Commit Graph

212 Commits

Author SHA1 Message Date
Ingo Schommer
b58e2dbe3a Member.lock_out_delay_mins configurable, password security docs 2013-07-11 09:47:28 +02:00
Hamish Friedlander
7b7982969b Add some docs about admin-side HTML sanitisation 2013-07-10 16:44:51 +12:00
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Mateusz Uzdowski
f9ede95e5b Add configuration system tests for Only and Except combinations. 2013-07-02 15:51:53 +12:00
Hamish Friedlander
df218d76da Clarify how Only and Except rules combine 2013-07-02 14:09:11 +12:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Ingo Schommer
2160fb8000 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.js
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
	tests/control/ControllerTest.php
2013-06-19 14:03:43 +02:00
CheeseSucker
671b7a0cc7 Consolidated command line examples
Examples were broken into several <pre> blocks.
2013-06-18 15:50:32 +03:00
CheeseSucker
476df739a2 A few minor improvements to the "Module development" documentation 2013-06-16 12:55:39 +03:00
Will Rossiter
8fca3799c3 Update module development, remove outdated release steps 2013-06-15 12:06:25 +12:00
Will Rossiter
6d792adab2 Update documentation static declarations to private
Also spelling, grammar and line length clean up.
2013-06-08 15:16:59 +12:00
Sam Minnée
00e09f1493 Update commandline.md 2013-05-25 19:07:17 +12:00
Sam Minnée
99275ea783 Merge pull request #1760 from jedateach/patch-3
CommandLine: Info about running regular tasks with cron
2013-05-24 23:53:45 -07:00
Ingo Schommer
306d3b0c7e Merged existing shortcode docs with new topics docs from 3.0 2013-05-17 14:01:42 +02:00
Ingo Schommer
4c7c40e8b9 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	parsers/ShortcodeParser.php
2013-05-17 13:51:54 +02:00
Ingo Schommer
146b5a81cb Improved shortcode docs 2013-05-17 13:49:46 +02:00
Ingo Schommer
3b02d22989 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	dev/CsvBulkLoader.php
2013-05-09 10:34:20 +02:00
Sam Minnée
9672a22166 Merge pull request #1851 from chillu/pulls/form-strict-method-check
Form strict method check
2013-05-08 22:31:40 -07:00
Fred Condo
677dc9822e Edit forms documentation
Correct spelling and word choices.
2013-05-08 17:00:43 -07:00
Ingo Schommer
14c59be85e API Form::setStrictFormMethodCheck() and strict argument to setFormMethod()
Thanks to @sminnee for getting this started
2013-05-08 10:25:13 +02:00
Sam Minnee
b5a83878dd Added docs for i81n.moduole_priority. 2013-05-06 12:51:46 +12:00
Simon Welsh
a5d69f2bf5 Update page-type-templates.md 2013-05-03 15:04:30 +12:00
Ingo Schommer
5f91c3724d Consistently used dollar notation in template docs (see #1794) 2013-04-26 11:48:59 +02:00
Ingo Schommer
faa3e58468 Allow SS_DATABASE_NAME in _ss_environment.php configuration
Makes setups which are completely driven by that file a bit easier
to automate, particularly if the same codebase is deployed
multiple times (e.g. to a staging and live instance)
2013-04-22 14:11:37 +02:00
Ingo Schommer
67ce9e08cc Extended docs for shortcode handling and doctypes (fixes #1700) 2013-04-16 14:01:04 +02:00
Jeremy Shipman
4db5f75298 Info about running regular tasks with cron
What commands to use, and good approach to testing
2013-04-15 10:47:59 +12:00
Ryan Wachtl
46831f56fb Update configuration.md
Link to ssbits.com config cheatsheet no longer relevant.
2013-04-09 10:09:25 -05:00
Ingo Schommer
9856fcef21 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	javascript/DateField.js
	model/DataQuery.php
	model/Versioned.php
	tests/forms/RequirementsTest.php
	tests/model/DataObjectLazyLoadingTest.php
	view/Requirements.php
2013-04-09 14:45:35 +02:00
Stephen Shkardoon
1a95be7e60 Update form-validation.md
Minor typo, missing a '
2013-04-09 18:44:47 +12:00
Will Rossiter
05d4dd863d Update controller.md 2013-04-05 22:17:11 +13:00
Jeremy Shipman
a57e4e8abe Update environment-management.md
Fixed "Available Constants" table at the bottom
2013-04-03 15:29:27 +13:00
Ingo Schommer
0b54b284bc Updated i18n docs 2013-04-02 11:43:36 +02:00
Ingo Schommer
c08ab18c03 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	.travis.yml
	admin/javascript/LeftAndMain.AddForm.js
	docs/en/reference/requirements.md
2013-04-02 02:00:50 +02:00
Ingo Schommer
f5754c11aa Contribution guidelines, new bugtracker links 2013-04-02 01:51:40 +02:00
Ingo Schommer
ccb0155b8f Config docs improvement: @config and LSB mentions
Also moved some less important "notes" further down the page.
The doc is still written too much like a technical spec, we need
something that's more accessible to beginners.
2013-03-27 12:08:12 +01:00
Ingo Schommer
315c03872a Fixed _config.php references and usage in docs 2013-03-27 12:06:57 +01:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Ingo Schommer
00fb8cf679 Formatting and docs changes to configuration.md 2013-03-24 17:20:36 +01:00
Ingo Schommer
81a51331d6 IX Load _config.php's after static config manifest
This allows more sophisticated handling of config alterations
in _config.php. One example is additions to DataObject::$db
based on configuration which requires some processing.

See https://github.com/unclecheese/TranslatableDataObject/blob/master/TranslatableDataObject.php
2013-03-21 00:16:36 +01:00
Ingo Schommer
53c84ee1fe Merge remote-tracking branch 'origin/3.0' into 3.1 2013-03-19 14:04:29 +01:00
Ingo Schommer
99ca0471f7 Merge remote-tracking branch 'origin/2.4' into 3.0
Conflicts:
	control/RequestHandler.php
	core/control/ContentController.php
	dev/CsvBulkLoader.php
	docs/en/changelogs/index.md
	docs/en/reference/execution-pipeline.md
	docs/en/topics/commandline.md
	docs/en/topics/controller.md
	docs/en/topics/form-validation.md
	docs/en/topics/forms.md
	docs/en/topics/security.md
	model/MySQLDatabase.php
	security/Security.php
	tests/control/ControllerTest.php
	tests/control/RequestHandlingTest.php
2013-03-19 13:56:04 +01:00
Andrew Short
b8a51c3792 Merge branch '3.0' into 3.1 2013-03-19 22:27:09 +11:00
Stephen Shkardoon
2ead2ba60f Removed invalid characters
No idea what those characters were meant to be, so I removed them.
2013-03-16 23:17:02 +13:00
Andrew Short
6ae931df24 Merge branch '3.0' into 3.1 2013-03-15 21:47:23 +11:00
Dan
4a12d6db3c Minor: Two modules are listed as three.
...for example "framework" and "cms". These three modules... Should be two modules, or perhaps there is a third missing from the list.
2013-03-08 10:10:04 -05:00
Ingo Schommer
64888c07b7 Partially revert docs commit 7710cf59
i18n.js doesn't support named parameters (yet)
2013-03-04 08:48:16 +01:00
Ryan Wachtl
3d602998b1 Update rich-text-editing.md
`HtmlEditorField::add_extension('MyToolbarExtension');` was not working for me. I had to use `HtmlEditorField_Toolbar`.
2013-03-02 14:37:09 -06:00
Ingo Schommer
bea1b9002d Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	control/HTTP.php
2013-02-26 13:28:35 +01:00
Ingo Schommer
567e39cd19 Updated composer docs 2013-02-25 11:47:11 +01:00
Hamish Friedlander
5fd55a50f2 API Tighten up allowed_actions
allowed_actions is now only allowed to reference public methods defined
on the same Controller as the allowed_actions static, and
the wildcard "*" has been deprecated
2013-02-18 14:53:33 +13:00