Damian Mooyman
8331171f2c
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
.scrutinizer.yml
admin/javascript/LeftAndMain.Panel.js
core/startup/ParameterConfirmationToken.php
dev/Debug.php
dev/FixtureBlueprint.php
docs/en/00_Getting_Started/05_Coding_Conventions.md
docs/en/00_Getting_Started/index.md
docs/en/02_Developer_Guides/01_Templates/01_Syntax.md
filesystem/File.php
filesystem/Folder.php
forms/FieldList.php
forms/LabelField.php
forms/MoneyField.php
forms/TextField.php
forms/TreeDropdownField.php
forms/Validator.php
forms/gridfield/GridField.php
forms/gridfield/GridFieldExportButton.php
lang/de.yml
lang/fi.yml
model/DataObject.php
model/SQLQuery.php
parsers/ShortcodeParser.php
security/ChangePasswordForm.php
security/Security.php
tests/control/DirectorTest.php
tests/core/startup/ParameterConfirmationTokenTest.php
tests/dev/FixtureBlueprintTest.php
tests/forms/FieldListTest.php
tests/forms/MoneyFieldTest.php
tests/model/SQLQueryTest.php
tests/security/SecurityTest.php
2015-06-02 19:13:38 +12:00
Damian Mooyman
0319f7855b
FIX Incorrect env setting in 3.1.13
2015-06-02 12:27:08 +12:00
Marcus Nyeholt
9c8fa51321
FIX Allow users to specify allowed hosts
...
Allow users to explicitly state which Hosts are allowed to be requested via
this application instance to avoid Host: header forgery attacks.
2015-05-28 15:58:39 +10:00
Damian Mooyman
a978b891e1
BUG Fix handling of empty parameter token
2015-05-28 10:13:10 +12:00
Damian Mooyman
75137dbab2
Ensure only trusted proxy servers have control over certain HTTP headers
2015-05-28 10:12:46 +12:00
Stevie Mayhew
0d94cf15a5
UPDATE: change all instances of $this->request to use appropriate getter/setter
2015-04-30 11:04:08 +12:00
Damian Mooyman
43f49e8434
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
admin/code/ModelAdmin.php
control/Director.php
model/SQLQuery.php
security/Member.php
tests/control/HTTPTest.php
tests/model/SQLQueryTest.php
tests/security/SecurityTest.php
tests/view/SSViewerTest.php
2015-03-31 19:54:15 +13:00
Damian Mooyman
7f983c2bae
BUG Fix SS-2014-017
2015-03-20 18:27:30 +13:00
Damian Mooyman
db54125262
Deprecate stripslashes_recursively and magic quotes
...
This code is removed from 4.0
2015-03-14 21:24:11 +13:00
Damian Mooyman
319b96b48b
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
docs/en/05_Contributing/01_Code.md
forms/TreeDropdownField.php
model/DataObject.php
security/Member.php
tests/model/DataObjectTest.php
2015-03-11 11:40:06 +13:00
Daniel Hensby
ef818b3b7b
Merge pull request #3970 from tractorcow/pulls/3.2/api-zero-pagination
...
API enable PaginatedList to be disabled by setting page length to 0
2015-03-09 11:28:36 +00:00
Loz Calver
93dca9aabd
Merge pull request #3934 from dhensby/pulls/cofig-lru-fix
...
Change the LRU cache to a simple in-memory model
2015-03-09 09:31:04 +00:00
Simon Welsh
1d135552cf
Change the LRU cache to a simple in-memory model
...
Slight memory increase when there are lots of additions for much better performance in every case.
2015-03-09 02:01:24 +00:00
Damian Mooyman
9367fd2456
API enable PaginatedList to be disabled by setting page length to 0
2015-03-05 12:07:14 +13:00
micmania1
6e0afd5b3c
FIX Prevent unnecessary call to config system which doesn't exist yet
...
By passing the Config instantiation through the Injector and service configuration we're unnecessarily calling Config::inst()->get() on a config system which doesn't yet exist.
More specifically it calls Config::inst()->get('Config', 'dependencies') here: 4ae0d90c55/control/injector/Injector.php (L660)
which in turn calls Config::inst()->get('Config', 'extensions').
This jumps through hoops trying to find the cached config for this class using the current Config_LRU class. When it doesn't find it, it then tries to look through the manifests which don't get created or brought from cache until later on in Core.php. Eventually this returns null for both Config::inst()->get() calls.
I ran a quick performance test before and after on an ec2 t2.micro box using siege (concurrency 5, 10 repetitions) and saved 400ms on average response times on a default installation - it would be awesome if somebody could confirm this is actually the case?
2015-03-03 11:35:26 +00:00
Daniel Hensby
bee642a6b9
FIX make class loader classExists check interface_exists as per docs
2015-03-03 00:22:15 +00:00
Will Rossiter
ddec797c1c
Correct PHPDoc for classExists ( Fixes #3904 )
...
classExists() doesn't check for interfaces, comment shouldn't say it does.
2015-03-02 20:15:26 +13:00
Damian Mooyman
dff65867cc
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
control/HTTP.php
control/HTTPResponse.php
docs/en/05_Contributing/01_Code.md
forms/CompositeField.php
forms/FormAction.php
forms/FormField.php
forms/InlineFormAction.php
forms/NumericField.php
forms/TreeDropdownField.php
forms/TreeMultiselectField.php
templates/forms/TreeDropdownField.ss
tests/core/CoreTest.php
tests/forms/NumericFieldTest.php
tests/model/DataDifferencerTest.php
2015-02-20 10:17:19 +13:00
Zauberfisch
aa77e126c7
Fixed infinity loop when searching _ss_environment
2015-02-17 04:33:40 +00:00
zauberfisch
eb98b003b7
Fixed looking for _ss_environment.php in root dir and removed redundant code
2015-02-13 23:30:29 +00:00
JorisDebonnet
047fe3a410
BUG Include php version in default cache folder name
...
Update CoreTest.php
2015-02-12 17:29:45 +13:00
Loz Calver
eed709384d
FIX: dev/build not flushing manifests if site is in a subfolder
2015-02-11 19:59:22 +00:00
Damian Mooyman
88fdc75456
Merge remote-tracking branch 'composer/3.1' into 3
...
Conflicts:
.editorconfig
docs/en/00_Getting_Started/00_Server_Requirements.md
docs/en/00_Getting_Started/01_Installation/04_Other_installation_Options/Windows_IIS7.md
docs/en/00_Getting_Started/01_Installation/04_Other_installation_Options/Windows_Platform_Installer.md
docs/en/00_Getting_Started/04_Directory_Structure.md
docs/en/00_Getting_Started/index.md
docs/en/01_Tutorials/01_Building_A_Basic_Site.md
docs/en/01_Tutorials/02_Extending_A_Basic_Site.md
docs/en/01_Tutorials/03_Forms.md
docs/en/01_Tutorials/04_Site_Search.md
docs/en/01_Tutorials/05_Dataobject_Relationship_Management.md
docs/en/01_Tutorials/index.md
docs/en/02_Developer_Guides/00_Model/01_Data_Model_and_ORM.md
docs/en/02_Developer_Guides/00_Model/11_Scaffolding.md
docs/en/02_Developer_Guides/01_Templates/06_Themes.md
docs/en/02_Developer_Guides/03_Forms/How_Tos/Simple_Contact_Form.md
docs/en/02_Developer_Guides/05_Extending/05_Injector.md
docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
docs/en/02_Developer_Guides/10_Email/index.md
docs/en/02_Developer_Guides/11_Integration/01_RestfulService.md
docs/en/02_Developer_Guides/12_Search/01_Searchcontext.md
docs/en/02_Developer_Guides/14_Files/index.md
docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/03_CMS_Layout.md
docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/06_Javascript_Development.md
docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_CMS_Tree.md
docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_Site_Reports.md
docs/en/02_Developer_Guides/18_Cookies_And_Sessions/01_Cookies.md
docs/en/04_Changelogs/3.1.9.md
docs/en/05_Contributing/00_Issues_and_Bugs.md
docs/en/05_Contributing/02_Release_Process.md
docs/en/05_Contributing/03_Documentation.md
filesystem/File.php
filesystem/GD.php
model/DataDifferencer.php
model/Versioned.php
security/BasicAuth.php
security/Member.php
tests/filesystem/FileTest.php
tests/forms/uploadfield/UploadFieldTest.php
tests/model/VersionedTest.php
tests/security/BasicAuthTest.php
2015-01-15 18:52:46 +13:00
Damian Mooyman
19549d620f
Moved deprecation of SQLQuery to 4.0
2014-12-04 09:30:50 +13:00
Jonathon Menz
01989aac4e
FIX: Manifest flushing
...
Fixes silverstripe/silverstripe-framework#2325
Fixes silverstripe/silverstripe-framework#3093
Static manifest was not being flushed during a dev/build on some environments (without ?flush in URL) and template manifest was never being flushed during a dev/build.
2014-11-26 10:15:09 +10:30
Damian Mooyman
0b1f297873
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
.travis.yml
README.md
admin/code/LeftAndMain.php
admin/css/screen.css
admin/scss/screen.scss
api/RestfulService.php
conf/ConfigureFromEnv.php
control/injector/ServiceConfigurationLocator.php
control/injector/SilverStripeServiceConfigurationLocator.php
core/ClassInfo.php
core/Object.php
css/AssetUploadField.css
css/ComplexTableField_popup.css
dev/CSSContentParser.php
dev/DevelopmentAdmin.php
docs/en/changelogs/index.md
docs/en/misc/contributing/code.md
docs/en/reference/execution-pipeline.md
filesystem/GD.php
filesystem/ImagickBackend.php
filesystem/Upload.php
forms/Form.php
forms/FormField.php
forms/HtmlEditorConfig.php
forms/gridfield/GridFieldDetailForm.php
forms/gridfield/GridFieldSortableHeader.php
lang/en.yml
model/Aggregate.php
model/DataList.php
model/DataObject.php
model/DataQuery.php
model/Image.php
model/MySQLDatabase.php
model/SQLQuery.php
model/fieldtypes/HTMLText.php
model/fieldtypes/Text.php
scss/AssetUploadField.scss
search/filters/SearchFilter.php
security/Authenticator.php
security/LoginForm.php
security/Member.php
security/MemberAuthenticator.php
security/MemberLoginForm.php
security/Security.php
tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsFormsContext.php
tests/control/HTTPTest.php
tests/control/RequestHandlingTest.php
tests/filesystem/UploadTest.php
tests/forms/FormTest.php
tests/forms/NumericFieldTest.php
tests/model/DataListTest.php
tests/model/DataObjectTest.php
tests/model/TextTest.php
tests/security/MemberAuthenticatorTest.php
tests/security/SecurityDefaultAdminTest.php
tests/view/SSViewerCacheBlockTest.php
tests/view/SSViewerTest.php
2014-11-18 12:45:54 +13:00
Damian Mooyman
0a04e2e77b
Merge pull request #3484 from dnadesign/object_has_extension_fix
...
fixed and tested object has_extension
2014-10-24 17:20:00 +13:00
John Milmine
62658a6cca
fixed and tested object has_extension
2014-10-24 16:58:50 +13:00
Damian Mooyman
db0cad4616
BUG ErrorControlChain now supports exception handling
2014-09-26 16:54:34 +12:00
Sean Harvey
f7af0d8955
Merge pull request #3398 from dnadesign/fixsortableheader
...
API: Add ClassInfo::table_for_object_field to return the table name for ...
2014-09-26 11:14:33 +12:00
Will Rossiter
920978df99
API: Add ClassInfo::table_for_object_field
...
Returns the table name for a field in a class hierarchy.
This issue raised itself with GridFieldSortableHeader not supporting sorting on fields from parent class fields.
2014-09-26 10:38:31 +12:00
Sean Harvey
99f8fb29b5
Merge pull request #3507 from tractorcow/pulls/fix-mailer
...
API / FIX / Cleanup - Mailer and Convert::html2raw
2014-09-26 10:15:18 +12:00
Damian Mooyman
bf4e9eb044
API Singleton method allowing type inference
...
This pattern improves over the current usage of singleton by allowing type inference.
This also better supports refactor, code usage detection, and auto-completion of classes.
2014-09-26 09:10:25 +12:00
Damian Mooyman
29e3347562
API Convert::html2raw no longer wraps text automatically
...
BUG Convert::html2raw now correctly decodes single quotes
2014-09-25 16:04:48 +12:00
Sean Harvey
07eef2ece2
Removing deprecated class/functions marked for deprecation in 3.0/3.1
2014-08-25 12:06:05 +12:00
Sean Harvey
2b316e79e5
NEW Provide a consistent way of triggering flush
...
Provides an interface for classes to implement their own flush()
functionality. This function gets called early in a request on
all implementations of Flushable when flush=1|all is requested in the
URL.
This fix came out of an issue where Requirements combined files were not
being cleaned up after dev/build?flush=1, due to the fact that flush
would only occur when you called it while on a page that used those
combined files, but not in any other contexts. This will now call flush
on any implementors of Flushable regardless of the context of where
flush was called.
2014-08-22 09:24:27 +12:00
Damian Mooyman
eb069e605d
Remove all redundant whitespace
2014-08-19 09:17:15 +12:00
Will Morgan
807755f002
FIX TemplateManifest prevent cache collision
2014-07-28 08:52:11 +12:00
Simon Welsh
c14d58f585
Merge branch '3.1'
...
Conflicts:
.travis.yml
model/ManyManyList.php
model/fieldtypes/DBField.php
2014-07-16 21:24:02 +10:00
Damian Mooyman
d8e9af8af8
API New Database abstraction layer. Ticket #7429
...
Database abstraction broken up into controller, connector, query builder, and schema manager, each independently configurable via YAML / Injector
Creation of new DBQueryGenerator for database specific generation of SQL
Support for parameterised queries, move of code base to use these over escaped conditions
Refactor of SQLQuery into separate query classes for each of INSERT UPDATE DELETE and SELECT
Support for PDO
Installation process upgraded to use new ORM
SS_DatabaseException created to handle database errors, maintaining details of raw sql and parameter details for user code designed interested in that data.
Renamed DB static methods to conform correctly to naming conventions (e.g. DB::getConn -> DB::get_conn)
3.2 upgrade docs
Performance Optimisation and simplification of code to use more concise API
API Ability for database adapters to register extensions to ConfigureFromEnv.php
2014-07-09 18:04:05 +12:00
Damian Mooyman
c26df0b3c6
Revert "BUG Config::merge_array_low_into_high() ignores falsey values"
2014-07-09 09:57:25 +12:00
Sean Harvey
16e546300f
BUG Config::merge_array_low_into_high() ignores falsey values
...
Specific case: LeftAndMain::$session_keepalive_ping = true cannot be
set to false in config.yml for some cases because the value is ignored
when merge_array_low_into_high() is processing the config arrays.
2014-07-08 15:18:26 +12:00
Damian Mooyman
c30111eee3
Better encoding of javascript
...
Fixes #2988
2014-07-07 09:01:53 +12:00
Damian Mooyman
d3c7e41419
BUG using isDev or isTest query string no longer triggers basic auth
2014-07-02 11:51:51 +12:00
Damian Mooyman
ef03dfdd5b
Merge remote-tracking branch 'origin/3.1'
2014-06-17 18:17:24 +12:00
Loz Calver
3d71a22a98
FIX: ClassManifest errors if files contain duplicate class names ( fixes #3210 )
2014-06-16 22:18:18 +01:00
Ingo Schommer
bb03f6ba2f
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
forms/HtmlEditorField.php
2014-06-15 22:50:20 +12:00
Ingo Schommer
ec325a3c7f
API Fix HTTPS proxy header detection
...
Didn't use the de facto standard HTTP_X_FORWARDED_PROTO or the less standard HTTP_FRONT_END_HTTPS.
Removed the 'X-Forwarded-Proto', since PHP should prefix/underscore all HTTP headers before it hits $_SERVER.
References:
- https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header
- https://drupal.org/node/1859252
- https://drupal.org/node/313145
- http://scottwb.com/blog/2013/02/06/always-on-https-with-rails-behind-an-elb/
2014-05-22 18:34:15 +12:00
Damian Mooyman
ec578e5c8a
Merge remote-tracking branch 'origin/3.1'
2014-05-12 11:32:22 +12:00
Ingo Schommer
a05d8113af
Merge pull request #3103 from simonwelsh/configstatic_nextstring
...
Adds to nextString() method to ConfigStaticManifest
2014-05-09 16:08:19 +12:00