tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity
4,805 Commits 31 Branches 527 Tags
Commit Graph

111 Commits

Author SHA1 Message Date
Ingo Schommer
0bae1826bb FIX Opt-out pf form message escaping (fixes #2796) 
This fixes a limitation introduced through http://www.silverstripe.org/ss-2013-008-xss-in-numericfield-validation/.
Form messages used to accept HTML, now they’re escaped by default, effectively removing the ability
to pass in HTML and take care of escaping manually.

We pass through HTML to message in core through the CTF system, so this needs to be fixed.
It’s an alternative fix to https://github.com/silverstripe/silverstripe-framework/pull/2803.
 2014-08-22 09:08:55 +12:00
Ingo Schommer
b3a086e2c9 BUGFIX Fixed ComplexTableField and TableListField GET actions against CSRF attacks (with Form_SecurityToken->checkRequest()) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@113276 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:19:59 +13:00
Ingo Schommer
31e9726ace BUGFIX Enforcing canEdit() checks in ComplexTableField_Popup - making form readonly if the current user can't edit 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@110857 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:19:50 +13:00
Sean Harvey
7bf9258dac BUGFIX Fixed missing "Save" action input label on ComplexTableField popup form 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@110165 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:19:48 +13:00
Sean Harvey
b999ca4c72 BUGFIX Stricter checking that a relation exists on ComplexTableField::saveComplexTableField() 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@106755 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:19:32 +13:00
Ingo Schommer
6f0df9eb19 MINOR Fixed phpdoc documentation (from r103385) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@103388 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:19:15 +13:00
Ingo Schommer
939ec09536 MINOR Fixed regression from r100774 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100775 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:52 +13:00
Ingo Schommer
470e53f2d1 ENHANCEMENT Allowing custom popup requirements in ComplexTableField without subclassing through $requirementsForPopupCallback 
MINOR Added getParentController() to TableListField_ItemRequest and ComplexTableField_Popup
MINOR Extending ComplexTableField_ItemRequest from TableListField_ItemRequest to avoid redundant code

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@100774 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:52 +13:00
Sam Minnee
7d88b80bbd BUGFIX #5087: Show default values in CTF 'add' popups. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@99777 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:42 +13:00
Sean Harvey
aa437701ae API CHANGE Made ComplexTableField not use Object::create() for item and popup classes to be consistent with TableListField. These can be overridden as itemClass and popupClass are public properties on ComplexTableField 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@98543 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:29 +13:00
Sam Minnee
7cc3efa898 BUGFIX: Removed obsolete start argument from ComplexTableField_Item constructor. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@98536 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:28 +13:00
Sam Minnee
738737e258 MINOR: Initialise variables to fix unit test (from r95754) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@98092 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:20 +13:00
Sam Minnee
60687965ec MINOR: Don't try and access the ORM from ComplexTableField in situations where it shouldn't. (from r95544) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@98089 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:20 +13:00
Andrew Short
feabafcada MINOR: Made ComplexTableField sub-forms testable by returning rather than echoing results. 
From: Andrew Short <andrewjshort@gmail.com> (from r95035)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97432 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:12 +13:00
Andrew Short
9e55bc17a7 MINOR: Allow a validation error to be thrown when a DataObject is saved in ComplexTableField. 
From: Andrew Short <andrewjshort@gmail.com> (from r95034)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97431 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:12 +13:00
Sam Minnee
9f9c572306 BUGFIX: Use Controller::join_links() for all TableListField and ComplexTableField link building, to support form URLs with querystrings. 
BUGFIX: If ComplexTableField::getParentRecord() can't find a record, just return null rather than erroring. (from r96555) (from r96649)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@96775 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:08 +13:00
Sam Minnee
25a437e5a0 BUGFIX: Removed XSS holes (from r94823) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@96773 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:07 +13:00
Sam Minnee
c51a945732 BUGFIX: Allow opening of the detail pop-ups of a record on a ComplexTableField attached to a deleted page. (from r94593) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@96762 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:07 +13:00
Sean Harvey
d782c44269 BUGFIX ComplexTableField - fixed sprintf() not enough arguments when the referrer has a % character in it, the referrer is now an argument instead of being hardcoded in the string 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@95093 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:18:00 +13:00
Will Rossiter
eb64eec534 API CHANGE: removed deprecated extend calls (r93632). API CHANGE: removed fieldExists(). Use hasField() (r93633). API CHANGE removed listOfFields() (r93647). API CHANGE: removed Tag() and URL() from Image. Use getTag() and getURL(). BUGFIX: updated Image.php to use getTag() (r93639, r93646). API CHANGE: removed val(). Use XML_val() (r93650). API CHANGE: removed $add_action. Use singlar_name or lang tables (r93658). API CHANGE: removed ConfirmedFormAction (r93674). API CHANGE: removed ajax_render on CTF (r93679). 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@93685 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:53 +13:00
Ingo Schommer
03c5caea72 MINOR Updated paths from jsparty to sapphire/thirdparty, cms/thirdparty and sapphire/javascript 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@93611 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:52 +13:00
Sean Harvey
047b3deb41 MINOR Added ComplexTableField::setController() which makes testing useful for switching between controllers 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@92134 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2011-02-02 14:17:37 +13:00
Sam Minnee
dfd45fb7fd BUGFIX: Fixed diabled image references for edit and delete links in CTF (from r88967) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89206 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-15 22:39:19 +00:00
Sam Minnee
5ec83b9bd0 BUGFIX: Fixed resolution of amibiguous has_many foreign keys in ComplexTableField to use the same logic as DataObject (from r88945) 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89203 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-15 22:38:57 +00:00
Andrew Short
f29eceecff API CHANGE #3724: Unified the Link() method to accept an action parameter. 
From: Andrew Short <andrewjshort@gmail.com>

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88495 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-10-11 00:07:16 +00:00
Sean Harvey
82a68dd3bd MINOR Merged from branches/2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@81997 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-07-16 03:44:15 +00:00
Ingo Schommer
da758f9f6e ENHANCEMENT Using try/catch blocks in ComplexTableField->saveComplexTableField() to catch any ValidationExceptions and terminate the saving process 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@78255 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-06-02 06:12:10 +00:00
Sean Harvey
60c5570bf8 Merged from branches/2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@77817 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-05-26 02:19:50 +00:00
Sean Harvey
0f237b0c57 Merged from branches/2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@77141 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-05-19 02:44:58 +00:00
Sean Harvey
b20b6e0f95 Merged from 2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@76269 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-05-06 06:36:16 +00:00
Sean Harvey
f4eecd4d0d Merged from branches/2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75903 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-05-04 01:20:12 +00:00
Sean Harvey
9b75cb1987 Merged from branches/2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75845 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-05-01 03:49:34 +00:00
Sean Harvey
964c67e98b MINOR Fixed undefined index error on ComplexTableField 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75781 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-04-30 22:48:21 +00:00
Sean Harvey
13b358a8dd Merged from branches/2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75582 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-04-29 00:07:39 +00:00
Ingo Schommer
4499d1a8d0 ENHANCEMENT Allowing item-specific permissions in TableListField and subclasses (through TableListField_Item->Can() and DataObject->can*() methods). Adding "disabled" icons to template. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73028 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-03-13 10:07:27 +00:00
Sam Minnee
08a5a7c387 Merged from branches/2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@72803 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-03-10 22:08:52 +00:00
Andrew O'Neil
635e2c3df6 Merged from 2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@72453 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-03-04 03:44:11 +00:00
Sean Harvey
df36ae07e8 ENHANCEMENT Allow getting extra field data for a many-to-many relation by calling getExtraData() on a ComponentSet and passing the component name, and child ID 
ENHANCEMENT Hooked up setting field values for many_many_extraFields into ComplexTableField. See r71613 for the original many-to-many auto setting addition
BUGFIX When editing an existing record, many-to-many auto setting wasn't being done because saveComplexTableField() is called on ComplexTableField_ItemRequest
 


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@71635 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-02-11 00:10:37 +00:00
Sean Harvey
fa4c42d642 ENHANCEMENT Allow auto setting a many-to-many relation on ComplexTableField in the similar fashion of auto setting the foreign key for a one-to-many or one-to-many relation. 
ENHANCEMENT Added DataObject::many_many_extraFields() for getting the many_many_extraFields fields for a component name on both sides of a many-to-many relation.
MINOR Added test for many_many_extraFields in DataObjectTest



git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@71613 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-02-10 06:04:36 +00:00
Andrew O'Neil
60f75c5ca4 Merged changes from 2.3 branch 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@71172 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-02-01 23:49:53 +00:00
Ingo Schommer
b7d394008e MINOR Merged from branches/2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@69957 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-01-10 11:35:50 +00:00
Ingo Schommer
085346f0e0 MINOR Merged from branches/2.3 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@69704 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2009-01-05 06:19:48 +00:00
Sam Minnee
a3d3fb65a9 Updated SQL queries to be ansi compatable 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@66401 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-11-23 00:31:06 +00:00
Sam Minnee
b39d3811ff Refactored tabstrip.js to use livequery for loading 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65717 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-11-12 22:28:07 +00:00
Ingo Schommer
61a856503e BUGFIX Calling parent constructor in ComplexTableField_ItemRequest, was confusing RequestHandler 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65212 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-11-04 13:52:03 +00:00
Sean Harvey
99589e626f BUGFIX Fix potential PHP notice opening a ComplexTableField popup 
MINOR Code formatting in ComplexTableField

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@65127 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-11-03 02:33:08 +00:00
Sam Minnee
cd699e3d89 API CHANGE #2857 - Renamed RequestHandlingData to RequestHandler 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64953 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-10-30 22:03:21 +00:00
Hayden Smith
c004cc9b2f BUGFIX: Fixed incorrectly reverted methods related to sizing of the popup. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64604 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-10-21 21:42:27 +00:00
Ingo Schommer
3b16fe9b59 BUGFIX Fixed ComplexTableField->saveComplexTableField() success message object link - was assuming same context as ComplexTableField_ItemRequest 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64251 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-10-14 23:06:22 +00:00
Hayden Smith
f0af7dd9a5 Corrected reverted merge. ComplexTableField::setPopupSize is now present. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@63882 467b73ca-7a2a-4603-9d3b-597d59a354a9
 2008-10-08 19:22:07 +00:00