Commit Graph

16527 Commits

Author SHA1 Message Date
Daniel Hensby
3fa84cf0c6 [SS-2016-007] FIX Encode user supplied URL for embeding into page 2016-08-15 15:03:42 +12:00
Damian Mooyman
049cdefacf [ss-2016-015] Fix value / title escaping in CheckboxSetField and OptionsetField 2016-08-15 15:02:58 +12:00
Daniel Hensby
fa7f5af861 [SS-2016-014] FIX Autologin cookies are ignored if autologin is disabled 2016-08-15 15:02:53 +12:00
Daniel Hensby
83e3302c04 [SS-2016-013] FIX Uncasted member name 2016-08-15 15:02:47 +12:00
Daniel Hensby
6d41db77fa [SS-2016-011] ChangePasswordForm does not check $member->canLogin before login
This could be used as a way to circumvent login restrictions by using the change password feature to log users in that are unable to login for reasons other than too many password attempts
2016-08-15 15:02:41 +12:00
Daniel Hensby
f85dea2e6d [SS-2016-008] Reset Member::Salt on password change 2016-08-15 15:02:36 +12:00
Damian Mooyman
bf19806f50 Update translations 2016-08-15 15:00:58 +12:00
Damian Mooyman
1a03bdba7a Added 3.2.5-rc2 changelog 2016-08-15 14:17:41 +12:00
Damian Mooyman
12a6b357e7 [ss-2016-015] Fix value / title escaping in CheckboxSetField and OptionsetField 2016-08-15 14:14:42 +12:00
Daniel Hensby
b1f449762b [SS-2016-014] FIX Autologin cookies are ignored if autologin is disabled 2016-08-15 14:07:57 +12:00
Daniel Hensby
281b0de571 [SS-2016-013] FIX Uncasted member name 2016-08-15 14:07:51 +12:00
Daniel Hensby
2b30ade44d [SS-2016-011] ChangePasswordForm does not check $member->canLogin before login
This could be used as a way to circumvent login restrictions by using the change password feature to log users in that are unable to login for reasons other than too many password attempts
2016-08-15 14:07:40 +12:00
Daniel Hensby
dc47f7ec9a [SS-2016-008] Reset Member::Salt on password change 2016-08-15 14:07:24 +12:00
Damian Mooyman
63937aa124 Update translations 2016-08-15 14:01:09 +12:00
Damian Mooyman
b2a7170c64 Added 3.1.20-rc2 changelog 2016-08-15 13:41:31 +12:00
Damian Mooyman
62a242154e [ss-2016-015] Fix value / title escaping in CheckboxSetField and OptionsetField 2016-08-15 13:24:06 +12:00
Daniel Hensby
1c7d5de51b [SS-2016-014] FIX Autologin cookies are ignored if autologin is disabled 2016-08-15 13:24:06 +12:00
Daniel Hensby
6817c57f64 [SS-2016-013] FIX Uncasted member name 2016-08-15 13:21:14 +12:00
Daniel Hensby
6606d98663 [SS-2016-011] ChangePasswordForm does not check $member->canLogin before login
This could be used as a way to circumvent login restrictions by using the change password feature to log users in that are unable to login for reasons other than too many password attempts
2016-08-15 13:20:02 +12:00
Daniel Hensby
298f61521c [SS-2016-008] Reset Member::Salt on password change 2016-08-15 13:19:02 +12:00
Damian Mooyman
4d9f929ca3 Update translations 2016-08-15 13:12:49 +12:00
Damian Mooyman
3c1a5d2a46 Merge pull request #5872 from dhensby/pulls/3/injector-for-cmslogin
FIX Use create syntax for CMSMemberLoginForm remember me form
2016-08-12 14:10:56 +12:00
Damian Mooyman
14e0cd52bd Merge pull request #5869 from micmania1/patch-11
FIX don't look in node_modules
2016-08-12 13:52:23 +12:00
Daniel Hensby
b40d2beac6 Merge pull request #5884 from jonom/fix-can-filter
FIX include related fields on filter/sort check
2016-08-11 19:34:49 +01:00
Jonathon Menz
d4114b3dce FIX include related fields on canFilter() check
closes #5576
2016-08-11 10:26:18 -07:00
Daniel Hensby
56f0b72e8d
FIX ETag header now properly quoted 2016-08-11 15:49:29 +01:00
Daniel Hensby
86add3e021
FIX Use create syntax for CMSMemberLoginForm remember me form 2016-08-07 20:20:20 +01:00
Damian Mooyman
7de5b998e1 Merge 3.4 into 3 2016-08-05 19:12:25 +12:00
Damian Mooyman
f0b32f1483 Merge 3.4.1 into 3.4 2016-08-05 19:11:55 +12:00
Damian Mooyman
2299b8e67a Added 3.4.1-rc1 changelog 2016-08-05 18:52:14 +12:00
Damian Mooyman
eb11c47d1c Update translations 2016-08-05 17:57:46 +12:00
Damian Mooyman
ca754eb887 Merge 3.3 into 3.4
# Conflicts:
#	admin/javascript/lang/fa_IR.js
#	admin/javascript/lang/it.js
#	admin/javascript/lang/src/fa_IR.js
#	admin/javascript/lang/src/it.js
#	lang/cs.yml
#	lang/eo.yml
#	lang/fa_IR.yml
#	lang/fi.yml
#	lang/it.yml
#	lang/sk.yml
2016-08-05 16:48:26 +12:00
Damian Mooyman
e1352b6494 Merge 3.3.3 into 3.3 2016-08-05 16:41:13 +12:00
Damian Mooyman
958344eb5d Added 3.3.3-rc1 changelog 2016-08-05 16:33:22 +12:00
Damian Mooyman
0d5ae23f2b Merge 3.2 into 3.3 2016-08-05 14:36:35 +12:00
Damian Mooyman
66668450ed Merge 3.2.5 into 3.2 2016-08-05 14:33:10 +12:00
Damian Mooyman
6e6451fa71 Added 3.2.5-rc1 changelog 2016-08-05 13:24:35 +12:00
Damian Mooyman
cb39f2ef27 Merge 3.1 into 3.2
# Conflicts:
#	admin/javascript/lang/cs.js
#	admin/javascript/lang/de.js
#	admin/javascript/lang/eo.js
#	admin/javascript/lang/es.js
#	admin/javascript/lang/fa_IR.js
#	admin/javascript/lang/fi.js
#	admin/javascript/lang/fr.js
#	admin/javascript/lang/id.js
#	admin/javascript/lang/id_ID.js
#	admin/javascript/lang/it.js
#	admin/javascript/lang/ja.js
#	admin/javascript/lang/lt.js
#	admin/javascript/lang/mi.js
#	admin/javascript/lang/nb.js
#	admin/javascript/lang/nl.js
#	admin/javascript/lang/pl.js
#	admin/javascript/lang/ro.js
#	admin/javascript/lang/ru.js
#	admin/javascript/lang/sk.js
#	admin/javascript/lang/sl.js
#	admin/javascript/lang/sr.js
#	admin/javascript/lang/sr@latin.js
#	admin/javascript/lang/sr_RS.js
#	admin/javascript/lang/sr_RS@latin.js
#	admin/javascript/lang/src/cs.js
#	admin/javascript/lang/src/de.js
#	admin/javascript/lang/src/eo.js
#	admin/javascript/lang/src/es.js
#	admin/javascript/lang/src/fa_IR.js
#	admin/javascript/lang/src/fi.js
#	admin/javascript/lang/src/fr.js
#	admin/javascript/lang/src/id.js
#	admin/javascript/lang/src/id_ID.js
#	admin/javascript/lang/src/it.js
#	admin/javascript/lang/src/ja.js
#	admin/javascript/lang/src/lt.js
#	admin/javascript/lang/src/mi.js
#	admin/javascript/lang/src/nb.js
#	admin/javascript/lang/src/nl.js
#	admin/javascript/lang/src/pl.js
#	admin/javascript/lang/src/ro.js
#	admin/javascript/lang/src/ru.js
#	admin/javascript/lang/src/sk.js
#	admin/javascript/lang/src/sl.js
#	admin/javascript/lang/src/sr.js
#	admin/javascript/lang/src/sr@latin.js
#	admin/javascript/lang/src/sr_RS.js
#	admin/javascript/lang/src/sr_RS@latin.js
#	admin/javascript/lang/src/sv.js
#	admin/javascript/lang/src/zh.js
#	admin/javascript/lang/sv.js
#	admin/javascript/lang/zh.js
#	javascript/lang/fa_IR.js
#	javascript/lang/src/fa_IR.js
2016-08-05 11:41:04 +12:00
Damian Mooyman
3fb3a1bd7d Merge 3.1.20 into 3.1 2016-08-05 11:31:56 +12:00
Damian Mooyman
ec969c21e6 Added 3.1.20-rc1 changelog 2016-08-05 11:17:57 +12:00
Damian Mooyman
9805544cee Update translations 2016-08-05 11:06:51 +12:00
Michael Strong
5fcdf8c313 FIX don't look in node_modules
Its a scary place. And can sometimes take 5 minutes+ to get back out.
2016-08-04 22:54:34 +12:00
Damian Mooyman
e683c97f6e Merge pull request #5867 from andrewandante/MINOR_getAuthenticator-returns-default
Modify getAuthenticator to fall back to get_default_authenticator
2016-08-03 12:07:35 +12:00
Andrew Aitken-Fincham
66f2e6811b modify getAuthenticator to fall back to get_default_authenticator 2016-08-03 10:36:43 +12:00
Daniel Hensby
d083c9622a Merge pull request #4394 from simonwinter/patch-1
Update 05_Typography.md
2016-08-02 21:27:56 +01:00
Daniel Hensby
af3412a4c2 Merge pull request #5340 from dnadesign/fixToGridFieldLoadingWrongCurrentPage
fix to grid field loading wrong current page id when using multiple tabs
2016-08-02 12:44:11 +01:00
Daniel Hensby
e7c6509196
Merge remote-tracking branch 'cow/pulls/3.3/check-isset-config' into 3.3 2016-08-02 12:00:04 +01:00
Damian Mooyman
cd80d501f9
BUG Fix unset config options returning isset() = true
Fixes #4791
2016-08-02 18:07:55 +12:00
Daniel Hensby
992413ef59 Merge pull request #5855 from tractorcow/pulls/3.4/fix-mysql-privileges
BUG Fix permission checking code not correctly handling escaped SQL identifiers
2016-08-01 09:48:17 +01:00
Damian Mooyman
7d0b8e6520 BUG Fix permission checking code not correctly handling escaped SQL identifiers
Fixes https://github.com/silverstripe/silverstripe-installer/issues/96
2016-08-01 18:15:30 +12:00