tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
16,869 Commits 31 Branches 527 Tags 162 MiB
b1dc89ef8a
Commit Graph

16869 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aaron Carlino
b1dc89ef8a Added 3.7.4 changelog 2019-09-24 16:51:42 +12:00
Serge Latyntcev
e7469dadb0 Merge branch '3.6' into 3.7 2019-09-24 14:26:53 +12:00
Aaron Carlino
a6763298fe
Merge pull request #92 from silverstripe-security/pulls/3.6/cve-2019-12203 
[CVE-2019-12203] Session fixation in "change password" form
 2019-09-24 11:00:22 +12:00
Serge Latyntcev
a86093fee6 [CVE-2019-12203] Session fixation in "change password" form 
A potential account hijacking may happen if an attacker has physical access to
victim's computer to perform session fixation. Also possible if the targeted application contains an XSS vulnerability.
Requires the victim to click the password reset link sent to their email.
If all the above happens, attackers may reset the password before the actual user does that.
 2019-09-24 10:57:40 +12:00
Aaron Carlino
afcd966740
MINOR: Fix travis. Use trusty (#9256) 2019-09-24 10:56:44 +12:00
Serge Latyntcev
014c99a128 Merge branch '3.6' into 3.7 2019-09-23 13:54:16 +12:00
Garion Herman
53f5c3d0e5
Merge pull request #9196 from creative-commoners/pulls/3.7/pass-member-to-access 
FIX Member argument is now passed to LeftAndMain::alternateAccessCheck()
 2019-08-27 14:35:39 +12:00
Robbie Averill
7d901a6d9b FIX Member argument is now passed to LeftAndMain::alternateAccessCheck() 2019-08-27 11:23:02 +12:00
Robbie Averill
8c41dbb8b4
Merge pull request #9110 from open-sausages/pulls/3.7/boldy-into-the-php74-futur-goes-silverstripe-iii 
BUG Require a PHP7.4 compatible fork of phpunit-mock-objects
 2019-07-19 14:38:41 +02:00
Robbie Averill
f72e80689e DOCS Move PHP 7.4 notes to an unreleased 3.7.4 changelog file 2019-07-19 14:13:51 +02:00
Maxime Rainville
329fcfd700 DOC Add a note about our PHP 7.4 fork of phpunit/phpunit-mock-objects 2019-07-15 13:34:08 +12:00
Maxime Rainville
b250e14ace BUG Require PHP7.4 compatible fork of phpunit-mock-objects 2019-07-12 14:45:06 +12:00
Robbie Averill
d8014d3110 DOCS Update PHPdoc on Authenticator::set_default_authenticator() to show param name 2019-07-01 11:58:30 +12:00
Loz Calver
0692e26cc7
Bump Travis memory limit 2019-05-13 10:26:30 +01:00
Loz Calver
49cafeeaf1
Merge pull request #8855 from sminnee/ss3-php74 
NEW: Add PHP 7.4’s daily snapshot to the travis suite (SS 3.7)
 2019-05-13 09:45:18 +01:00
Robbie Averill
e57beefb43
Merge pull request #8920 from tractorcow/pulls/3.7/backport-parsererror-fix 
BUG Back-port silverstripe-admin#769 to 3.7
 2019-04-15 14:38:17 +12:00
Damian Mooyman
ad3c58f2d8
BUG Back-port https://github.com/silverstripe/silverstripe-admin/pull/769 to 3.7, fix parsererror issue 2019-04-15 14:02:40 +12:00
Sam Minnee
0bf03a3e77 NEW: Add PHP 7.4’s daily snapshot to the travis suite. 
Also clean up the PHP 7.3 build.

This will help avoid any inadvertent 7.4 failures; IMO the sooner we
add new releases to the test mix the better.

If this ends up creating intermittent failures outside of our control
I would recommend rolling back entirely rather than adding to
allowed_failures.

The main goal of testing PHP 7.4 on SS3 sites is to let us keep 
upgrading PHP versions regularly until the end of SS3’s life.
 2019-03-13 14:21:21 +13:00
Robbie Averill
e968454465
Merge pull request #8821 from open-sausages/pulls/3.6/restore-dynamic-field-assigment 
BUG Renable the ability to do dynamic assignment with DBField
 2019-02-27 09:52:21 +11:00
Maxime Rainville
bd92969418 FIX Use a function common to MySQL, SQLite and PostgreSQL to test dynamic DBFIeld assigment 2019-02-26 14:20:14 +13:00
Maxime Rainville
adbc560bd7 BUG Address PR feedback. 2019-02-25 15:16:26 +13:00
Maxime Rainville
4ec1a682cf BUG Renable the ability to do dynamic assignment with DBField 2019-02-22 12:09:15 +13:00
Aaron Carlino
5123361b5b Merge branch '3.6' into 3.7 2019-02-20 11:45:46 +13:00
Maxime Rainville
ab5f09a9f3 FIX Updated unit test were targeting Float/Int which don't exist on PHP7 (#8810) 2019-02-20 11:44:45 +13:00
Robbie Averill
9e45ff17df Merge branch '3.6' into 3.7 2019-02-19 08:33:33 +07:00
Aaron Carlino
8c9e8fb5f3 Added 3.6.7 changelog 2019-02-12 22:02:19 +13:00
Aaron Carlino
c44f06cdf1 [SS-2018-021] Patch SQL Injection vulnerability when arrays are assigned to DataObject Fields 2019-02-12 21:58:27 +13:00
Aaron Carlino
bb5701b73d Added 3.7.3 changelog 2019-02-12 21:44:41 +13:00
Aaron Carlino
6bf9542d66 [SS-2018-021] Patch SQL Injection vulnerability when arrays are assigned to DataObject Fields 2019-02-12 21:36:50 +13:00
Guy Marriott
11b87a430c
Merge pull request #8772 from webbuilders-group/block-manifest-of-object 
FIX: Block Manifest of the compatibility class Object and lean on the compatibility auto loader
 2019-02-08 10:47:04 +13:00
UndefinedOffset
8e6e703358 FIX: Block Manifest of the compatibility class Object and lean on model/fieldtypes/compat/autoload.php 2019-01-30 10:25:02 -04:00
Robbie Averill
4182d1b60c Merge branch '3.6' into 3.7 2019-01-29 13:59:56 +02:00
Robbie Averill
6eff32b7ab
Merge pull request #8747 from kinglozzer/defaults-i-got-em-from-my-momma-class 
FIX: Injector may instantiate prototypes as if they're singletons (fixes #8567)
 2019-01-29 13:57:48 +02:00
Loz Calver
746c0679ad FIX: Injector may instantiate prototypes as if they're singletons (fixes #8567) 2019-01-23 11:47:28 +00:00
Robbie Averill
1c18d9505f
Merge pull request #8722 from lerni/fix-Warning]-on-count()-with-PHP->=-7.2 
fix [Warning] on count() with PHP >= 7.2
 2019-01-11 17:59:17 +01:00
lerni
16a837d6a0 fix [Warning] on count() with PHP >= 7.2 2019-01-11 17:22:58 +01:00
Robbie Averill
e9b23d45a7
Merge pull request #8702 from jchenevey/3.7 
SS_Object::removeMethodsFrom silence notices
 2019-01-09 00:16:07 +01:00
Joe Chenevey
1bc51a1c39
Update Object.php 
Switch to an early `continue` rather than wrapping contents of `foreach` in an `if` and indenting.
 2019-01-08 15:28:15 -05:00
Joe Chenevey
02e31932f8
Update Object.php 
Check to ensure `self::$extra_methods[$this->class][$method]` exists before trying to retrieve it. Prevents a bunch of notices from being generated.
 2019-01-08 15:02:22 -05:00
Robbie Averill
214c6ddb8e Merge branch '3.6' into 3.7 2018-11-15 14:15:08 +02:00
Robbie Averill
b9c29e7e8f
Merge pull request #8611 from kinglozzer/redirect-loop-3 
FIX: Redirect loop with multiple URL tokens (fixes #8607)
 2018-11-15 14:13:36 +02:00
Loz Calver
86701b8cd0 FIX: Redirect loop with multiple URL tokens (fixes #8607) 2018-11-15 11:15:41 +00:00
Aaron Carlino
bd0141eb72 Added 3.7.2 changelog 2018-11-07 23:22:05 +13:00
Aaron Carlino
a7d511e739 Merge branch '3.6' into 3.7 2018-11-07 11:36:17 +13:00
Loz Calver
598edd9134 [SS-2018-019] Add confirmation token to dev/build 2018-11-07 11:35:31 +13:00
Robbie Averill
144194600c [SS-2018-018] Ignore arguments in mysqli::real_connect backtrace calls 2018-10-17 14:36:08 +02:00
Loz Calver
8061e72bb4
Merge pull request #8435 from sminnee/faster-cleartable-ss3 
FIX: Use DELETE FROM instead of TRUNCATE for clearTable
 2018-10-11 12:32:33 +02:00
Robbie Averill
726fc3b06b
Merge pull request #8403 from sminnee/php73-test 
NEW: Add test for PHP 7.3 support
 2018-10-03 13:20:45 +02:00
Sam Minnee
ae9ab22a8f FIX: Use DELETE FROM instead of TRUNCATE for clearTable 
clearTable is mainly used for clearing data between tests. In this case,
there are very few or zero records, and DELETE FROM is quicker than
TRUNCATE, which works by deleting and recreating the table.

This materially speeds up test execution, at least on MySQL.
 2018-10-03 13:19:31 +13:00
Sam Minnee
c5201dc01a FIX: Allow DataObjectTest to be run by itself 2018-10-03 13:19:29 +13:00