Loz Calver
|
b5bae137bd
|
FIX: Redirect loop with multiple confirmation tokens present (fixes #8607)
|
2018-11-15 10:59:42 +00:00 |
|
Werner M. Krauß
|
3f321f935a
|
Convert::memstring2bytes should return integer value
bytes are by nature an integer
fixes #8572
|
2018-11-07 17:01:36 +01:00 |
|
Loz Calver
|
11fe5b3adf
|
Implement ConfirmationTokenChain to handle multiple tokens at once
|
2018-11-07 11:33:24 +13:00 |
|
Loz Calver
|
8d7c2dafab
|
[SS-2018-019] Add confirmation token to dev/build
|
2018-11-07 11:33:24 +13:00 |
|
Werner M. Krauß
|
adafd73943
|
Convert::memstring2bytes should preserve -1
fixes #8570
|
2018-11-06 10:22:13 +01:00 |
|
Daniel Hensby
|
4acec33562
|
FIX Fixed bug in config merging priorities so that config values set by extensions are now least important instead of most important
|
2018-07-12 00:55:39 +01:00 |
|
Robbie Averill
|
27e24a4728
|
Merge pull request #8142 from open-sausages/pulls/4.0/fix-injector-empty
BUG Safely handle empty injector factory responses
|
2018-06-11 15:20:24 +12:00 |
|
Damian Mooyman
|
546c6c3e22
|
Merge pull request #8125 from open-sausages/pulls/4/date-field-tweaks
Remove legacy logic from DateField_Disabled
|
2018-06-11 09:23:33 +12:00 |
|
Daniel Hensby
|
cfe93b7f23
|
Merge branch '3.6' into 4.0
|
2018-06-08 14:41:04 +01:00 |
|
Maxime Rainville
|
582c69d32f
|
BUG Fix issue with Disabled DateField always display (not set).
|
2018-06-08 13:51:22 +01:00 |
|
Damian Mooyman
|
e37e3e1746
|
BUG Fix test that relies on implicit ID order breaking postgres
|
2018-06-08 11:23:24 +12:00 |
|
Damian Mooyman
|
c070e989c4
|
BUG Safely handle empty injector factory responses
Fixes issue with ImageBackendFactory returning null and breaking injector
|
2018-06-06 16:45:16 +12:00 |
|
Daniel Hensby
|
801a51d0f7
|
Merge branch '3.5' into 3.6
|
2018-06-05 16:30:20 +01:00 |
|
Daniel Hensby
|
41e601a036
|
FIX Regression from #8009
|
2018-06-04 17:03:05 +01:00 |
|
Robbie Averill
|
3a537bc745
|
Merge branch 'heads/4.0.4' into 4.0
|
2018-05-28 17:50:07 +12:00 |
|
Robbie Averill
|
dae8fefb1e
|
Merge remote-tracking branch 'origin/3.5' into 3.6
|
2018-05-28 17:43:55 +12:00 |
|
Robbie Averill
|
df4648a308
|
Merge branch 'heads/3.5.8' into 3.5
|
2018-05-28 17:42:31 +12:00 |
|
Robbie Averill
|
e7e32d13a3
|
FIX Add namespace and encryptor to tests that expect blowfish to be available
|
2018-05-24 11:24:56 +12:00 |
|
Aaron Carlino
|
f847f186b1
|
[ss-2018-013] Remove password text from session data on failed submission
|
2018-05-14 17:14:38 +12:00 |
|
Robbie Averill
|
5887201dd5
|
Merge pull request #64 from silverstripe-security/pulls/4.0/ss-2018-010
[SS-2018-010] Fix regression of SS-2017-002
|
2018-05-14 17:12:45 +12:00 |
|
Robbie Averill
|
beec0c0d47
|
[SS-2018-010] Fix regression of SS-2017-002
|
2018-05-14 17:12:07 +12:00 |
|
Robbie Averill
|
1e6790bfb6
|
Merge pull request #62 from silverstripe-security/pulls/4.0/ss-2018-001
[ss-2018-001] Restrict non-admins from being assigned to admin groups
|
2018-05-14 17:11:03 +12:00 |
|
Damian Mooyman
|
e409d6f673
|
[ss-2018-001] Restrict non-admins from being assigned to admin groups
|
2018-05-14 17:10:22 +12:00 |
|
Robbie Averill
|
39b62e5fbb
|
Merge pull request #61 from silverstripe-security/pulls/4.0/ss-2018-008
[ss-2018-008] Validate against malformed urls
|
2018-05-14 17:07:09 +12:00 |
|
Damian Mooyman
|
9053014a7e
|
[ss-2018-008] Validate against malformed urls
|
2018-05-14 17:06:47 +12:00 |
|
Robbie Averill
|
6f50728b18
|
Merge pull request #59 from silverstripe-security/pulls/4.0/ss-2018-006
[ss-2018-006] Prevent code execution in template value resolution
|
2018-05-14 17:06:04 +12:00 |
|
Damian Mooyman
|
2e13ae746f
|
[ss-2018-006] Prevent code execution in template value resolution
|
2018-05-14 17:05:31 +12:00 |
|
Damian Mooyman
|
d935140a95
|
[ss-2018-005] Prevent unauthenticated isDev / isTest being allowed
|
2018-05-14 17:03:39 +12:00 |
|
Damian Mooyman
|
5771388821
|
[ss-2018-001] Restrict non-admins from being assigned to admin groups
|
2018-05-09 15:12:40 +12:00 |
|
Daniel Hensby
|
80bf0fc487
|
FIX bad syntax
|
2018-05-02 11:43:12 +01:00 |
|
Daniel Hensby
|
d5e2d3fa67
|
Merge branch '3.6' into 4.0
|
2018-05-01 21:47:17 +01:00 |
|
UndefinedOffset
|
fe4b90edc0
|
FIX: Duplicating many_many relationships looses the extra fields in 4.0
|
2018-04-18 11:49:20 -03:00 |
|
Daniel Hensby
|
8359f3dc97
|
Merge branch '3.5' into 3.6
|
2018-04-18 13:14:07 +01:00 |
|
UndefinedOffset
|
af3a9f3ec8
|
FIX: Duplicating many_many relationships looses the extra fields (fixes #7973)
|
2018-04-18 12:16:02 +01:00 |
|
Damian Mooyman
|
c54b07a952
|
API Update to use new chromedriver + behat-extension + facebook/webdriver
|
2018-04-12 14:19:14 +12:00 |
|
Roman Schmid
|
40c2e299a0
|
Fix "mb_stripos(): Empty delimiter" warning when no search-keywords are given for DBText::ContextSummary .
Add unit-test to cover that case.
|
2018-03-01 11:39:30 +01:00 |
|
Aaron Carlino
|
0863bac29a
|
Update getVariables to return a copy of globals rather than including the reference in an array merge
|
2018-02-27 09:52:36 +13:00 |
|
Damian Mooyman
|
b27102f810
|
BUG Fix incorrect assets created when ASSETS_PATH !== BASE_PATH . '/assets'
|
2018-02-26 13:12:08 +13:00 |
|
Damian Mooyman
|
0e26c06644
|
BUG Fix behaviour towards versioned but unstagable records
|
2018-02-20 12:20:18 +13:00 |
|
Daniel Hensby
|
9c50b03b86
|
Merge branch '3.5' into 3.6
|
2018-02-13 14:30:29 +00:00 |
|
Jonathon Menz
|
c767e472dc
|
FIX DataObject singleton creation
Ensure DataObject instances are aware they are singletons so functions like populateDefaults() can be skipped. (fixes #4878)
|
2018-02-12 20:30:35 -08:00 |
|
Daniel Hensby
|
e298fcc345
|
Merge branch '3.6' into 4.0
|
2018-02-09 14:32:58 +00:00 |
|
Daniel Hensby
|
48a8a82326
|
Merge branch '3.5' into 3.6
|
2018-02-09 13:20:38 +00:00 |
|
Chris Joe
|
95308e1af6
|
Merge pull request #7849 from open-sausages/pulls/4.0/fix-debug-string-class-cli
BUG Fix issue with CLIDebugView failing on class name of existing class
|
2018-02-09 15:41:18 +13:00 |
|
Daniel Hensby
|
d3278d5470
|
FIX Add Nested DB transaction support (#7848)
* TEST Prove nested transactions break
* Add nested transaction support
|
2018-02-09 10:28:32 +13:00 |
|
Damian Mooyman
|
0a486b8f57
|
BUG Fix issue with CLIDebugView failing on class name of existing class
Fixes #7827
|
2018-02-09 09:52:32 +13:00 |
|
JorisDebonnet
|
5df1ec7eee
|
Use fputcsv in GridFieldExportButton
|
2018-02-08 12:26:29 +00:00 |
|
Daniel Hensby
|
660dfd34a8
|
FIX Issue where default admin has no password encryption
|
2018-02-06 20:18:32 +00:00 |
|
Daniel Hensby
|
28ca11dd7e
|
FIX Regex range identifier correctly escaped
|
2018-02-05 15:17:20 +00:00 |
|
Damian Mooyman
|
288aaf083c
|
BUG Fix issue with DebugView failing on class name of existing class
Fixes #7827
|
2018-02-05 10:45:49 +13:00 |
|