update page-type-templates.md 2013-05-03 15:04:30 +12:00
Ingo Schommer
5f91c3724d Consistently used dollar notation in template docs (see #1794) 2013-04-26 11:48:59 +02:00
Ingo Schommer
faa3e58468 Allow SS_DATABASE_NAME in _ss_environment.php configuration
Makes setups which are completely driven by that file a bit easier
to automate, particularly if the same codebase is deployed
multiple times (e.g. to a staging and live instance)
2013-04-22 14:11:37 +02:00
Ingo Schommer
67ce9e08cc Extended docs for shortcode handling and doctypes (fixes #1700) 2013-04-16 14:01:04 +02:00
Jeremy Shipman
4db5f75298 Info about running regular tasks with cron
What commands to use, and good approach to testing
2013-04-15 10:47:59 +12:00
Ryan Wachtl
46831f56fb Update configuration.md
Link to ssbits.com config cheatsheet no longer relevant.
2013-04-09 10:09:25 -05:00
Ingo Schommer
9856fcef21 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	javascript/DateField.js
	model/DataQuery.php
	model/Versioned.php
	tests/forms/RequirementsTest.php
	tests/model/DataObjectLazyLoadingTest.php
	view/Requirements.php
2013-04-09 14:45:35 +02:00
Stephen Shkardoon
1a95be7e60 Update form-validation.md
Minor typo, missing a '
2013-04-09 18:44:47 +12:00
Will Rossiter
05d4dd863d Update controller.md 2013-04-05 22:17:11 +13:00
Jeremy Shipman
a57e4e8abe Update environment-management.md
Fixed "Available Constants" table at the bottom
2013-04-03 15:29:27 +13:00
Ingo Schommer
0b54b284bc Updated i18n docs 2013-04-02 11:43:36 +02:00
Ingo Schommer
c08ab18c03 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	.travis.yml
	admin/javascript/LeftAndMain.AddForm.js
	docs/en/reference/requirements.md
2013-04-02 02:00:50 +02:00
Ingo Schommer
f5754c11aa Contribution guidelines, new bugtracker links 2013-04-02 01:51:40 +02:00
Ingo Schommer
ccb0155b8f Config docs improvement: @config and LSB mentions
Also moved some less important "notes" further down the page.
The doc is still written too much like a technical spec, we need
something that's more accessible to beginners.
2013-03-27 12:08:12 +01:00
Ingo Schommer
315c03872a Fixed _config.php references and usage in docs 2013-03-27 12:06:57 +01:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Ingo Schommer
00fb8cf679 Formatting and docs changes to configuration.md 2013-03-24 17:20:36 +01:00
Ingo Schommer
81a51331d6 IX Load _config.php's after static config manifest
This allows more sophisticated handling of config alterations
in _config.php. One example is additions to DataObject::$db
based on configuration which requires some processing.

See https://github.com/unclecheese/TranslatableDataObject/blob/master/TranslatableDataObject.php
2013-03-21 00:16:36 +01:00
Ingo Schommer
53c84ee1fe Merge remote-tracking branch 'origin/3.0' into 3.1 2013-03-19 14:04:29 +01:00
Ingo Schommer
99ca0471f7 Merge remote-tracking branch 'origin/2.4' into 3.0
Conflicts:
	control/RequestHandler.php
	core/control/ContentController.php
	dev/CsvBulkLoader.php
	docs/en/changelogs/index.md
	docs/en/reference/execution-pipeline.md
	docs/en/topics/commandline.md
	docs/en/topics/controller.md
	docs/en/topics/form-validation.md
	docs/en/topics/forms.md
	docs/en/topics/security.md
	model/MySQLDatabase.php
	security/Security.php
	tests/control/ControllerTest.php
	tests/control/RequestHandlingTest.php
2013-03-19 13:56:04 +01:00
Andrew Short
b8a51c3792 Merge branch '3.0' into 3.1 2013-03-19 22:27:09 +11:00
Stephen Shkardoon
2ead2ba60f Removed invalid characters
No idea what those characters were meant to be, so I removed them.
2013-03-16 23:17:02 +13:00
Andrew Short
6ae931df24 Merge branch '3.0' into 3.1 2013-03-15 21:47:23 +11:00
Dan
4a12d6db3c Minor: Two modules are listed as three.
...for example "framework" and "cms". These three modules... Should be two modules, or perhaps there is a third missing from the list.
2013-03-08 10:10:04 -05:00
Ingo Schommer
64888c07b7 Partially revert docs commit 7710cf59
i18n.js doesn't support named parameters (yet)
2013-03-04 08:48:16 +01:00
Ryan Wachtl
3d602998b1 Update rich-text-editing.md
`HtmlEditorField::add_extension('MyToolbarExtension');` was not working for me. I had to use `HtmlEditorField_Toolbar`.
2013-03-02 14:37:09 -06:00
Ingo Schommer
bea1b9002d Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	control/HTTP.php
2013-02-26 13:28:35 +01:00
Ingo Schommer
567e39cd19 Updated composer docs 2013-02-25 11:47:11 +01:00
Hamish Friedlander
5fd55a50f2 API Tighten up allowed_actions
allowed_actions is now only allowed to reference public methods defined
on the same Controller as the allowed_actions static, and
the wildcard "*" has been deprecated
2013-02-18 14:53:33 +13:00
Hamish Friedlander
7efae6b95f Merge remote-tracking branch 'origin/3.0' into 3.1 2013-02-18 14:31:57 +13:00
Ingo Schommer
d51e0bc2ec Improved docs on $allowed_actions
Added section to "Controllers" and "Form" topics,
added $allowed_actions definitions to all controller examples
2013-02-17 23:30:40 +01:00
Ingo Schommer
3e27d27f7a Improved docs on $allowed_actions
Added section to "Controllers" and "Form" topics,
added $allowed_actions definitions to all controller examples
2013-02-17 23:16:25 +01:00
Daniel Hensby
77476de917 Change to how environment file is found
The _ss_environment.php file can now be in any parent folder of the framework (according to realpath())

Removing the description of '3 levels deep' and replaced with explanation of infinite depth.
2013-01-30 15:19:53 +00:00
Ingo Schommer
634c91c6ff Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	email/Mailer.php
2013-01-30 12:46:24 +01:00
Hamish Friedlander
acfc0be471 Document that yaml files shouldnt be served directly 2013-01-29 14:11:52 +13:00
Sean Harvey
1f1b115ef9 Fixing code formatting 2013-01-24 13:44:23 +13:00
Sean Harvey
3aa2cdccba Fixing code formatting in rich-text-editing docs 2013-01-24 12:50:55 +13:00
Ingo Schommer
6b4d1a7570 Merge pull request #1127 from mateusz/tinymce-docs
Add docs on how to customise the TinyMCE editor.
2013-01-23 14:54:09 -08:00
Mateusz U
141538f678 Add docs on how to customise the TinyMCE editor.
Fix whitespace problems.
2013-01-24 10:54:14 +13:00
Ingo Schommer
4892c11aaa Clarified docs on isDev usage in dev/build 2013-01-22 14:29:58 +01:00
Ingo Schommer
c11b3918fc Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/css/screen.css
	admin/scss/_style.scss
	core/PaginatedList.php
	email/Mailer.php
2013-01-21 11:14:57 +01:00
Ingo Schommer
2e6e0de44d Clarified DataList->limit() docs 2013-01-15 10:14:55 +01:00
Ingo Schommer
f3c0669fec Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	_config/uploadfield.yml
	css/UploadField.css
	forms/UploadField.php
	scss/UploadField.scss
	templates/UploadField.ss
	tests/forms/uploadfield/UploadFieldTest.php
2013-01-11 10:02:39 +01:00
drzax
f6ab5a4020 Update docs/en/topics/i18n.md
Make the documentation more clear and 3.x specific. Especially around template translations.
2013-01-09 12:46:09 +10:00
Ingo Schommer
d13c53fda6 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	tests/model/DataQueryTest.php
2012-12-14 10:57:28 +01:00
Stig Lindqvist
681a0241e7 DOC Removed link to missing 'extending-the-cms.md' 2012-12-14 16:15:22 +13:00
Ingo Schommer
6571c17992 Merge remote-tracking branch 'origin/3.0' 2012-12-11 17:16:19 +01:00
Ingo Schommer
e8fbfc0bd1 NEW FixtureFactory separated out from YamlFixture
Enables more generic use of the fixture facilities
without dependency on the YAML format, for example
when creating fixtures from Behat step definitions.

Note: The YamlFixture class needs to be created via
Injector::inst()->create('YamlFixture') now,
direct instantiation is no longer supported.
2012-12-11 17:06:27 +01:00
Ingo Schommer
fa84c2d705 Merge remote-tracking branch 'origin/3.0' 2012-12-10 17:50:43 +01:00
Simon Welsh
5ca000d0a5 Correct routing rule block indentation 2012-12-07 08:15:53 +13:00
Ingo Schommer
a108f67476 Merge pull request #922 from simonwelsh/rellist-presave
NEW: Allows setting of has_many and many_many relations before writing
2012-12-04 01:25:15 -08:00
Will Rossiter
100ad658db Email doc formatting
Workaround markdown parser throwing a fit with code straight after list.
2012-12-04 20:00:09 +13:00
Will Rossiter
bf67679155 Fix typo in email docs. 2012-12-04 19:56:36 +13:00
Ingo Schommer
0dba1485a5 Merge remote-tracking branch 'origin/3.0' 2012-11-28 16:36:21 +01:00
Simon Welsh
bbc4443af7 NEW: Allows setting of has_many and many_many relations before writing
Adds a new wrapper list, UnsavedRelationList, that maintains the relations until
writing, where it is converted into the correct RelationList.
2012-11-28 09:37:08 +13:00
Adam Judd
2d8b7daaf9 Add limit() details to datamodel.md 2012-11-26 23:59:31 -08:00
Ingo Schommer
c55c7c33f8 Merge branch '3.0'
Conflicts:
	admin/code/CMSProfileController.php
	composer.json
	tests/model/DataObjectTest.php
2012-11-22 23:51:28 +01:00
Ingo Schommer
32f829d094 NEW Support for Behat tests, and initial set of tests 2012-11-16 15:31:55 +13:00
Ingo Schommer
4fcdfe8d64 Testing docs recommend "phpunit" over "sake"
- Moved some docs around to reflect this change
- Described how to symlink from vendor/bin/phpunit
- Added note about browser-runs not being recommended
- Added more examples on how to run through "sake",
  to complement the existing descriptions for "phpunit"
2012-11-15 14:15:46 +01:00
Ingo Schommer
0a580deb3f Documenting PHPUnit install through composer 2012-11-15 13:40:07 +01:00
Andrew O'Neil
fdea5321c7 APICHANGE: add_extension() is now called directly on the class, instead of on Object 2012-11-07 11:07:55 +13:00
Sean Harvey
fbc6e3366b Merge branch '3.0' 2012-11-05 15:11:48 +13:00
Simon Welsh
8a0f234acf Merge pull request #870 from chillu/pulls/datalist-filterany
NEW DataList->filterAny()
2012-11-02 16:17:48 -07:00
Ingo Schommer
80f40c6070 Merge pull request #907 from stojg/docs-forms-7727
MINOR: Fixes to the topics/forms.md
2012-10-31 15:19:29 -07:00
stojg
5ca1d5b228 BUG Fixes to the topics/forms.md documentation
- Added an example on how to setup a controller with a form
- Notice about adding form methods to $allowed_actions
- Using the FormField::create() in all examples
- Corrected some errors in the examples that did not work
- Aligned docs to use 120 chars lines
2012-11-01 11:14:06 +13:00
Ingo Schommer
a7753dfa5b Moved GridField docs to reference 2012-10-30 18:59:26 +01:00
Ingo Schommer
efabde1416 Merge remote-tracking branch 'origin/3.0'
Conflicts:
	admin/css/screen.css
	admin/scss/_style.scss
	security/Member.php
2012-10-30 17:52:49 +01:00
Simon Welsh
b031188080 Updated gridfield docs
Fixes GridFieldConfig_RelationEditor example (was the same as RecordEditor) and fixes related links.
2012-10-27 11:30:26 +13:00
Simon Welsh
bedb579b07 Merge branch '3.0' 2012-10-23 15:21:20 +13:00
Ingo Schommer
9e34a989a8 Removed wrong datamodel docs
See https://groups.google.com/forum/?hl=en&fromgroups=#!topic/silverstripe-dev/Leh8fN0MjDY
2012-10-16 15:07:47 +02:00
Ingo Schommer
5be3a4c35a NEW DataList->filterAny() 2012-10-12 15:24:25 +02:00
Sam Minnée
7023669754 Merge pull request #775 from simonwelsh/exclude-filter
Exclude filter
2012-10-09 15:58:19 -07:00
Simon Welsh
c49f7566c3 API Allow use of :not, :nocase and :case modifiers to SearchFilters.
More modifiers can be added to each class as desired.
2012-10-10 10:26:47 +13:00
Ingo Schommer
e9cf4affc7 Merge remote-tracking branch 'origin/3.0' 2012-10-09 09:32:43 +02:00
Sam Minnee
7d203a9af1 Moved all translator-targeted documentation to contributing/translation and left translation-process for advanced topics relating to module maintainers and the core team. 2012-10-09 14:53:47 +13:00