Ingo Schommer
7ac4a9ec4d
BUGFIX Fixed Member->PasswordEncryption defaults when writing new Member without setting a password. Fixes critical issue with MemberTableField saving in admin/security, where new members are stored with a cleartext password by default instead of using the default SHA1 (see #5772 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@107532 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:37 +13:00
Sean Harvey
0df0dbd12c
ENHANCEMENT Member_DatetimeOptionsetField toggle text is now translatable
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@107365 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:35 +13:00
Sean Harvey
11568cf4e5
ENHANCEMENT #5352 Translatable entities for help text in Member_DatetimeOptionsetField::getFormattingHelpText()
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@107334 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:35 +13:00
Sean Harvey
3be26a4cec
ENHANCEMENT #5352 Decouple date display from i18n locales, users now have access to change their date and time formats in Member::getCMSFields() using Member_DatetimeOptionsetField field
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@107326 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:35 +13:00
Will Rossiter
c38dc3b1b4
APICHANGE: moved Group::addToGroupByName to $member->addToGroupByCode.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@106217 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:31 +13:00
Mark Stephens
68e3ff3481
BUGFIX: get_title_sql has string concat hardcoded as ||, fixed for MSSQL which uses +, fix for #5613
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@105337 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:28 +13:00
Mateusz Uzdowski
758d294b5d
BUGFIX: when using custom Member title, the join was failing - it had wrong parameters. Now changed to correctly handle the ansi sql join for all Member columns.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@104552 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:21 +13:00
Normann Lou
83efb8bb63
BUGFIX: table and column names now quoted properly
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@103851 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:19 +13:00
Ingo Schommer
d12183bb3b
BUGFIX Choosing i18n::default_locale() in Member->populateDefaults() instead of "current locale". This fixes a bug where a new member created through admin/security automatically "inherits" the current locale settings of the admin creating it.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@103582 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:16 +13:00
Ingo Schommer
df15a3a9f4
MINOR Returning ValidationResult from Member->onBeforeWrite() to ensure the ValidationException is compatible with MemberTableField (related to r103336)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@103337 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:14 +13:00
Andreas Piening
b305efe172
BUGFIX: exchanged MySQL CONCAT function with ANSI compliant operator
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@102237 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:11 +13:00
Tom Rix
444d6d3137
BUGFIX avoid call to non-object
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@101794 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:09 +13:00
Geoff Munn
3dfeb93a78
BUGFIX: tables and column quoted properly
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@101554 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:05 +13:00
Sean Harvey
470082d12d
BUGFIX Cookies set to a value other than NULL (effectively unsetting the cookie) will now use the httpOnly parameter by default for better XSS protection (from r101045)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@101046 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:00 +13:00
Ingo Schommer
e7806f28cf
ENHANCEMENT Creating default "Content Authors" group with limited rights if no other groups exist.
...
MINOR Moved Permission->requireDefaultRecords() to Group->requireDefaultRecords() and Member->requireDefaultRecords().
MINOR Removed outdated checks for CanCMS and CanCMSAdmin from Permission->requireDefaultRecords()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100799 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:53 +13:00
Ingo Schommer
90e8171536
API CHANGE Removed "auto-merging" of member records from Member->onBeforeWrite() due to security reasons - please use DataObject->merge() explicitly if this is desired behaviour (from r100705)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100718 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:51 +13:00
Ingo Schommer
d61f45ea61
BUGFIX Fixing Member_ProfileForm to validate for existing members via Member_Validator to avoid CMS users to switch to another existing user account by using their email address (from r100704)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100717 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:51 +13:00
Luke Hudson
5feb78c04f
BUGFIX: Set Member default Locale
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100527 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:48 +13:00
Ingo Schommer
29c8e8ba07
ENHANCEMENT Only show 'HTML Editor Config' dropdown in Group->getCMSFields() if more than one option exists
...
BUGFIX Fixed bogus HTMLEditorConfig instance when get() is called without a valid identifier (due to NULL database columns) (from r99599)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99667 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:41 +13:00
Ingo Schommer
ebaf33c720
FEATURE Showing (readonly) permissions for a Member record in admin/security popup (from r99586)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99662 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:40 +13:00
Ingo Schommer
4a6acf6e35
FEATURE View and select groups for a specific member via the member popup in admin/security (requires EDIT_PERMISSIONS) (from r98880)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99648 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:40 +13:00
Ingo Schommer
7280144b6a
BUGFIX: Take into account tablename with custom columns in get_title_sql (from r97003)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99101 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:37 +13:00
Ingo Schommer
3c3cb7fd0e
BUGFIX use proper quotes for sep (from r96401)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99100 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:37 +13:00
Ingo Schommer
7a63868fd6
MINOR ability to customize the text that comes out of Member->Title
...
MINOR updated workflow reports (from r96352)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99099 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:37 +13:00
Sean Harvey
3d6baa81d5
BUGFIX Don't show FailedLoginCount field unless Member::$lock_out_after_incorrect_logins is enabled
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99031 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:33 +13:00
Andrew Short
a0ab707feb
FEATURE: Moved the log-in validation process from individual authenticators into Member->checkPassword() and canLogIn(), to allow more extensibility and control (trunk, 2.4).
...
MINOR: Use a ValidationResult to log in a member so that custom errors can be generated.
From: Andrew Short <andrewjshort@gmail.com> (from r98267)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@98268 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:25 +13:00
Will Rossiter
18fe161702
BUGFIX: fixed member labels not appearing in cms popup. #5025
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@98030 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:19 +13:00
Ingo Schommer
4557ba87aa
API CHANGE Removed Member::init_db_fields(), its no longer needed due to the Member.PasswordEncyrption property changing from an ENUM to Varchar.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97818 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:16 +13:00
Ingo Schommer
51c14227b2
API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271 )
...
API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method.
ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install()
MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin'
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97478 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:13 +13:00
Andrew Short
168114d4e2
ENHANCEMENT: Updated Member->getMemberFormFields() to use scaffolding and to be in line with Member->getCMSFields().
...
From: Andrew Short <andrewjshort@gmail.com> (from r97401)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97436 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:18:12 +13:00
Sean Harvey
06b7dc5de3
BUGFIX #4686 Fixed $member non-object error, and decorated checks from not working in Member::canView(), Member::canEdit() and Member::canDelete()
...
MINOR Added additional tests to MemberTest
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@94358 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:57 +13:00
Will Rossiter
eb64eec534
API CHANGE: removed deprecated extend calls (r93632). API CHANGE: removed fieldExists(). Use hasField() (r93633). API CHANGE removed listOfFields() (r93647). API CHANGE: removed Tag() and URL() from Image. Use getTag() and getURL(). BUGFIX: updated Image.php to use getTag() (r93639, r93646). API CHANGE: removed val(). Use XML_val() (r93650). API CHANGE: removed $add_action. Use singlar_name or lang tables (r93658). API CHANGE: removed ConfirmedFormAction (r93674). API CHANGE: removed ajax_render on CTF (r93679).
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@93685 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:53 +13:00
Ingo Schommer
03c5caea72
MINOR Updated paths from jsparty to sapphire/thirdparty, cms/thirdparty and sapphire/javascript
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@93611 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:52 +13:00
Sean Harvey
c34ef6d562
BUGFIX More robust checks on the current member in Member::canEdit() and Member::canDelete() if there is no logged in member
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@92129 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:37 +13:00
Ingo Schommer
07fc3650a3
ENHANCEMENT Pluggable password encryption through PasswordEncryptor class ( #3665 ) (merged from r90949)
...
BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004 ) (merged from r90949)
API CHANGE Deprecated Security::encrypt_passwords() (merged from r90949)
API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation (merged from r90949)
API CHANGE Removed Security::get_encryption_algorithms() (merged from r90949)
API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword
API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others. (merged from r90949)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91576 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:36 +13:00
Tom Rix
8216448da3
MINOR run checks before running hasMethod, as an extension does not neccessairily have that method.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90691 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-03 02:33:53 +00:00
Tom Rix
3dfa7a2103
MINOR fixed ambiguous column
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90481 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-30 00:23:02 +00:00
Sam Minnee
994e93f790
API CHANGE: replaced Database::USE_ANSI_SQL with DB::USE_ANSI_SQL
...
API CHANGE: replaced Database::alteration_message() with DB::alteration_message()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90097 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-26 22:03:29 +00:00
Andrew Short
79773042be
API CHANGE: Renamed conflicting classes to have an "SS_" namespace, and renamed existing "SS" namespace to "SS_". The affected classes are: HTTPRequest, HTTPResponse, Query, Database, SSBacktrace, SSCli, SSDatetime, SSDatetimeTest, SSLog, SSLogTest, SSLogEmailWriter, SSLogErrorEmailFormatter, SSLogErrorFileFormatter, SSLogFileWriter and SSZendLog.
...
MINOR: Replaced usage of renamed classes with the new namespaced name.
From: Andrew Short <andrewjshort@gmail.com>
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90075 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-26 03:06:31 +00:00
Sean Harvey
8bd78f77d8
MINOR Supress session warnings in session_regenerate_id() for a win32 environment (from r81984)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89712 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-21 02:21:05 +00:00
Sam Minnee
9642c7171c
ENHANCEMENT: Added Member::set_login_marker_cookie(), to let developers bypass static caching for logged-in users (from r73803)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88635 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-12 03:27:41 +00:00
Sean Harvey
8b6772fff0
Merged in Member::sendInfo() bug fixes from branches/2.3 - r85779
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86679 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-18 03:07:15 +00:00
Ingo Schommer
2700d73e97
ENHANCEMENT Limiting "alc_enc" cookie (remember login token) to httpOnly to reduce risk of information exposure through XSS
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86027 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 03:23:31 +00:00
Ingo Schommer
ed5475bbae
ENHANCEMENT Added Member->FailedLoginCount property to allow Member->registerFailedLogin() to persist across sessions by writing them to the database, and be less vulnerable to brute force attacks. This means failed logins will persist longer than before, but are still reset after a valid login.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86017 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 02:42:26 +00:00
Sam Minnee
cd3db788a9
BUGFIX: Performance improvement to Member::currentUserID()
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84167 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-08-11 09:16:34 +00:00
Andrew O'Neil
66543e6002
NOTFORMERGE: Merged 84085 from 2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84089 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-08-10 04:32:39 +00:00
Ingo Schommer
dfa44c055c
API CHANGE Changing DataObject::$changed to private visiblity. Please use getChangedFields() and isChanged()
...
ENHANCEMENT Added DataObject->isChanged() to detect if a field has been changed in this object instance
MINOR Changing call to CompositeDBField->compositeDatabaseFields() in DataObject->hasOwnDatabaseField()
BUGFIX Unsettig "Version" property in DataObject->getChangedField() to allow versioned to write a new version after a call to forceChange()
BUGFIX Introduced $markChanged in Money class
BUGFIX Casting Money->__toString() return value as string
MINOR Changing Member class to use new DataObject->isChanged() API
BUGFIX Using new $markChanged API for CompositeDBFields in DBField::create()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@77893 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-05-27 00:09:23 +00:00
Sean Harvey
230a70b0b7
API CHANGE Removed @deprecated 2.3 function isInGroup() from Member
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@77342 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-05-20 04:54:00 +00:00
Sean Harvey
a5e82ddff1
Merged from branches/2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75590 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-29 01:20:24 +00:00
Sean Harvey
13b358a8dd
Merged from branches/2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75582 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-29 00:07:39 +00:00