Ingo Schommer
|
9872a52a8d
|
SecurityToken docs
|
2013-09-05 12:54:31 +02:00 |
|
Ingo Schommer
|
d4a1e6d294
|
BUG Prevent clickjacking in CMS and Security controllers (fixes #2215)
|
2013-07-14 22:44:09 +02:00 |
|
Ingo Schommer
|
b58e2dbe3a
|
Member.lock_out_delay_mins configurable, password security docs
|
2013-07-11 09:47:28 +02:00 |
|
Hamish Friedlander
|
7b7982969b
|
Add some docs about admin-side HTML sanitisation
|
2013-07-10 16:44:51 +12:00 |
|
Hamish Friedlander
|
dacb2aa638
|
FIX HtmlEditorField not re-checking sanitisation server side
|
2013-07-04 08:53:23 +12:00 |
|
Ingo Schommer
|
14c59be85e
|
API Form::setStrictFormMethodCheck() and strict argument to setFormMethod()
Thanks to @sminnee for getting this started
|
2013-05-08 10:25:13 +02:00 |
|
Ingo Schommer
|
3334eafcb1
|
API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
|
2013-03-24 17:20:53 +01:00 |
|
Ingo Schommer
|
99ca0471f7
|
Merge remote-tracking branch 'origin/2.4' into 3.0
Conflicts:
control/RequestHandler.php
core/control/ContentController.php
dev/CsvBulkLoader.php
docs/en/changelogs/index.md
docs/en/reference/execution-pipeline.md
docs/en/topics/commandline.md
docs/en/topics/controller.md
docs/en/topics/form-validation.md
docs/en/topics/forms.md
docs/en/topics/security.md
model/MySQLDatabase.php
security/Security.php
tests/control/ControllerTest.php
tests/control/RequestHandlingTest.php
|
2013-03-19 13:56:04 +01:00 |
|
Ingo Schommer
|
d51e0bc2ec
|
Improved docs on $allowed_actions
Added section to "Controllers" and "Form" topics,
added $allowed_actions definitions to all controller examples
|
2013-02-17 23:30:40 +01:00 |
|
Ingo Schommer
|
3e27d27f7a
|
Improved docs on $allowed_actions
Added section to "Controllers" and "Form" topics,
added $allowed_actions definitions to all controller examples
|
2013-02-17 23:16:25 +01:00 |
|
Hamish Friedlander
|
acfc0be471
|
Document that yaml files shouldnt be served directly
|
2013-01-29 14:11:52 +13:00 |
|
Ingo Schommer
|
868d3697fd
|
Fixed usage of DataList etc in docs (fixes #7518)
|
2012-06-27 16:09:31 +02:00 |
|
Ingo Schommer
|
3a11c690ed
|
MINOR Updated security documentation (phpdoc and markdown) around new DataList and SQLQuery APIs, additional automatic escaping on some stricter inputs like column names
|
2012-05-16 11:59:22 +02:00 |
|
Ingo Schommer
|
40d73127ae
|
MINOR Using late static binding instead of Object::create() calls
|
2012-04-04 17:10:31 +02:00 |
|
Philipp Krenn
|
a67c6ce936
|
ENHANCEMENT Added section on security ratings, moved security process description from 'contributing' to 'release process' section
|
2012-02-01 11:10:10 +01:00 |
|
Ingo Schommer
|
04a10a4265
|
MINOR Updated coding conventions to require the 'public' keyword for class methods and variables
|
2012-01-30 23:13:42 +01:00 |
|
Ingo Schommer
|
73cca09960
|
BUGFIX Consistently using Convert::raw2sql() instead of DB::getConn()->addslashes() or PHP's deprecated addslashes() for database escaping
|
2011-09-15 14:43:34 +02:00 |
|
Ingo Schommer
|
c776a1cd67
|
BUGFIX Consistently using Convert::raw2sql() instead of DB::getConn()->addslashes() or PHP's deprecated addslashes() for database escaping
|
2011-09-15 14:24:46 +02:00 |
|
Michael Andrewartha
|
f3ac57394d
|
Small text changes, added api links, cont. updating images for tutorials, fixed tutorials from member feedback
|
2011-03-21 11:53:06 +13:00 |
|
Michael Andrewartha
|
626980acb5
|
Small text changes, added api links, cont. updating images for tutorials, fixed tutorials from member feedback
|
2011-03-09 10:05:51 +13:00 |
|
Ingo Schommer
|
8bd01d62c4
|
ENHANCEMENT Added sapphire/docs (migrated from https://github.com/chillu/silverstripe-doc-restructuring)
|
2011-02-07 19:55:13 +13:00 |
|
Ingo Schommer
|
b1c36ce0a4
|
ENHANCEMENT Added sapphire/docs (migrated from https://github.com/chillu/silverstripe-doc-restructuring)
|
2011-02-07 19:48:44 +13:00 |
|