silverstripe-framework

mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00

Author	SHA1	Message	Date
Damian Mooyman	47a9cdfd49	ENHANCEMENT Backport of querystring work to 3.x (#8026 ) * WIP Backport of querystring work to 3.x * Remove dataextension requirement * Fix up bootstrapping * more backporting * Bug fix some tests * Fix up some tests * Fix support for custom stages Don't set empty stage * Better cache typehint * Make sure useDraftSite(false) re-enables secure site * Remove unnecessary guard around controller property	2018-05-08 10:04:44 +12:00
Damian Mooyman	f4b13fb2c4	Merge remote-tracking branch 'origin/3.6' into 3 # Conflicts: # model/DataQuery.php	2018-02-05 16:53:15 +13:00
Damian Mooyman	4da99efd5d	Merge remote-tracking branch 'origin/3.5' into 3.6	2018-01-31 16:03:42 +13:00
Daniel Hensby	9103816333	NEW Add php 7.2 support	2018-01-30 16:50:32 +00:00
Damian Mooyman	cf69d04866	BUG Fix ping including requirements Fixes #7802	2018-01-26 10:26:18 +13:00
Daniel Hensby	1e5592a3d9	Merge branch '3.5' into 3.6	2017-06-27 13:14:39 +01:00
Daniel Hensby	ecc88b2cbe	Merge branch '3.5' into 3.6	2017-06-14 12:02:06 +01:00
Daniel Hensby	a5c84b12ab	FIX Order of conditionals for getting default admin	2017-06-12 11:54:05 +01:00
Robbie Averill	2f6f5b5eff	Do not send the header if it is not defined	2017-01-11 08:26:04 +13:00
Robbie Averill	cb2dcc75f1	Add X-Robots-Tag noindex,nofollow header from Security controller to prevent indexing	2017-01-09 16:13:39 +13:00
Damian Mooyman	7de5b998e1	Merge 3.4 into 3	2016-08-05 19:12:25 +12:00
Damian Mooyman	0d5ae23f2b	Merge 3.2 into 3.3	2016-08-05 14:36:35 +12:00
Andrew Aitken-Fincham	66f2e6811b	modify getAuthenticator to fall back to get_default_authenticator	2016-08-03 10:36:43 +12:00
Damian Mooyman	d08ab6ac81	API Allow X-Frame-Options to be configured Fixes #2970	2016-07-15 14:08:14 +12:00
Daniel Hensby	ee326f6394	Merge branch 'hailwood/patch-5' into 3	2016-07-01 14:53:02 +01:00
Matthew Hailwood	4f0969f119	Make lost password url a config option like login_url and logout_url Also makes the login_url, logout_url and new lost_password_url functions return their link relative to the base url rather than assuming the base tag	2016-07-01 14:47:51 +01:00
Damian Mooyman	2a5ba397e6	BUG Fix SS_HTTPResponse being cast as string (#5413 ) Fixes #5335	2016-05-02 08:54:19 +12:00
Damian Mooyman	38e154af0a	API Disable get parameter access to site stage mode BUG Fix missing and undocumented response from Security::permissionFailure()	2015-12-07 17:39:18 +13:00
Damian Mooyman	71b8aec306	Merge remote-tracking branch 'origin/3.2' into 3	2015-09-15 13:35:51 +12:00
Damian Mooyman	c4710b2272	Merge remote-tracking branch 'origin/3.1' into 3.2 Conflicts: admin/code/GroupImportForm.php admin/code/MemberImportForm.php tests/model/DataListTest.php	2015-09-15 13:18:47 +12:00
Damian Mooyman	7367cf54c4	[ss-2015-020]: Prevent possible Privilege escalation	2015-09-10 13:01:24 +12:00
Stevie Mayhew	1b57e0ca5b	FEATURE: implement getter and setter usage for response	2015-08-29 10:24:06 +12:00
Phill Price	b2024107a9	DOCS: Typo in a block	2015-06-24 11:57:12 +01:00
Damian Mooyman	e14f743bf0	Set deprecation level for all changes in 3.x to 4.0	2015-06-19 13:07:41 +12:00
Stevie Mayhew	0d94cf15a5	UPDATE: change all instances of $this->request to use appropriate getter/setter	2015-04-30 11:04:08 +12:00
Daniel Hensby	c2fd18e829	FIX use config for Security::$login_url	2015-04-23 17:20:07 +01:00
Damian Mooyman	95c162ef0d	API Security better respects BackURL on login BUG Restore missing authentication message not appearing in the login form $Content area (regression from #1807)	2015-03-31 20:22:35 +13:00
Damian Mooyman	43f49e8434	Merge remote-tracking branch 'origin/3.1' into 3 Conflicts: admin/code/ModelAdmin.php control/Director.php model/SQLQuery.php security/Member.php tests/control/HTTPTest.php tests/model/SQLQueryTest.php tests/security/SecurityTest.php tests/view/SSViewerTest.php	2015-03-31 19:54:15 +13:00
Daniel Hensby	de2aa47250	Merge pull request #4006 from kinglozzer/patch-1 FIX: Security::$default_message_set Config value unusable	2015-03-17 17:05:01 +00:00
Loz Calver	a61c08d031	FIX: Security::$default_message_set Config value unusable	2015-03-17 15:51:31 +00:00
Damian Mooyman	6baf63e18c	Merge remote-tracking branch 'origin/3.1' Conflicts: dev/install/install.php5 docs/en/changelogs/index.md security/Security.php	2014-11-19 11:16:46 +13:00
Damian Mooyman	ce93a8a98e	Resolve merge regressions	2014-11-19 11:05:07 +13:00
Damian Mooyman	2bdfd65e9b	BUG Security::findAnAdministrator doesn't always find an admin	2014-11-18 15:36:34 +13:00
Damian Mooyman	0b1f297873	Merge remote-tracking branch 'origin/3.1' Conflicts: .travis.yml README.md admin/code/LeftAndMain.php admin/css/screen.css admin/scss/screen.scss api/RestfulService.php conf/ConfigureFromEnv.php control/injector/ServiceConfigurationLocator.php control/injector/SilverStripeServiceConfigurationLocator.php core/ClassInfo.php core/Object.php css/AssetUploadField.css css/ComplexTableField_popup.css dev/CSSContentParser.php dev/DevelopmentAdmin.php docs/en/changelogs/index.md docs/en/misc/contributing/code.md docs/en/reference/execution-pipeline.md filesystem/GD.php filesystem/ImagickBackend.php filesystem/Upload.php forms/Form.php forms/FormField.php forms/HtmlEditorConfig.php forms/gridfield/GridFieldDetailForm.php forms/gridfield/GridFieldSortableHeader.php lang/en.yml model/Aggregate.php model/DataList.php model/DataObject.php model/DataQuery.php model/Image.php model/MySQLDatabase.php model/SQLQuery.php model/fieldtypes/HTMLText.php model/fieldtypes/Text.php scss/AssetUploadField.scss search/filters/SearchFilter.php security/Authenticator.php security/LoginForm.php security/Member.php security/MemberAuthenticator.php security/MemberLoginForm.php security/Security.php tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsFormsContext.php tests/control/HTTPTest.php tests/control/RequestHandlingTest.php tests/filesystem/UploadTest.php tests/forms/FormTest.php tests/forms/NumericFieldTest.php tests/model/DataListTest.php tests/model/DataObjectTest.php tests/model/TextTest.php tests/security/MemberAuthenticatorTest.php tests/security/SecurityDefaultAdminTest.php tests/view/SSViewerCacheBlockTest.php tests/view/SSViewerTest.php	2014-11-18 12:45:54 +13:00
Damian Mooyman	53c40a94fa	API Enable re-authentication within the CMS if a user session is lost BUG Resolve issue with error redirection being ignored within CMS BUG Fix issue with invalid securityID being re-emitted on failure	2014-10-14 15:19:48 +13:00
Will Rossiter	4b6a03bb0b	Fix deprecation warning with word_list	2014-08-31 15:59:16 +12:00
Damian Mooyman	eb069e605d	Remove all redundant whitespace	2014-08-19 09:17:15 +12:00
Damian Mooyman	0433ba1642	BUG Revert some changes to ManyManyList BUG Fix incompatibility in Member_GroupList Fix regressions in merges from 3.1 BUG Fix Security failing on test classes BUG Fix postgresql compatibility Clarify sql encoding of table names	2014-07-23 12:38:41 +12:00
Damian Mooyman	d8e9af8af8	API New Database abstraction layer. Ticket #7429 Database abstraction broken up into controller, connector, query builder, and schema manager, each independently configurable via YAML / Injector Creation of new DBQueryGenerator for database specific generation of SQL Support for parameterised queries, move of code base to use these over escaped conditions Refactor of SQLQuery into separate query classes for each of INSERT UPDATE DELETE and SELECT Support for PDO Installation process upgraded to use new ORM SS_DatabaseException created to handle database errors, maintaining details of raw sql and parameter details for user code designed interested in that data. Renamed DB static methods to conform correctly to naming conventions (e.g. DB::getConn -> DB::get_conn) 3.2 upgrade docs Performance Optimisation and simplification of code to use more concise API API Ability for database adapters to register extensions to ConfigureFromEnv.php	2014-07-09 18:04:05 +12:00
Damian Mooyman	982ad569b9	Merge remote-tracking branch 'origin/3.1'	2014-04-22 12:09:51 +12:00
Damian Mooyman	997077ae83	API Security.remember_username to disable login form autocompletion	2014-04-11 09:05:25 +12:00
Daniel Hensby	ab52b677aa	FIX Log out current member when forgotten password At the moment, if a user is logged in on a device (say, their phone) but has forgotten their password. If they attempt to reset their password on their desktop, then open the email on their phone they then see the reset password form with the CurrentPassword field. I'm not entirely sure what happens if a DIFFERENT user is currently logged in, but I think they remain logged in and you're effectively trying to change their password. Both scenarios are not ideal and (in fact) this happens a lot in the real world as it's a legitimate complaint we're receiving from a visitors of one of our client's websites.	2014-02-28 14:27:45 +00:00
micmania1	229bea399b	added logout url to Security and deprecated Security::set_login_url in favour of config	2013-12-20 21:55:54 +00:00
Ingo Schommer	f29d51f433	Merge remote-tracking branch 'origin/3.1' Conflicts: docs/en/reference/dataobject.md lang/es.yml	2013-12-19 20:23:09 +01:00
Ingo Schommer	23371b01aa	"lost password" translation master (fixes #2725 )	2013-12-19 20:00:59 +01:00
Andrew Short	bedf292612	Merge branch '3.1' Conflicts: docs/en/reference/execution-pipeline.md lang/nl.yml	2013-11-11 18:18:25 +11:00
Mateusz Uzdowski	1a39f61598	BUG Fix the password reset message to be shown consistently. If we detect any of the password reset GET params, it's safe to assume that someone intended a password reset, regardless of other conditions.	2013-10-25 09:29:21 +13:00
Ingo Schommer	455e550d9a	Merge remote-tracking branch 'origin/3.1' Conflicts: docs/en/topics/testing/create-silverstripe-test.md forms/Form.php i18n/i18n.php model/Image.php	2013-09-27 19:22:14 +02:00
Sean Harvey	e43ca931d6	Merge pull request #2343 from chillu/pulls/security-404 Returning 404 on /Security, instead of Controller.ss template	2013-09-05 18:56:23 -07:00
Ingo Schommer	a4c6ae3e90	Merge remote-tracking branch 'origin/3.1'	2013-08-22 13:56:33 +02:00

1 2 3 4 5 ...

280 Commits