tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-30 08:29:28 +02:00
Code Issues Projects Releases Wiki Activity
22,752 Commits 29 Branches 516 Tags 147 MiB
b5bff1aa08
Commit Graph

2057 Commits

Author SHA1 Message Date
Steve Boyd
e812999632 Merge branch '4.7' into 4.8 2021-06-21 14:58:40 +12:00
Steve Boyd
b625ba99b3 ENH Remove wording for authenticated devices being manageable 2021-06-18 09:50:13 +12:00
Steve Boyd
7ed7ad0254 FIX Ensure changing a password to blank is validated 2021-06-17 12:05:20 +12:00
Steve Boyd
06dbd5237b [CVE-2020-26138] Validate custom multi-file uploads 2021-06-09 09:34:37 +12:00
Steve Boyd
3bb435c241 [CVE-2020-25817] Prevent loading of xml entities 2021-06-09 09:34:26 +12:00
Steve Boyd
9463aaf571 Merge branch '4.8' into 4 2021-06-08 11:49:01 +12:00
Steve Boyd
fb0d769049
Merge pull request #9969 from creative-commoners/480-tag 
Security fixes from 4.8.0
 2021-06-08 11:47:35 +12:00
David Peck
28b5b803be FIX Defensively copy mocked datetime 2021-06-05 16:46:19 +12:00
Steve Boyd
8024551376 [CVE-2020-26138] Validate custom multi-file uploads 2021-06-02 16:24:23 +12:00
Steve Boyd
7f97734a20 [CVE-2020-25817] Prevent loading of xml entities 2021-06-02 16:24:17 +12:00
Michal Kleiner
2017a20433 FIX Use empty array as a fallback for preg_split within dbtext summary 
If the content is invalid for whatever reason e.g. when instantiating
a DBText field to get a summary of text through
`DBField::create_field('Text', $content)->Summary(10)`, preg_split returns
false and the rest of the code expects an array.
This tweak ensures an array is always returned even when preg_split fails.
 2021-06-02 15:17:58 +12:00
Steve Boyd
a3df66860f Merge branch '4.8' into 4 2021-05-31 17:05:11 +12:00
Steve Boyd
9ccdb8efb2 Merge branch '4.7' into 4.8 2021-05-31 17:04:54 +12:00
Maxime Rainville
472fc4ebb4
BUG Update DataQuery::exists to return false when limit causes no result to be returned (#9946) 
* BUG Update DataQuery::exists to return false when limit causes no result to be returned

* Update comment

* Fixing linting issue
 2021-05-31 16:50:58 +12:00
Ingo Schommer
196752566f
Merge pull request #9655 from sminnee/pulls/9647-find-lost-records 
NEW: Add GridFieldDetailForm::setRedirectMissingRecords()
 2021-05-21 13:53:18 +12:00
Sam Minnee
8883413ba7 NEW: Add GridFieldDetailForm::setRedirectMissingRecords() 
This new opt-in setting will let grid field detail forms redirect to the
“Correct” URL of a GridField if it’s not found in the current list.

This works by:
 * Looking for the item in the database
 * If it exists, check for a CMSEditLink() method that returns a value
 * If so, redirect to that

This is useful if you have a number of grid fields that each show a
partial list of records, and it’s possible for the user to make changes
such the item no longer appears in the list, but does appear in another
list.

It’s an opt-in feature as I think all changes like this should be
opt-in, based on previous experiences improving GridField and in turn
breaking SecurityAdmin and slowing versioned-data-browsing down. ;-)
 2021-05-21 13:16:00 +12:00
Ingo Schommer
8c0efd3980 Extension hooks for CsvBulkLoader 
Required for versioned-snapshots integration
 2021-05-21 11:17:46 +12:00
Ingo Schommer
ad4e488dcf
Merge pull request #9192 from sminnee/fix-9163 
NEW: Support dot syntax in form field names
 2021-05-21 10:34:15 +12:00
Dylan Wagstaff
a5fc61a23a
Merge pull request #9948 from open-sausages/4 
FIX Tidy extension and cli fix for tests
 2021-05-21 09:19:22 +12:00
Guy Marriott
766df06f23
Merge pull request #9631 from open-sausages/pulls/4/custom-sort-gridfield-autocompleter 2021-05-20 14:02:44 -07:00
Ingo Schommer
8806b3befc Fixes required for dot notation support in fields 
See #9163
 2021-05-20 20:32:25 +12:00
Dan Hensby
23ffd2bbd6 Linting fix 2021-05-20 20:32:25 +12:00
Sam Minnee
5dcf5197da FIX: Make the ./_ substitution optional. 2021-05-20 20:32:25 +12:00
Sam Minnee
c7c6bdebdf FIX: Allow join-object to be referenced as a component 
This avoids having arbitrary differences between a join object and a
has-one relation.
 2021-05-20 20:32:25 +12:00
Sam Minnee
6ba7bf7b2f FIX: Replace ‘.’s with ‘_’s in HTML IDs 
The functioning of dot-syntax in form fields mean that .s are more
likely to appear in names. This breaks javascript behaviour in HTML IDs 
and I believe is an invalid character for them.
 2021-05-20 20:32:24 +12:00
Sam Minnee
02fb7c3b17 NEW: Support dot syntax in form field names 
This change adds support for these in a few places.

 - Form::saveInto($record)
 - Form::loadDataForm($record)
 - Form::loadDataForm($_POST)

Fixes https://github.com/silverstripe/silverstripe-framework/issues/9163
 2021-05-20 20:32:24 +12:00
Ingo Schommer
5e2ca7f0a3 FIX Tidy extension and cli fix for tests 
Wrap doesn't actually wrap in the tidy extension.
This causes tests to be flakey, for example some of `FormTest` fails
if you happen to have `ext-tidy` installed (which is the default on most systems).
This happened to me on PHP 7.4.19 with tidy 5.6.0 (OSX Homebrew).
Note that the tests aren't failing in Travis right now.

You'd expect `wrap => 0` to be honoured. It's documented as an integer
in the tidy docs: https://api.html-tidy.org/tidy/quickref_5.6.0.html#wrap.

Even tracked this down to the PHP source which appears to be doing the right thing:
https://github.com/php/php-src/blob/master/ext/tidy/tidy.c#L300

There's a bug from 2018 against PHP 7.2.8 which was closed as "not a bug" without comment:
https://bugs.php.net/bug.php?id=76683

You can see the behaviour in action in the following test.

```
<?php
$html = '<p>a really long string which should not be wrapped</p>';

echo "## With tidy extension" . PHP_EOL;
$tidy = new tidy();
$tidy->parseString(
    $html,
    [
        'output-xhtml' => true,
        'numeric-entities' => true,
        'wrap' => 0,
    ],
    'utf8'
);
$tidy->cleanRepair();
echo $tidy . PHP_EOL;

echo "## With tidy cli" . PHP_EOL;
$cmd = sprintf("echo " . escapeshellarg($html) . " | tidy --force-output 1 -n -q -utf8 -asxhtml -w 0 2> /dev/null");
echo shell_exec($cmd);
```

Long story short, setting it to 99999 fixes the issue.
 2021-05-20 20:09:42 +12:00
Steve Boyd
a6ccc86f94 Merge branch '4.7' into 4.8 2021-05-03 14:21:37 +12:00
Steve Boyd
e6aeff6468 Merge branch '4.6' into 4.7 2021-05-03 14:21:20 +12:00
Garion Herman
debf1ae9fb
Merge pull request #9887 from lekoala/patch-18 2021-04-24 21:05:29 +12:00
Maxime Rainville
67a008365a
Merge pull request #9743 from kinglozzer/treedropdown-root-id 
NEW: Expose TreeDropdownField root node ID in schema
 2021-04-23 18:06:23 +12:00
maks
12a6f7bd0f
fix typo in core constants phpdoc block 2021-04-20 18:25:24 +02:00
Maxime Rainville
37ee3a923f
Merge pull request #9917 from creative-commoners/pulls/4/rememberloginhash-getset 
API Methods to override logout_accross_devices
 2021-04-20 09:49:36 +12:00
Steve Boyd
3d7868449f Merge branch '4.7' into 4 2021-04-19 16:39:15 +12:00
Steve Boyd
bcccc63d33 API Methods to override logout_accross_devices 2021-04-19 13:13:35 +12:00
Loz Calver
097da7aed5
Merge pull request #9916 from chrometoasters/bugfix/absolute-base-url-generation 
[BUGFIX] Prevent call getHeader() on null HTTPRequest object
 2021-04-16 09:15:15 +01:00
Maxime Rainville
fdd23a3675 Merge branch '4.7' into 4 2021-04-14 11:35:58 +12:00
Maxime Rainville
6fc25e4e96
RFC Add chunk method to DataList to iterate over large dataset (#8940) 2021-04-14 07:49:44 +12:00
André Kiste
e2777ded8e • Add missing string 
• Move attribute to login-forms
 2021-04-13 15:33:49 +12:00
Kunal Hari
31c5ab2069 [BUGFIX] Prevent call getHeader() on null HTTPRequest object 2021-04-13 14:06:21 +12:00
André Kiste
bbcc187c02 Update conflicting translations. 
Revert removal of translations.
 2021-04-12 11:42:57 +12:00
Andre Kiste
dcdc25500b
Merge pull request #9909 from creative-commoners/pulls/4/remember-thirty 
ENH Reduce default token period from 90 to 30 days
 2021-04-08 12:39:22 +12:00
André Kiste
8692aabe9b Use new designs 2021-04-08 12:32:12 +12:00
Steve Boyd
7ec838f9c2
Merge pull request #9908 from sunnysideup/patch-15 
PATCH: fix param in docblock ... add \ to FormField::__construct
 2021-04-07 09:56:40 +12:00
Steve Boyd
160ed6f3f1
Merge pull request #9882 from creative-commoners/pulls/4/doc-composite-validator 
DOC Clarify return value for CompositeValidator::getValidatorsByType()
 2021-04-06 15:26:16 +12:00
Steve Boyd
1c7fd287a1 ENH Reduce default token period from 90 to 30 days 2021-04-06 13:22:10 +12:00
Nicolaas
b75860b195
PATCH: fix param in docblock ... add \ to FormField::__construct 2021-04-05 19:43:41 +12:00
Nicolaas
2ecd8b34ee
adding use SilverStripe\Security\Member; to make sure linting works 
adding `use SilverStripe\Security\Member;` to make sure that linting works.
 2021-04-01 23:36:36 +13:00
Maxime Rainville
66fa597b3b
FIX Better handling of remember me token when login across devices is disabled (#9895) 
* BUG Make sure remember me tokens are not invalidated when logging out without the logout_across_devices flag

* Remove unneeded comment
 2021-03-31 11:31:52 +13:00
André Kiste
44fae4497b Better describe the 'keep me signed in' checkbox 2021-03-30 13:19:55 +13:00
Nicolaas
504e20320e
Update DBBoolean.php (#9893) 2021-03-24 12:05:33 +13:00
Steve Boyd
169c06131a
Merge pull request #9748 from tom890180/4.6 
Merge the "Merge pull request #9565 from tom890180/check_items_exist" to 4.6
 2021-03-23 11:01:30 +13:00
Christopher Darling
daa9060c1a
remove unused class import Convert 
Was missed from PR b02a6fa02d
 2021-03-22 14:34:13 +00:00
Thomas Portelange
22b2d58b5a
Update src/Security/Member.php 
Co-authored-by: Steve Boyd <emteknetnz@gmail.com>
 2021-03-22 09:02:18 +01:00
Thomas Portelange
19052e6924
Update src/Security/Member.php 
Co-authored-by: Steve Boyd <emteknetnz@gmail.com>
 2021-03-22 09:02:13 +01:00
Thomas Portelange
0586c55e62
prevent spaces in emails 
so this is not the first time a customer of mine is just copy pasting stuff in emails fields and somehow, a space at the end skips validation. this update ensure there is no space before or after the email, it would probably save a lot of time for everyone to have this build in.
it's probably better to fix it here rather than at form level because this also happens for csv imports etc
 2021-03-19 10:11:02 +01:00
Maxime Rainville
7a04090bdf Merge branch '4.7' into 4 2021-03-15 14:27:47 +13:00
Maxime Rainville
4ee92da6b5 DOC Clarify return value for CompositeValidator::getValidatorsByType() 2021-03-10 22:59:06 +13:00
Nik
d2fa64b489
BUG Allow Email to re-render when data changes (#9876) 
* Fix: Allow Email to re-render when data changes

* Add invalidateBody function

* Make the linter happy
 2021-03-04 11:18:46 +13:00
Maxime Rainville
2c54a3fd2f Merge branch '4.7' into 4 2021-03-01 20:37:04 +13:00
Maxime Rainville
028c4fdaa1 BUG Tweak shortcode parser so it properly parse empty attributes 2021-02-25 15:18:16 +13:00
Chris Penny
79d04fed0d CompositeValidator::validate() to call validate() instead of php() 2021-02-22 08:13:54 +13:00
Loz Calver
095a3b70f8 NEW: Provide helpers for isDev/isTest/isLive in templates 2021-02-11 11:19:07 +00:00
Guy Marriott
eaadd40c3b
Merge pull request #9845 from HARVS1789UK/dataquery-exists-sql-portability-fix 
Bug Fix - Ensure DataQuery::exists() SQL is both valid MySQL and T-SQL
 2021-02-10 10:21:42 -08:00
Antony Thorpe
77ecbd854d
Updated TreeDropdownField.php documentation 
Updated code example for SS4
 2021-02-09 16:27:13 +13:00
Joe Harvey
33365b92f3 Bug Fix - Ensure DataQuery::exists() SQL is both valid MySQL and T-SQL 
The original SQL statement is not valid T-SQL for use with SQL Server
 2021-02-08 17:22:20 +00:00
Maxime Rainville
9ca33950a2
API Add a CREATE_MEMORY_HYDRATED option to DataObject constructor (#9767) 2021-01-21 14:07:06 +13:00
3Dgoo
d1cca0f3fb
Fix DataQuery::exists() not working correctly 
Fixes `DataQuery::exists()` not working correctly in some cases as discussed in #9809
 2021-01-20 17:03:36 -08:00
Maxime Rainville
0dd59a1e7b
BUG Reset GridFieldFilterHeader grid state when search is cleared (#9829) 2021-01-21 13:47:40 +13:00
Maxime Rainville
54bdabd203 Merge branch '4.7' into 4 2021-01-20 12:57:01 +13:00
Maxime Rainville
d13d3a1134
Merge pull request #9818 from creative-commoners/pulls/4.7/check-object-for-key 
FIX Type checking in objectForKey() to fix postgres bug
 2021-01-20 12:41:49 +13:00
Maxime Rainville
17c6f98ba2 BUG Fix PostgreSQL issue in TreeMultiselectField where field would try to filter list by a blank ID 2021-01-20 12:23:09 +13:00
Maxime Rainville
0da15f0f27 Merge branch '4.7' into 4 2021-01-19 15:33:56 +13:00
Steve Boyd
ed5c1488c8
Merge pull request #9817 from creative-commoners/pulls/4/fix-dbcomposite-indexspecs 
FIX DBComposite getIndexSpecs method
 2021-01-17 11:18:35 +13:00
Ingo Schommer
6153f441ee Merge branch 'phpdoc-fixes' into 4 2021-01-14 11:08:22 +13:00
Ingo Schommer
fe2027e486 PHPDoc in PEG parser 
Required for https://github.com/silverstripe/silverstripe-framework/pull/9808
 2021-01-14 11:07:58 +13:00
Ingo Schommer
5f7239fc3d
Merge pull request #9765 from open-sausages/pulls/4/test-setup-confusion 
Warn on database misconfiguration in test runs
 2021-01-14 09:18:14 +13:00
Steve Boyd
76ae5bc38a FIX Type checking in objectForKey() to fix postgres bug 2021-01-08 15:25:38 +13:00
Serge Latyntcev
2f64667bd6 FIX DBComposite getIndexSpecs method using self API to get the list of db fields 2021-01-07 16:19:54 +13:00
3Dgoo
3b74c2596f
Fix DataQuery::exists() not working correctly 
Fixes `DataQuery::exists()` not working correctly in some cases as discussed in #9809
 2020-12-29 16:45:58 +10:30
William Desportes
c932d7e7fb
Fix the phpdoc blocks 2020-12-21 22:23:23 +01:00
Sam Minnée
a8d121d23f
Merge pull request #9800 from creative-commoners/pulls/4.7/arraylist-value-set 
FIX Bug when specifying 0 in ArrayList::offsetSet
 2020-12-16 15:40:20 +13:00
Steve Boyd
5be045f9a2 FIX Bug when specifying 0 in ArrayList::offsetSet 2020-12-15 14:50:10 +13:00
Steve Boyd
91c441103b Merge branch '4.7' into 4 2020-12-01 15:29:16 +13:00
Steve Boyd
af933e8226 MNT Double quote yaml string, fix phpcs warnings 2020-11-30 11:37:35 +13:00
Guy Marriott
d76dd257e4
Merge branch '4.7' into 4 2020-11-17 15:47:25 -08:00
Guy Marriott
b0762593da
Merge branch '4.6' into 4.7 2020-11-17 15:46:54 -08:00
Guy Marriott
6a5cee69ab
Merge pull request #9766 from tractorcow/pulls/4.6/faster-dev-build 2020-11-17 15:43:21 -08:00
Andre Kiste
460715197d
Merge pull request #9190 from open-sausages/pulls/4/test-state 
Don't include default value in url grid state
 2020-11-18 12:31:50 +13:00
Steve Boyd
ad839fdd6e Merge branch '4.6' into 4.7 2020-11-16 12:10:48 +13:00
Damian Mooyman
5d45bbdd0d
Update src/ORM/DatabaseAdmin.php 
Co-authored-by: Guy Marriott <guy.the.person@gmail.com>
 2020-11-13 11:48:50 +13:00
Damian Mooyman
2753516783
Fail over if calling deprecated method 2020-11-13 08:27:53 +13:00
Damian Mooyman
405a1f7cb6
ENHANCEMENT Better optimised class name migration with substantially fewer queries 
Fixes #9752
 2020-11-12 16:10:28 +13:00
Ingo Schommer
a3ae4922e4
Brand naming 
Co-authored-by: Aaron Carlino <unclecheese@leftandmain.com>
 2020-11-12 15:32:26 +13:00
Ingo Schommer
6306d2ede3 More specific "database missing" error message 
It's misleading to imply that an .env doesn't exist when it's not what the actual check looks for.
It's also poor design to hardcode an unrelated error message in a "redirect to installer" function,
which only worked because this function was called from exactly one other place where this
error message was correct.
 2020-11-12 13:51:24 +13:00
Ingo Schommer
b271d9dd89 FIX Don't swallow app init errors in test setup 2020-11-12 13:51:22 +13:00
Steve Boyd
6e77d5eada NEW DataObject related objects service 2020-10-29 09:29:26 +13:00
Guy Marriott
bdeb0aab4f Merge pull request #9565 from tom890180/check_items_exist 2020-10-28 10:27:10 +02:00
Garion Herman
e89ae93ac9 FIX Harden hasMethod() against invalid values 
This method should typehint the incoming value once union types are
available, but for now this ensures that method_exists() is not called
on scalar values, which is unsupported in PHP 8.
 2020-10-28 09:34:33 +13:00
Garion Herman
91f831cd0b ENH Improve scalar response handling 
This resolves an issue where method_exists() was being called on scalar
response values, which is not supported in PHP 8.
 2020-10-26 13:20:47 +13:00