1606 Commits

Author SHA1 Message Date
Stig Lindqvist
bbe3879eaa BUGFIX: Member::mapInGroups() throws SQL error
Renamed the Member::mapInGroups() to Member::map_in_groups() since it's a static method and throws deprecation message if using the old variant.
Rewrote the mapInGroups to use a more ORMy way of fetching Members for a set of groups and included a test for.
2012-05-10 13:53:54 +12:00
Sean Harvey
7dcfdb05fa MINOR Fixing broken test on PHP 5.4 2012-05-10 13:40:35 +12:00
Sean Harvey
68c5066adf MINOR Remove old _ALL_CLASSES from old manifest builder (has been replaced since) 2012-05-10 13:25:04 +12:00
Sean Harvey
a1d676d353 BUGFIX Ensure PHPUnit 3.6 is available, show a nice message if not 2012-05-09 23:40:25 +12:00
Sean Harvey
b1e17578c7 API CHANGE Removed assertType() and assertEmpty() workarounds. Use assertInstanceOf()
instead of assertType(), assertEmpty() is available in PHPUnit 3.5+.
PHPUnit 3.4 is no longer supported, so please upgrade your version to
work.

MINOR Removed FullTestSuite which was a workaround for PHPUnit but not
used.
2012-05-09 23:05:39 +12:00
Sean Harvey
8b607db0a2 BUGFIX Fixing bootstrap.php to work with FakeController properly for
running tests using phpunit.xml file.
2012-05-09 23:05:38 +12:00
Ingo Schommer
41b51a17ce MINOR Isolating testRaw2URL settings 2012-05-08 22:13:03 +02:00
Ingo Schommer
8281678d4c BUGFIX Urlencode paths in URLSegmentFilter when $allowMultibyte=true to avoid creating invalid URLs (and breaking assumptions based on ascii-only URLs, such as static publishing filename creation) 2012-05-08 15:32:15 +02:00
Sean Harvey
5bce3425b4 Merge pull request #401 from chillu/is-absolute-url
Director::is_absolute_url() security fixes
2012-05-07 18:47:03 -07:00
Ingo Schommer
15e8e10f5e Merge pull request #411 from ajoneil/blowfish
MINOR: Fix coding conventions
2012-05-07 15:56:03 -07:00
Andrew O'Neil
0c0a91e3c1 MINOR: Fix coding conventions 2012-05-08 10:33:03 +12:00
Sean Harvey
bb9ffd2eb1 ENHANCEMENT SQLQuery::selectField() returns a SQLQuery object to be
consistent with how the other add/set methods work.
MINOR Fixing DbDatetimeTest to use the correct selectField to select an
alias
2012-05-07 16:59:42 +12:00
Sam Minnée
0a5616a208 Merge pull request #408 from ajoneil/blowfish
Fix blowfish encryption
2012-05-06 20:34:46 -07:00
Andrew O'Neil
5cf3720bf0 ENHANCEMENT: Use the best blowfish encryption available - this fixes fragility between PHP versions and system installations 2012-05-07 15:04:09 +12:00
Andrew O'Neil
89fc8e5fdd APICHANGE: PasswordEncryptor::check() allows for more powerful password checking, deprecating PasswordEncryptor::compare() 2012-05-07 15:03:53 +12:00
Sean Harvey
051d9de482 API CHANGE Deprecated internal access to SQLQuery properties, update core code to reflect these changes.
Using set/add instead in accessor methods, and use Database::sql*ToString() to allow easier per-database adapter SQL overloading.
2012-05-07 14:21:44 +12:00
Sean Harvey
a79032c57f MINOR Fixing broken test on Windows 2012-05-04 22:48:47 +12:00
Ingo Schommer
d5b3dbc6fb SECURITY Return true for Director::is_absolute_url() checks if they're prefixed with two or more slashes (as browsers interpret this as a valid URL)
SECURITY More solid URL checks in Director::is_site_url(), using a conservative parse_url() hostname comparison rather than Director::makeRelative(), which is not designed for security purposes
2012-05-04 12:10:59 +02:00
Ingo Schommer
68051fdb96 Merge pull request #371 from halkyon/sapphire
---

Dont start the session until its actually necessary, which is to say there is a cookie available with the current PHP session name (or a request variable with the session_name() - typically PHPSESSID.) The latter allows for passing session ID through as an alternative to cookies.
2012-05-03 14:58:09 +02:00
Normann Lou
3b3b515571 API CHANGE Read-only fields no longer include companion hidden fields (see pull request #399)
BUGFIX Remove legacy code and template which is never picked-up so that TextareaField becomes 'readonly' when it is transfered to readonly field. Change TextareaFieldTest test cases to address a 'readonly' textarea field displaying the special html characters correctly.
2012-05-03 14:24:03 +02:00
Sean Harvey
450bc258d8 MINOR Fixing broken SQLQueryTest cases 2012-05-03 13:09:50 +12:00
Sean Harvey
521d436b45 MINOR Fixing broken test in pgsql 2012-05-03 11:22:54 +12:00
Sean Harvey
151abde17d Merge pull request #388 from chillu/trac/7170-i18n-sprintf-injections
#7170 i18n sprintf injections
2012-05-02 16:18:30 -07:00
Sean Harvey
6483cdd204 Merge pull request #382 from chillu/trac/7217-group-default-on-member
Group default on member (#7217)
2012-05-01 21:43:05 -07:00
Andrew O'Neil
fa60f9e8b2 ENHANCEMENT: Implement blowfish encryption and use it by default. (#7111) 2012-05-02 13:51:29 +12:00
Ingo Schommer
7b18d9d0da MINOR Switching _t() calls from sprintf() to using injection parameters (#7170) 2012-05-01 22:17:00 +02:00
Ingo Schommer
e949b6f2b0 ENHANCEMENT Backwards compatible $priority parameter for i18n::_t(): Allow numeric arrays as parameters, as well as %s style replacements with a named parameter map (easier transition to new system with existing translation strings) 2012-05-01 22:17:00 +02:00
Sam Minnee
2207e3d978 API CHANGE: Add SQLQuery::prepareSelect(), to further remove the need for direct property access.
API CHANGE: Change the format of SQLQuery::$select to use aliases as keys.
2012-05-01 18:15:11 +12:00
Sam Minnee
a8e8a6060a BUGFIX: Fixed errors caused by complex raw SQL sort() calls. (#7236) 2012-05-01 18:15:08 +12:00
Sam Minnee
8661164c19 API CHANGE: Add SQLQuery::clearSelect(), SQLQuery::selectField() and SQLQuery::itemisedSelect() to make it easier for other subsystems to use SQLQuery without resorting to direct property access.
API CHANGE: Remove DataQuery::select() in place of DataQuery::selectField().
BUGFIX: Remove direct property access to SQLQuery::$select
2012-05-01 17:57:39 +12:00
Sean Harvey
0882741f54 API CHANGE Renamed setModel for DataModel instances to setDataModel for
semantics, and also to allow a field name called "Model"
2012-05-01 14:45:44 +12:00
Ingo Schommer
517a0c9e48 MINOR Moving FakeController class (required for bootstrap.php) into its own file, so that autoloading doesn't execute bootstrap (which is the case when invoking TestRunner->module()) 2012-04-30 15:04:59 +02:00
Ingo Schommer
72eadef113 ENHANCEMENT GridFieldDetailForm->setItemEditFormCallback() 2012-04-30 13:46:51 +02:00
Ingo Schommer
fed2785173 ENHANCEMENT Per-instance customisation of GridFieldDetailForm_ItemRequest 2012-04-30 12:31:17 +02:00
Robert Curry
ff6909df97 ENHANCEMENT: Add lazy loading to DataQuery. 2012-04-30 16:12:15 +12:00
Sean Harvey
f63d137d49 ENHANCEMENT Session::start() now only called when there is changed
session data to be saved, and started on Director::direct() when there
is a cookie (or request var) containing the current PHP session name.
2012-04-27 16:28:46 +12:00
Will Rossiter
9938b64cf6 FEATURE: implement SS_Sortable->reverse()
API CHANGE: SQLQuery:: now an array object rather than string. Existing strings will continue to work
2012-04-27 15:54:14 +12:00
Sean Harvey
8a6671d72e BUGFIX Member::onChangeGroups() should allow ADMIN permission grant if the logged in user is an ADMIN 2012-04-27 12:27:46 +12:00
Sean Harvey
bb20587f01 ENHANCEMENT GridFieldExportButton allows an anon function to return the
value of a related object. Useful for handling has_many/many_many data
in a single CSV column.
2012-04-23 20:26:41 +12:00
Mateusz Uzdowski
6469d83569 API CHANGE: add a remote relation class getter to DataObject 2012-04-23 15:01:55 +12:00
Sean Harvey
a3e43171cf MINOR Fixed broken DataExtensionTest 2012-04-20 15:41:51 +12:00
Sean Harvey
007ed25c0b MINOR Fixing broken tests 2012-04-20 15:05:18 +12:00
Sam Minnee
8e48e6e231 API CHANGE: Allow <classname>::get(), eg, Member::get()->byID(5) 2012-04-20 14:58:24 +12:00
Robert Curry
ee53df336d BUGFIX: Removed assumption in GridFieldDataColumnsTest that Member would always have the same summary fields. 2012-04-20 11:38:06 +12:00
Will Rossiter
585417d141 Merge pull request #343 from halkyon/object_static_remove_deprecation
BUGFIX Remove calls to deprecated Object static methods, update ConfigTest
2012-04-19 14:41:45 -07:00
Robert Curry
842784c8aa ENHANCEMENT: Fixes #7010. Move DisplayFields, FieldCasting and FieldFormatting functions from GridField to GridFieldDataColumns. 2012-04-19 12:44:59 +12:00
Mateusz Uzdowski
a9e7de0cf4 BUGFIX: make UploadField aware of relations to derived classes (os7140)
UploadField was relying entirely on the File::get_class_for_file_extension to
select a class, so it could only create File or Image objects. This
would break the relationships based on derived objects. Also make it
respect the FileField::relationAutoSetting.
2012-04-19 12:18:36 +12:00
Mateusz Uzdowski
a2c9c409a8 BUGFIX: fixed asserts and file cleanup
DataObject::get_one returns false if not found, so better check for
object. Also, the directory would not be cleaned, so on the subsequent
run the files could end up having suffixes.

missed this one
2012-04-19 12:13:02 +12:00
Ingo Schommer
a1327faae4 Merge pull request #344 from halkyon/remove_deprecated_extrastatics_usage
ENHANCEMENT Remove use of deprecated extraStatics in core files
2012-04-18 15:42:51 -07:00
Sean Harvey
4cf8db3ee4 ENHANCEMENT Remove use of deprecated extraStatics in core files 2012-04-19 08:37:51 +12:00