Commit Graph

20848 Commits

Author SHA1 Message Date
Simon Gow
c28670ebed #8724 - Session timeout regression
Only emit the session refresh cookie if the session timeout is set.
2019-01-18 10:07:53 +13:00
Simon Gow
af08328e8e Existing sessions need to set a new cookie on each request, if the
session exists, otherwise our expiry is never updated and sessions
can't roll on every request.
2019-01-17 17:37:35 +13:00
Robbie Averill
544f9e13c1
Merge pull request #8703 from jchenevey/4.3
CustomMethods->removeMethodsFrom Warnings
2019-01-09 00:16:12 +01:00
Robbie Averill
068c240d38
Update src/Core/CustomMethods.php
Co-Authored-By: jchenevey <jchenevey@users.noreply.github.com>
2019-01-08 15:27:38 -05:00
Joe Chenevey
3730d84d18
Update CustomMethods.php
Switch to an early `continue` rather than wrapping contents of `foreach` in an `if` and indenting.
2019-01-08 15:24:21 -05:00
Joe Chenevey
afceccb9a6
CustomMethods->removeMethodsFrom Warnings
Check to ensure `self::$extra_methods[$class][$method]` exists before trying to retrieve its value. Silences warnings generated by updating a controller's failover.
2019-01-08 15:14:23 -05:00
Robbie Averill
937d73fefc Merge branch '4.2' into 4.3
# Conflicts:
 #	docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md
 #	lang/en.yml
2019-01-08 12:25:48 +01:00
Robbie Averill
280222abbe Merge branch '4.1' into 4.2
# Conflicts:
 #	docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md
2019-01-08 12:22:20 +01:00
Robbie Averill
802261aa4b Merge branch '4.0' into 4.1
# Conflicts:
 #	docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md
2019-01-08 12:21:27 +01:00
Robbie Averill
4128ae74b4
Merge pull request #8701 from creative-commoners/pulls/4.3/730-stable
Update Travis to use PHP 7.3 stable
2019-01-08 11:10:51 +01:00
Robbie Averill
4adac7d591 Update Travis to use PHP 7.3 stable 2019-01-08 10:47:41 +01:00
Serge Latyntsev
600918fe39
Merge pull request #8639 from caffeineinc/bugfix/4-duplicate-session-headers-8543
Stop duplicate session cookies on every request.
2018-12-19 13:56:24 +13:00
Simon Gow
d01585cc98 #8543 Resolve Duplicate Headers
- fix linting
2018-12-19 12:39:32 +13:00
Simon Gow
1edfa4d956 #8543 Resolve Duplicate Headers
- Replace session name lookup with function to also check secure cookies
- Added timeout which defaults to 0 (same as PHP)
- Removed php7 style of session_start from PR
- moved session_start into headers sent block to prevent warnings.
2018-12-19 12:39:32 +13:00
Simon Gow
4eb6669c08 #8543 Resolve Duplicate Headers
Put cookie_lifetime back into the session parameters.
2018-12-19 12:39:32 +13:00
Simon Gow
2deb8f4176 Resolve Duplicate Headers
Ensure only a single Set-Cookie header is returned from Session once
we have data to save. Include backwards compatibility for PHP56
2018-12-19 12:39:32 +13:00
Maxime Rainville
7d1aa44786
Merge pull request #8654 from creative-commoners/pulls/4.3/password-complexity-test-fixes
Update tests to pass in CWP kitchen sink context
2018-12-13 16:50:25 +13:00
Daniel Hensby
1644765a9f Rebase against satis changes (#8298) 2018-12-13 16:49:12 +13:00
Damian Mooyman
22314de559 DOCS Update security release docs / satis instructions (#7681)
* DOCS Update security release docs / satis instructions

* Update based on testing
2018-12-13 15:50:50 +13:00
Guy Marriott
020c6fd479
Merge pull request #8663 from open-sausages/pull/4.3/wait-for-loading-after-step
FIX behat CmsUiContext waits for cms-loading-container after step
2018-12-12 18:26:31 +13:00
Aaron Carlino
ab116cd5d9 Merge branch '4.1' into 4.2 2018-12-12 15:56:53 +13:00
Aaron Carlino
8e8a8cae9f Update changelog 2018-12-12 14:54:31 +13:00
Aaron Carlino
4ff891fc87 Add changelog 2018-12-12 14:21:23 +13:00
Aaron Carlino
2f9dae2c71 Add changelog 2018-12-12 14:11:21 +13:00
Aaron Carlino
00e996f164 Add changelog 2018-12-12 13:47:17 +13:00
Aaron Carlino
9939719ae3 Update translations 2018-12-12 12:50:47 +13:00
Aaron Carlino
90a50649dd Update translations 2018-12-12 12:34:51 +13:00
Aaron Carlino
fed9afb046 Update translations 2018-12-12 12:21:17 +13:00
Robbie Averill
8bd747d12a [SS-2018-020] Ensure that table names are escaped to prevent possible SQL injection 2018-12-11 20:56:55 +13:00
Robbie Averill
fecedc2d98 [SS-2018-020] Ensure that table names are escaped to prevent possible SQL injection 2018-12-11 20:56:40 +13:00
Robbie Averill
48bd335648 [SS-2018-020] Ensure that table names are escaped to prevent possible SQL injection 2018-12-11 20:55:58 +13:00
Serge Latyntcev
f7846fc34c FIX behat CmsUiContext waits for cms-loading-container after step 2018-12-10 16:49:57 +13:00
Robbie Averill
08866f89d9 Merge branch '4.2' into 4.3 2018-12-06 09:40:05 +00:00
Robbie Averill
96bd17d469 Merge branch '4.1' into 4.2 2018-12-06 09:38:45 +00:00
Robbie Averill
3f532466d1 Merge branch '4.0' into 4.1 2018-12-06 09:37:52 +00:00
Guy Marriott
6edcbe9086
Merge pull request #8592 from open-sausages/pulls/4.0/tree-multiselect-null
FIX TreeMultiselectField passes value 'unchanged' as null to ORM
2018-12-06 14:23:48 +13:00
Robbie Averill
1ac36611a6 Update tests to pass in CWP kitchen sink context 2018-12-02 23:04:34 +00:00
Maxime Rainville
731ef00f7a
Merge pull request #8627 from creative-commoners/pulls/4.3/abstr-action-state
FIX Provide alternatives to session for storing GridField_FormAction state
2018-12-03 11:58:05 +13:00
Guy Marriott
c7b5b1efd2
FIX Switching to use Controller::curr as it was using previously 2018-11-30 15:40:45 +13:00
Guy Marriott
32d096d9e5
DOCS Moving interface subscription to the abstract and adding a changelog entry 2018-11-30 15:40:45 +13:00
Guy Marriott
aace1da1f0
DOCS Adding notes on configuring the storage method for GridField_FormActions 2018-11-30 15:40:45 +13:00
Guy Marriott
ddaa22986f
Updating StateStore interface not to define a constructor & fixing GridFieldFilterHeader to add required attributes 2018-11-30 15:40:45 +13:00
Guy Marriott
b4c8f699eb
FIX Provide alternatives to session for storing GridField_FormAction state 2018-11-30 15:40:45 +13:00
Serge Latyntcev
4ee63eb4e7 TreeMultiselectFieldTest / make scrutinizer happy 2018-11-29 12:13:56 +13:00
Serge Latyntcev
38f8217f01 TreeMultiselectFieldTest / setUp is protected in PHPUnit5 2018-11-29 09:55:28 +13:00
Robbie Averill
41dc9229bf FIX Reverting ExtensionTestState and Extensible extra methods modifications to prevent PHP 5.6 segfault (#8581)
* API Revert addition of Extensible::flush_extra_methods_cache() and change to ExtensionTestState

This reverts the changes from #8465 and #8505 that relate to ExtensionTestState and the
tracking of extra methods between unit tests. The existing test from #8465 testing
overloaded Extensions after extra_methods are populated has been updated to show that you
must re-add the extension to flush the extra_methods cache if you need this behaviour.

* Revert change to InjectorTest::testExtendedExtensions

* Revert "Add failing test to show that overloaded extensions are broken in Extensible"

This reverts commit 55e79ffdfd.

* DOCS Add docs for extending extensions, and upgrade guide note to 4.3 to avoid using PHP config to do so
2018-11-26 12:00:02 +13:00
Guy Marriott
84c8dace7d
Merge pull request #8621 from open-sausages/pulls/4.3/tweak-site-tree-search
FIX Explicity mark nodes when searching
2018-11-23 16:14:46 +13:00
Serge Latyntcev
f526c794fc Minor / Refactor php tests for TreeMultiselectField 2018-11-23 16:03:44 +13:00
Serge Latyntcev
9ce6d91b76 FIX / TreeMultiselectField::objectForKey handles list of IDs correctly 2018-11-22 12:11:18 +13:00
Maxime Rainville
d74af1c17e FIX Explicity mark nodes when searching nodes in TreeDropdownField #8621 2018-11-21 11:43:21 +13:00