Related to SS-2013-009. While the default "TreeTitle" was escaped
within the SiteTree->TreeTitle() getter, other properties like SiteTree->Title
weren't escaped. The new logic uses the underlying casting helpers
on the processed objects.
Related to SS-2013-009. While the default "TreeTitle" was escaped
within the SiteTree->TreeTitle() getter, other properties like SiteTree->Title
weren't escaped. The new logic uses the underlying casting helpers
on the processed objects.
The tabindex increment *should* only be done if there is a tabindex
that has been set on a CreditCardField already, otherwise it breaks
the tab ordering.
- Prevent circular references in `GridFieldAddExistingAutocompleter` when linking DataObjects whose ID matches the current object to which the gridfield is attached.
Due to the recent change of translations to transifex, some
locales changed their names, which prompted a fix to
i18n::get_available_translations() (see 00ffe7294).
This caused a regression where short locales are determined
from the YAML file names (e.g. "en"), but weren't matched up
with fully qualified locales from get_available_translations() (e.g. "en_US").
Since this list is used in the admin/myprofile dropdown for the Member.Locale value,
it didn't match up with any entries and defaulted to the first one ("Africaans").
Note that the behaviour of admin/myprofile is still a bit weird:
It defaults the locale on new members to the one set for the current administrator.
So if a site defaults to en_US in _config.php, but the admin happens to view
his backend in de_DE, all members he creates default to de_DE as well.
Thanks to @tractorcow for contributing and peer reviewing!
This is a workaround in order to ensure the field stays operational
for SiteTree and File records with the new $showSearch=true default.
Previously it was necessary to use setSearchCallback(), otherwise
the SQL query would fail. One limitation to keep this change generic
is that "MenuTitle" won't be used to search, since its SiteTree specific,
while the "Title" and "Name" fields are generally regarded as
model conventions (e.g. they're used in DataObject->getTitle() as well).
See https://github.com/silverstripe/silverstripe-framework/pull/2364
Set search option true on treedropdown fields by default, to provide a
fallback solution when trees fail to render (too many children errors)
Provide better indication/more meaningful styling to search (match
chosen styles for consistency)
Allow DataList::limit() to take a null value to remove the limit.
Added tests for limit(). Note the one failure, currently the ORM doesn't support unlimited values with an offset.
This resulted in an error since the returned class name did not exist.
Note that this only happened when someone subclassed GridFieldDetailForm
and did not subclass GridFieldDetailForm_ItemRequest.
When submitting a Datefield with no value but with a min / max config date, the validate() function attempts to access a function on $this->valueObj (which is a non-object)
Each CSS class passed in to `addExtraClass` or `removeExtraClass` will be set as their own key in the `extraClasses` array
Also make `Form` consistent with `FormField`
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk
Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.
Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
Remove all top/bottom margins from buttons and apply to GridFieldButtonRow component. Ensure that all buttons are added to a suitable GridFieldButtonRow in ModelAdmin, SecurityAdmin and Group.
Some clients require disabling of the browser password handling
mechanisms. Add a switch to make it possible without hacking the core.
No change to default behaviour.
Very difficult to choose an image based on file name alone. Added thumbnail and reduced rows from 10 to 8 to compensate for increased height of rows with thumbnail included.
Per [RFC 2616 section 5.1.1][ietf], HTTP methods are case-sensitive.
- Change the internal representation of the form's method to upper case
- Update FormTest to accommodate the case changes
- Change method to lower case for HTML in Form#getAttributesHTML()
[ietf]: http://tools.ietf.org/html/rfc2616#section-5.1.1
Supports passing an array to removeByName(), which is iterate and then removed. Useful for removing fields from a fieldlist that are not on a tab. Similar to removeFieldsFromTab();
This is cleaner than a new function.
Previously relied on the presence of a last column which wasn't filterable,
commonly a GridFieldEditButton. If this wasn't present, the filter buttons
were never added, leading to the GridField JS reload request being sent
without the required button form action, so GridFieldFilterHeader->handleAction()
was never called.
It used to validate via ajax, but that has been removed as part
of the 3.0 refactor of all prototype.js code. In the end,
its a field which is quite trivial to implement in custom code
(or in controller code), unless we re-add the Ajax features.
And I think an ajax-validating uniqueness field is too much
of an edge case to belong into core.
Cleanup of framework's use of @package and @subpackage labels and additional of labels for classes missing packages.
Moved all GridField related components to the one name.
Countless spelling fixes, grammar for other comments.
Link ClassName references in file headers.
Fixes http://open.silverstripe.org/ticket/5577.
Uses Zend_Locale_Format::isNumber(). Includes unit test for NumericField. Does not include testing work on DBField underlying NumericField to ensure that works consistently.
This prevents it from failing for proxied values
like BlogEntryForm, where the field name doesn't exist,
and rather gets processed and saved into a different field.
Caused the UploadField rows to show "[Object object]" because
it tried to pass through a PHP object to JS without string casting
(the return used to be a string).
This is related to how Zend_Date returns year for YYYY & yyyy format. Detailed explanation is here http://framework.zend.com/issues/browse/ZF-5297
Sample code (adapted the Datetimefield setValue() method) to highlight the problem:
include 'framework/thirdparty/Zend/Date.php';
$userValueObj = new Zend_Date(null, null, 'en_US');
$userValueObj->setTimezone('GMT');
$userValueObj->setDate('2012-01-01', 'YYYY-MM-dd');
$userValueObj->setTime('00:00:00', 'HH:mm:ss');
echo $userValueObj->get('YYYY-MM-dd HH:mm:ss', 'en_US'), "\n"; // returns 2011-01-01 00:00:00
echo $userValueObj->get('yyyy-MM-dd HH:mm:ss', 'en_US'), "\n"; // returns 2012-01-01 00:00:00
Rendering potentially 1000s of nodes can exceed the CPU and memory constraints
of a normal PHP process, as well as the rendering capabilities of browsers.
Set a hard maximum for the renderable nodes, deferring to a "show as list" action
in the main CMS tree. For TreeDropdownField, we don't have the list fallback option,
so ask the user to search for the node title instead.
Also makes both the "node_threshold_total" and "node_threshold_leaf" values configurable
Caused by SS loading a URL with html entities (&)
through the Requirements API, which only works when directly
inserted into the HTML template (standard behaviour),
but garbles the URL GET parameters when loaded via the jQuery.ondemand
JavaScript/XHR logic.
It didn't fail the request, just meant that tiny_mce_gzip.php wasn't
getting all the required options from the GET parameters.
And since this newly loaded file contains the same JS globals,
it would override previously loaded (correct) state.
The deprecations are supposed to denote the release where
the functionality will be removed, as opposed to the one where
its deprecated. Having 3.1 as a target for recent changes
in popular methods like Object::add_extension() causes
too many short-term hassles, there's no "grace period".
Extracted common code out to SS_HTMLValue and made abstract, then
put HTML 4 specific code in SS_HTML4Value. Its now possible to
replace HTMLValue with one designed for HTML 5 or XHTML
Requires a code change from new SS_HTMLValue to
Injector::inst()->create(HTMLValue)
When saveInto is called on ListboxField and CheckboxsetField,
UnsavedRelationList should be an acceptable relationship type. This is
leading to relations not being saved on initial creation of Member
objects
This bug was introduced with the new nested CMS actions
around December 2012, but wasn't noticed until now
because checkAccessAction() would wrongly return TRUE
before the dataFieldByName() check was reached.
At the moment form actions (buttons) have the classes 'action action' as default. This is because the extraClass function adds 'action' and then calls the parent method. The parent then includes the $this->Type() ('action') again.
So I've remove this overloading of extraClass
This bug was introduced with the new nested CMS actions
around December 2012, but wasn't noticed until now
because checkAccessAction() would wrongly return TRUE
before the dataFieldByName() check was reached.
RequestHandler#handleAction now exists. It takes the request, and
the action to call on itself. All calls from handleRequest to call an action
will go through this method
Controller#handleAction has had it's signature changed to
match new RequestHandler#handleAction
RequestHandler#findAction has been added, which extracts the
"match URL to rules to find action" portion of RequestHandler#handleRequest
into a separate, overrideable function
GridField#handleAction has beeen renamed to handleAlterAction and
CMSBatchActionHandler#handleAction has been renamed to handleBatchAction to
avoid name clash with new RequestHandler#handleAction
Reason for change: The exact behaviour of request handling depended heavily
on whether you inherited from RequestHandler or Controller, and whether the
rule extracted it's action directly (like "foo/$ID" => 'foo') or dynamically
(like "$Action/$ID" => "handleAction"). This cleans up behaviour so
all calls follow the same path through handleRequest and handleAction, and
the additional behaviour that Controller adds is clear.
We shouldn't pass it to the child fields since it ends
up showing the description three times in the default
"inline" mode. If the description is required as a hover/focus effect,
it can be set individually on the fields.
Sometimes has-one UploadFields can get confused about whether or not there is an existing file that needs deleting. This setting lets you make a more robust has-one UploadField, where any existing file will be replaced. It more closely mimics simple single-file upload fields.
This is the companion setting to canUpload, letting you control whether existing files from the asset store can be referenced. It's particularly useful when using UploadField on the front-end.
Although editing meta-data or deleting permanently would require File editing/deleting permissions, merely linking to a record does not. This change is important for allowing front-end use of UploadField; or, more importantly, use of UploadFile by people without CMS rights.
The new config setter restores the 2.4 behaviour of including <input type="hidden"> with a field. Although as a default, this option has security flaws; it is useful in a few circumstances and, if nothing else, is handy to make upgrading sites easier.
This hook is useful so that you can add additional fields / actions in a gridfield form that are not available in other settings (e.g. additional actions: previous / next / save and publish / unpublish / etc
Function unset() preserves numeric keys and method removeRequiredField() will give a PHP notice about nonexistent array key and loop won't iterate throughout all elements in array on second method call (and all subsequent).
So it's better to use foreach loop and array_splice() function (it doesn't preserve numeric keys).
Introduced new FormField->castedCopy() method
which tries to replicate the existing form field instance
as closely as possible.
Primarily, the fix was targeted at consistently passing
through FormField->description to all of its variations.