Ingo Schommer
310f8f6a03
BUGFIX Using RandomGenerator class in Member->logIn(), Member->autoLogin() and Member->generateAutologinHash() for better randomization of tokens. Increased VARCHAR length of 'RememberLoginToken' and 'AutoLoginHash' fields to 1024 characters to support longer token strings. (from r114504)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114507 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:20:04 +13:00
Ingo Schommer
486091e4ec
API CHANGE Member->canEdit() returns false if the editing member has lower permissions than the edited member, for example if a member with CMS_ACCESS_SecurityAdmin permissions tries to edit an ADMIN ( fixes #5651 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@110856 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:50 +13:00
Sean Harvey
845b821f9e
MINOR Remove whitespace if Surname field set on Member, but not FirstName
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@109334 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:47 +13:00
Will Rossiter
947aeaed81
MINOR: trim space off end of firstname if surname is not set. #5925
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@109330 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:47 +13:00
Sean Harvey
0cbde73445
API CHANGE #5873 DataObjectSet::shift() now performs a proper shift instead of unshift (wrong). Please use DataObjectSet::unshift($item) if unshifting was intended!
...
API CHANGE Added DataObjectSet::pop()
MINOR Unit tests for DataObjectSet::shift(), DataObjectSet::unshift() and DataObjectSet::pop()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@109156 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:46 +13:00
Sam Minnee
d612dd6a2c
API CHANGE Member::set_session_regenerate_id() can now be used to disable Member::session_regenerate_id() which can break setting session cookies across all subdomains of a site
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@109103 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:46 +13:00
Sean Harvey
f9257a6035
ENHANCEMENT New Member records are populated with the currently set default through i18n::set_locale()
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@108499 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:43 +13:00
Sean Harvey
79b6c9d9cb
BUGFIX Member_ProfileForm should fallback to english text for save button if no translation defined for current language
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@108408 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:41 +13:00
Sean Harvey
ae6d1c8e33
MINOR Fixed incorrect word "colon" with "dot"
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@108002 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:39 +13:00
Sean Harvey
2cf33bc2d7
BUGFIX #5833 Duplicate IDs when two similar date formats in Member_DatetimeOptionsetField containing different delimiters (e.g / and .) replaced to an empty string
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@108001 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:39 +13:00
Ingo Schommer
7ac4a9ec4d
BUGFIX Fixed Member->PasswordEncryption defaults when writing new Member without setting a password. Fixes critical issue with MemberTableField saving in admin/security, where new members are stored with a cleartext password by default instead of using the default SHA1 (see #5772 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@107532 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:37 +13:00
Sean Harvey
0df0dbd12c
ENHANCEMENT Member_DatetimeOptionsetField toggle text is now translatable
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@107365 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:35 +13:00
Sean Harvey
11568cf4e5
ENHANCEMENT #5352 Translatable entities for help text in Member_DatetimeOptionsetField::getFormattingHelpText()
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@107334 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:35 +13:00
Sean Harvey
3be26a4cec
ENHANCEMENT #5352 Decouple date display from i18n locales, users now have access to change their date and time formats in Member::getCMSFields() using Member_DatetimeOptionsetField field
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@107326 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:35 +13:00
Will Rossiter
c38dc3b1b4
APICHANGE: moved Group::addToGroupByName to $member->addToGroupByCode.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@106217 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:31 +13:00
Mark Stephens
68e3ff3481
BUGFIX: get_title_sql has string concat hardcoded as ||, fixed for MSSQL which uses +, fix for #5613
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@105337 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:28 +13:00
Mateusz Uzdowski
758d294b5d
BUGFIX: when using custom Member title, the join was failing - it had wrong parameters. Now changed to correctly handle the ansi sql join for all Member columns.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@104552 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:21 +13:00
Normann Lou
83efb8bb63
BUGFIX: table and column names now quoted properly
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@103851 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:19 +13:00
Ingo Schommer
d12183bb3b
BUGFIX Choosing i18n::default_locale() in Member->populateDefaults() instead of "current locale". This fixes a bug where a new member created through admin/security automatically "inherits" the current locale settings of the admin creating it.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@103582 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:16 +13:00
Ingo Schommer
df15a3a9f4
MINOR Returning ValidationResult from Member->onBeforeWrite() to ensure the ValidationException is compatible with MemberTableField (related to r103336)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@103337 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:14 +13:00
Andreas Piening
b305efe172
BUGFIX: exchanged MySQL CONCAT function with ANSI compliant operator
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@102237 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:11 +13:00
Tom Rix
444d6d3137
BUGFIX avoid call to non-object
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@101794 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:09 +13:00
Geoff Munn
3dfeb93a78
BUGFIX: tables and column quoted properly
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@101554 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:05 +13:00
Sean Harvey
470082d12d
BUGFIX Cookies set to a value other than NULL (effectively unsetting the cookie) will now use the httpOnly parameter by default for better XSS protection (from r101045)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@101046 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:00 +13:00
Ingo Schommer
e7806f28cf
ENHANCEMENT Creating default "Content Authors" group with limited rights if no other groups exist.
...
MINOR Moved Permission->requireDefaultRecords() to Group->requireDefaultRecords() and Member->requireDefaultRecords().
MINOR Removed outdated checks for CanCMS and CanCMSAdmin from Permission->requireDefaultRecords()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100799 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:53 +13:00
Ingo Schommer
90e8171536
API CHANGE Removed "auto-merging" of member records from Member->onBeforeWrite() due to security reasons - please use DataObject->merge() explicitly if this is desired behaviour (from r100705)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100718 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:51 +13:00
Ingo Schommer
d61f45ea61
BUGFIX Fixing Member_ProfileForm to validate for existing members via Member_Validator to avoid CMS users to switch to another existing user account by using their email address (from r100704)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100717 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:51 +13:00
Luke Hudson
5feb78c04f
BUGFIX: Set Member default Locale
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100527 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:48 +13:00
Ingo Schommer
29c8e8ba07
ENHANCEMENT Only show 'HTML Editor Config' dropdown in Group->getCMSFields() if more than one option exists
...
BUGFIX Fixed bogus HTMLEditorConfig instance when get() is called without a valid identifier (due to NULL database columns) (from r99599)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99667 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:41 +13:00
Ingo Schommer
ebaf33c720
FEATURE Showing (readonly) permissions for a Member record in admin/security popup (from r99586)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99662 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:40 +13:00
Ingo Schommer
4a6acf6e35
FEATURE View and select groups for a specific member via the member popup in admin/security (requires EDIT_PERMISSIONS) (from r98880)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99648 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:40 +13:00
Ingo Schommer
7280144b6a
BUGFIX: Take into account tablename with custom columns in get_title_sql (from r97003)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99101 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:37 +13:00
Ingo Schommer
3c3cb7fd0e
BUGFIX use proper quotes for sep (from r96401)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99100 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:37 +13:00
Ingo Schommer
7a63868fd6
MINOR ability to customize the text that comes out of Member->Title
...
MINOR updated workflow reports (from r96352)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99099 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:37 +13:00
Sean Harvey
3d6baa81d5
BUGFIX Don't show FailedLoginCount field unless Member::$lock_out_after_incorrect_logins is enabled
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99031 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:33 +13:00
Andrew Short
a0ab707feb
FEATURE: Moved the log-in validation process from individual authenticators into Member->checkPassword() and canLogIn(), to allow more extensibility and control (trunk, 2.4).
...
MINOR: Use a ValidationResult to log in a member so that custom errors can be generated.
From: Andrew Short <andrewjshort@gmail.com> (from r98267)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@98268 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:25 +13:00
Will Rossiter
18fe161702
BUGFIX: fixed member labels not appearing in cms popup. #5025
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@98030 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:19 +13:00
Ingo Schommer
4557ba87aa
API CHANGE Removed Member::init_db_fields(), its no longer needed due to the Member.PasswordEncyrption property changing from an ENUM to Varchar.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97818 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:16 +13:00
Ingo Schommer
51c14227b2
API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271 )
...
API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method.
ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install()
MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin'
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97478 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:13 +13:00
Andrew Short
168114d4e2
ENHANCEMENT: Updated Member->getMemberFormFields() to use scaffolding and to be in line with Member->getCMSFields().
...
From: Andrew Short <andrewjshort@gmail.com> (from r97401)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97436 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:12 +13:00
Sean Harvey
06b7dc5de3
BUGFIX #4686 Fixed $member non-object error, and decorated checks from not working in Member::canView(), Member::canEdit() and Member::canDelete()
...
MINOR Added additional tests to MemberTest
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@94358 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:57 +13:00
Will Rossiter
eb64eec534
API CHANGE: removed deprecated extend calls (r93632). API CHANGE: removed fieldExists(). Use hasField() (r93633). API CHANGE removed listOfFields() (r93647). API CHANGE: removed Tag() and URL() from Image. Use getTag() and getURL(). BUGFIX: updated Image.php to use getTag() (r93639, r93646). API CHANGE: removed val(). Use XML_val() (r93650). API CHANGE: removed $add_action. Use singlar_name or lang tables (r93658). API CHANGE: removed ConfirmedFormAction (r93674). API CHANGE: removed ajax_render on CTF (r93679).
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@93685 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:53 +13:00
Ingo Schommer
03c5caea72
MINOR Updated paths from jsparty to sapphire/thirdparty, cms/thirdparty and sapphire/javascript
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@93611 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:52 +13:00
Sean Harvey
c34ef6d562
BUGFIX More robust checks on the current member in Member::canEdit() and Member::canDelete() if there is no logged in member
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@92129 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:37 +13:00
Ingo Schommer
07fc3650a3
ENHANCEMENT Pluggable password encryption through PasswordEncryptor class ( #3665 ) (merged from r90949)
...
BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004 ) (merged from r90949)
API CHANGE Deprecated Security::encrypt_passwords() (merged from r90949)
API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation (merged from r90949)
API CHANGE Removed Security::get_encryption_algorithms() (merged from r90949)
API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword
API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others. (merged from r90949)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91576 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:36 +13:00
Tom Rix
8216448da3
MINOR run checks before running hasMethod, as an extension does not neccessairily have that method.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90691 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-03 02:33:53 +00:00
Tom Rix
3dfa7a2103
MINOR fixed ambiguous column
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90481 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-30 00:23:02 +00:00
Sam Minnee
994e93f790
API CHANGE: replaced Database::USE_ANSI_SQL with DB::USE_ANSI_SQL
...
API CHANGE: replaced Database::alteration_message() with DB::alteration_message()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90097 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-26 22:03:29 +00:00
Andrew Short
79773042be
API CHANGE: Renamed conflicting classes to have an "SS_" namespace, and renamed existing "SS" namespace to "SS_". The affected classes are: HTTPRequest, HTTPResponse, Query, Database, SSBacktrace, SSCli, SSDatetime, SSDatetimeTest, SSLog, SSLogTest, SSLogEmailWriter, SSLogErrorEmailFormatter, SSLogErrorFileFormatter, SSLogFileWriter and SSZendLog.
...
MINOR: Replaced usage of renamed classes with the new namespaced name.
From: Andrew Short <andrewjshort@gmail.com>
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90075 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-26 03:06:31 +00:00
Sean Harvey
8bd78f77d8
MINOR Supress session warnings in session_regenerate_id() for a win32 environment (from r81984)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89712 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-21 02:21:05 +00:00