tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-07-02 01:19:29 +02:00
Code Issues Projects Releases Wiki Activity
21,603 Commits 29 Branches 516 Tags 147 MiB
b002ef1171
Commit Graph

21603 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aaron Carlino
b002ef1171 Merge branch '4.4' into 4 2019-09-24 17:26:50 +12:00
Aaron Carlino
a0ec2f2811 Update translations 2019-09-24 17:26:37 +12:00
Aaron Carlino
79a89e751d Added 4.4.4 changelog 2019-09-24 17:05:26 +12:00
Aaron Carlino
c1047fac32 DOCS: Add docs for versioned files migration 2019-09-24 16:04:22 +12:00
Aaron Carlino
28057e3a71 DOCS: Add FileShortcodeProvider change to changelog 2019-09-24 16:03:48 +12:00
Serge Latyntcev
8b7063a8e2 [CVE-2019-12617] Fix access escalation for CMS users with limited access through permission cache pollution 2019-09-24 16:03:48 +12:00
Serge Latyntcev
eccfa9b10d [CVE-2019-12203] Session fixation in "change password" form 
A potential account hijacking may happen if an attacker has physical access to
victim's computer to perform session fixation. Also possible if the targeted application contains an XSS vulnerability.
Requires the victim to click the password reset link sent to their email.
If all the above happens, attackers may reset the password before the actual user does that.
 2019-09-24 16:03:48 +12:00
Aaron Carlino
1f92b21a04 DOCS: Add FileShortcodeProvider change to changelog 2019-09-24 16:03:48 +12:00
Guy Marriott
3659f2888d
FIX Add 'legal empty attributes' to allow empty alt values on i… (#9257) 
FIX Add 'legal empty attributes' to allow empty alt values on imgs
 2019-09-23 17:03:01 -07:00
Garion Herman
0d27f32cc9 FIX Add 'legal empty attributes' to allow empty alt values on imgs 
In some situations, a caption is used in place of a value in the alt
attribute, and in others an image may be cosmetic and not in need of an
alt attribute value (though the alt attribute must still be rendered in
this case).
 2019-09-24 11:44:12 +12:00
Robbie Averill
3cfc21c405
Merge pull request #9241 from open-sausages/pulls/4.4.3/fix-file-permission 
Fix administrators not being able to see files that are restricted to groups
 2019-09-23 11:13:26 -07:00
bergice
6a1c6ecec6 Fix administrators not being able to see files that are restricted to groups 
Resolves https://github.com/silverstripe/silverstripe-asset-admin/issues/777
 2019-09-23 16:44:28 +12:00
Guy Marriott
6ff97821ed Merge branch '4.4' into 4 2019-09-18 15:52:36 -07:00
Guy Marriott
7877ffcc85 Merge branch '4.3' into 4.4 2019-09-18 15:52:18 -07:00
Guy Marriott
109ac3f75f
Allow non summary fields to be used as grid field export fields (#9248) 
Allow non summary fields to be used as grid field export fields
 2019-09-18 15:33:25 -07:00
Hayden Shaw
daf9d55ecb Allow non summary fields to be used as export fields 
Fixes regression in 3d989a6eae.
 2019-09-19 10:00:54 +12:00
Robbie Averill
5f59d0e6d5
Merge pull request #9245 from open-sausages/pulls/4/docs-sec-release-is-core-release 
DOC Clarify that Security release is a SilverStripe Core release
 2019-09-17 16:44:58 -07:00
Serge Latyntcev
f185dfb2c5 DOC Clarify that Security release is a SilverStripe Core release 2019-09-18 11:19:55 +12:00
Robbie Averill
ed64adf12a
Merge pull request #9238 from christopherdarling/patch-15 
DOCS fix DataList::exclude() code example
 2019-09-15 12:36:10 -07:00
Christopher Darling
c8f274de80
DOCS fix DataList::exclude() code example 2019-09-15 20:34:18 +01:00
Robbie Averill
aa6b244db9 Merge branch '4.4' into 4 2019-09-13 18:11:46 -07:00
Robbie Averill
592ab6abc1 Merge branch '4.3' into 4.4 2019-09-13 18:11:34 -07:00
Robbie Averill
066ce8e01c Merge branch '4.2' into 4.3 
# Conflicts:
 #	src/View/ThemeResourceLoader.php
 2019-09-13 18:10:37 -07:00
Robbie Averill
b8e81983b9 DOCS Update PSR-12 compliance in GridField_ActionProvider docs code examples 
[ci skip]
 2019-09-13 18:09:10 -07:00
Robbie Averill
ed47f43133
Merge pull request #9169 from jakxnz/patch-1 
Update 04_Create_a_GridField_ActionProvider.md
 2019-09-13 18:05:51 -07:00
Robbie Averill
750818ba9b Merge branch 'pulls/4/docs-file-header-upgrade-warning' into 4 2019-09-13 18:02:40 -07:00
Ingo Schommer
229df95fe9 DOCS Warning about protected file serving in 4.x 2019-09-13 18:01:44 -07:00
Robbie Averill
cfe86ad5a1
Merge pull request #9153 from creative-commoners/pulls/4.4/stream-ree-tags 
FIX Skip md5-ing the whole contents of a stream for etags
 2019-09-13 17:59:26 -07:00
Robbie Averill
9a76d4adb4
Merge pull request #9181 from kinglozzer/8762-shortcode-templates 
NEW: Use templates to render embed shortcodes (closes #8762)
 2019-09-13 17:58:32 -07:00
Andre Kiste
cf90cfdd2a
Merge pull request #9221 from open-sausages/pulls/4.3/recursive-writeComponent 
BUG Allow infinite loop when calling DataObject::writeComponent() recursively
 2019-09-12 17:18:08 +12:00
Serge Latyntsev
233e0e7aa0 ENH PasswordExpirationMiddleware implementation (#9207) 2019-09-12 14:34:06 +12:00
Robbie Averill
6d6c4c652c
Merge pull request #9234 from chrometoasters/pulls/update-sqlite3-for-travis 
Update sqlite3 dependency for Travis tests using SQLite to 2.2.x
 2019-09-11 16:17:47 -07:00
Michal Kleiner
7a0c07906a
Update sqlite3 dependency for Travis tests using SQLite 2019-09-12 11:00:41 +12:00
Aaron Carlino
da6582f593 NEW: Remove web installer, move to separate package (#9231) 
* Remove installer

* Remove exposed install files

* Replace Dev/Install classes still in use

* Update changelog

* FIX make the grid field actions consistent to what they look like on pages

Resolves https://github.com/silverstripe/silverstripe-admin/issues/904

* Docs changes
 2019-09-11 13:10:25 +12:00
Andre Kiste
75cd9dc944
Merge pull request #9202 from open-sausages/pulls/4/document-ss32-variant-migration 
DOC Explain how to mgirate SS3.2 variants
 2019-09-11 11:47:28 +12:00
Maxime Rainville
591b88a9bc BUG Allow infinite loop when calling DataObject::writeComponent() recursively 2019-09-10 14:15:28 +12:00
Robbie Averill
b6fb6a6461
Merge pull request #9229 from silverstripe/pulls/secure-coding-docs 
Update secure coding standards
 2019-09-09 18:34:36 -07:00
Matt Peel
7083f016c1
Update secure coding standards 
As of SS4.0.0 and the introduction of TrustedProxyMiddleware, the default now if no trusted proxies are defined is that nothing is a trusted proxy, whereas in SS3 a missing declaration was treated as everything being allowed.
 2019-09-10 12:55:24 +12:00
Andre Kiste
23719af2a1
Apply suggestions from code review 
Typos
 2019-09-09 13:36:53 +12:00
Maxime Rainville
c165561580
Fix typos 
Co-Authored-By: Robbie Averill <robbie@averill.co.nz>
 2019-09-09 09:06:40 +12:00
Guy Marriott
f788a8a927
FIX Member::getLastName() now correctly returns the Member surn… (#9226) 
FIX Member::getLastName() now correctly returns the Member surname
 2019-09-07 09:12:50 +12:00
Robbie Averill
e8c2f963fd FIX Member::getLastName() now correctly returns the Member surname 2019-09-06 12:12:27 -07:00
Robbie Averill
41a766d135
Merge pull request #9085 from kinglozzer/9084-path-join-exception 
Catch Path::join() exceptions in findTemplate() (fixes #9084)
 2019-09-06 12:00:39 -07:00
Robbie Averill
66ca1c925f
Merge pull request #9217 from silverstripe/doc-node10 
Update recommended node version in contrib docs
 2019-09-06 11:54:41 -07:00
Robbie Averill
23b40557e8
Reduce version for Node 10 to SilverStripe 4.4 
[ci skip]

Co-Authored-By: Garion Herman <garion@silverstripe.com>
 2019-09-06 11:54:14 -07:00
Robbie Averill
42dd02ef78
Merge pull request #9122 from aNickzz/4 
Add onBeforeRenderHolder extension point for FormField
 2019-09-06 11:53:10 -07:00
Hels666
22a6a5b1e3 NEW Add getLastName() method to Member.php (#9222) 
* Add getLastName() method to Member.php

Add getLastName() method to Silverstripe\Security\Member.php to allow use of $LastName instead of $Surname in templates as it is a common mistake made

this is for issue #9219
as discussed in Slack on 04-Sep-2019

* Minor doc block clean-up

* Update src/Security/Member.php - typo fix

Co-Authored-By: Guy Marriott <guy@scopey.co.nz>
 2019-09-06 20:31:22 +12:00
Guy Marriott
25de735a9f
Merge pull request #9224 from open-sausages/pulls/4/docs-uservoice-removal 
DOCS Remove uservoice mentions
 2019-09-06 16:26:26 +12:00
Ingo Schommer
e3f06c4468 DOCS Remove uservoice mentions 
See https://forum.silverstripe.org/t/a-new-way-to-manage-feature-ideas/2264
 2019-09-06 16:01:30 +12:00
Garion Herman
1b94131cad
Merge pull request #9212 from open-sausages/pulls/4/docs-requirements 
DOCS Rewrite server requirements and install docs
 2019-09-05 16:02:23 +12:00