Commit Graph

1939 Commits

Author SHA1 Message Date
Mateusz U
3ac22ed638 Merge pull request #2182 from hafriedlander/fix/sanitise
FIX HtmlEditorField not re-checking sanitisation server side
2013-07-04 14:56:37 -07:00
Damian Mooyman
a862b4da99 BUG Fixed missing allowed_actions on UploadField_SelectHandler 2013-07-04 12:38:57 +12:00
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Ingo Schommer
d003c96c62 Fixed HTMLEditorField extension call ("updateFieldsForOembed") 2013-07-03 10:15:46 +02:00
Ingo Schommer
09b31c642f Allow Form->forTemplate() URL access (fixes #788)
Need to specifically whitelist URL-accessible actions now.
Used in "Insert Link" form in HtmlEditorField.
Regression from 1edf45fbed
2013-06-25 16:33:00 +02:00
jonom
ffc764dc3c NEW: Allow configuration of initial insertion width for images and media
Moved default insertion dimensions logic from JS to PHP to allow setting through config API
2013-06-24 14:25:16 -06:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Ingo Schommer
da0cc25c3b Merge pull request #2129 from tractorcow/3.1-htmleditor-mediaform-fixes
BUG Fixed issue in file upload via the HTML Editor media dialogue
2013-06-20 02:10:16 -07:00
Damian Mooyman
f47383f52e BUG Fixed issue where file upload via the HTML Editor media dialogue would not prompt users to overwrite existing files 2013-06-20 15:21:18 +12:00
Hamish Friedlander
328467f1b5 FIX: ConfirmedPasswordField used to expose existing hash 2013-06-20 14:09:30 +12:00
Sam Minnée
34287895ef Merge pull request #2099 from chillu/pulls/insert-media-tweaks
Various "Insert Media" dialog tweaks
2013-06-18 21:32:00 -07:00
Ingo Schommer
080da1eefc Removed colons from field labels in "Insert Media" detail screen
We don't use them in other field labels either
2013-06-15 10:13:45 +02:00
Ingo Schommer
91f6255fed Full URL on hover in UploadField detail screen
Works around possible truncation of the URL when it gets too long
2013-06-15 10:13:45 +02:00
Ingo Schommer
4bc2f9bc0d Localization-resilient SCSS selector (fixes #1590) 2013-06-15 10:13:45 +02:00
Ingo Schommer
10a558c882 Hide "delete" button in "Insert Media" dialog 2013-06-15 10:13:44 +02:00
Ingo Schommer
3f295adbdd .field.noborder style, use it in "Insert Media" dialog 2013-06-15 10:13:43 +02:00
Ingo Schommer
7ce9677dcb Moved GridField table padding to buttons
Avoid double padding when no bottom buttons exist
2013-06-15 10:13:43 +02:00
Ingo Schommer
63eb9518d2 Consistent Form setters (returning $this on setHTMLID()) 2013-06-13 07:51:08 +02:00
Ingo Schommer
bfff11eb9c API New CMSForm class to allow validation responses in CMS (fixes #1777)
Thanks to @willmorgan for getting this discussion started
(see https://github.com/silverstripe/sapphire/pull/1814).
2013-06-13 07:51:05 +02:00
Ingo Schommer
ab9e0286f0 Merge pull request #2051 from kinglozzer/candelete-gridfield-fix
Fix: Enable delete button for users with canDelete() but no canEdit() permissions
2013-06-12 02:10:41 -07:00
Mateusz Uzdowski
d1482bee15 Add autocomplete=off switch for the password field.
Some clients require disabling of the browser password handling
mechanisms. Add a switch to make it possible without hacking the core.

No change to default behaviour.
2013-06-12 09:41:18 +12:00
Ingo Schommer
a643f95796 Merge pull request #2080 from tractorcow/3.1-mediadialog-overwrite-hack
BUG Temporarily disable overwrite warning on HtmlEditorField "insert media".
2013-06-11 00:11:39 -07:00
Ingo Schommer
1c150ac3a0 Merge pull request #2044 from jonom/patch-3
FIX #527 : Add Thumbnails to 'Choose another file' dialogue
2013-06-10 05:13:08 -07:00
Damian Mooyman
78bd73d40d BUG Temporarily disable overwrite warning on HtmlEditorField "insert media" dialogue until this feature properly supports validation error recovery. 2013-06-10 15:35:28 +12:00
Damian Mooyman
96023079d5 API Removed user_error when setting missing option on UploadField via setConfig. Added documentation to this function as a replacement for the check. 2013-06-07 14:32:30 +12:00
Loz Calver
dcec30f4e3 Fix: Enable delete button for users with canDelete() but no canEdit() permissions
$form->makeReadonly(); iterates over all fields/actions, disabling the 'delete' button even when the user has permission
2013-06-03 12:31:40 +01:00
jonom
34bc067400 NEW: Add Thumbnails to 'Choose another file' dialogue
Very difficult to choose an image based on file name alone. Added thumbnail and reduced rows from 10 to 8 to compensate for increased height of rows with thumbnail included.
2013-05-31 17:42:03 -05:00
Ingo Schommer
5d97f615ce Merge remote-tracking branch 'origin/3.0' into 3.1 2013-05-31 17:52:24 +02:00
Damian Mooyman
7f057ce343 API UploadField functions on new records
Fixed regression from 1e5d40474d (UploadField::canPreviewFolder).
Merged in pull request #2009 - (6018bdd631).
Merged pull request #1259 (34bfc862ee).
2013-05-27 15:22:59 +12:00
Ingo Schommer
6f2ba3fcac Merge pull request #2009 from sminnee/uploadfield-choose-new-file
NEW 'Choose another file' button on upload field AAS-917
2013-05-25 01:55:26 -07:00
Julian Seidenberg
22c7bbfcd4 NEW UploadField displays a warning before overwriting files (only relevant if config.yml: Upload:replaceFile = true). 2013-05-25 19:07:06 +12:00
jean
6018bdd631 NEW 'Choose another file' button on upload field AAS-917 2013-05-25 18:38:02 +12:00
Simon Erkelens
513270ca48 API: Allow array of fields passed to FieldList::removeByName()
Supports passing an array to removeByName(), which is iterate and then removed. Useful for removing fields from a fieldlist that are not on a tab. Similar to removeFieldsFromTab();
This is cleaner than a new function.
2013-05-25 15:31:30 +12:00
uniun
5596442081 FIX: Form::set_current_action() never gets called. 2013-05-24 11:25:36 +03:00
Ingo Schommer
c85c495848 BUG GridFieldFilterHeader works without non-filterable cols
Previously relied on the presence of a last column which wasn't filterable,
commonly a GridFieldEditButton. If this wasn't present, the filter buttons
were never added, leading to the GridField JS reload request being sent
without the required button form action, so GridFieldFilterHeader->handleAction()
was never called.
2013-05-23 17:48:27 +02:00
Will Rossiter
ddcfcf7bed Update @package, @subpackage labels
Cleanup of framework's use of @package and @subpackage labels and additional of labels for classes missing packages.

Moved all GridField related components to the one name.

Countless spelling fixes, grammar for other comments.

Link ClassName references in file headers.
2013-05-21 22:24:41 +12:00
Ingo Schommer
842dc98681 Added "saves into..." label to UploadField template
CMS users shouldn't need to guess where their files will end up.
2013-05-14 10:39:05 +02:00
Justin Martin
644fa29e41 Include Zend_Locale_Format
Fix Zend_Locale_Format not being included.
2013-05-13 10:55:05 -07:00
Will Rossiter
a99dbae012 FIX: NumericField should work with numbers like 54,6
Fixes http://open.silverstripe.org/ticket/5577.

Uses Zend_Locale_Format::isNumber(). Includes unit test for NumericField. Does not include testing work on DBField underlying NumericField to ensure that works consistently.
2013-05-11 22:51:39 +12:00
Will Rossiter
42cf2a95bd FIX: Add support for multi dimensional source arrays in LookupField (open/6132) 2013-05-11 00:01:39 +12:00
Will Rossiter
94d6b1ccff FIX: Disable autocomplete on ConfirmedPasswordField instances. 2013-05-10 20:32:59 +12:00
Will Rossiter
09fcdb8c31 Coding conventions for ConfirmedPasswordField 2013-05-10 20:23:06 +12:00
Sam Minnée
9672a22166 Merge pull request #1851 from chillu/pulls/form-strict-method-check
Form strict method check
2013-05-08 22:31:40 -07:00
Ingo Schommer
a1216b5e32 Merge pull request #1250 from wilr/gridfield-action-fixes
FIX: Do not blindly pass input values to GridField_FormAction URL's
2013-05-08 04:20:40 -07:00
Ingo Schommer
a9edf47189 Merge pull request #1830 from a2nt/media_dialog_add_url_btn_fix
FIX media dialog add url button fix
2013-05-08 01:42:04 -07:00
Ingo Schommer
14c59be85e API Form::setStrictFormMethodCheck() and strict argument to setFormMethod()
Thanks to @sminnee for getting this started
2013-05-08 10:25:13 +02:00
Simon Welsh
8930304dfc Only set GridField state in request if a value is submitted 2013-05-07 08:15:27 +12:00
a2nt
423c737502 FIX media dialog add url button fix
Use HtmlEditorField.BUTTONADDURL for localization
2013-05-04 03:34:02 +07:00
Ingo Schommer
5ca9db5e5e Limit HtmlEditorField HTMLText casting note to existing fields
This prevents it from failing for proxied values
like BlogEntryForm, where the field name doesn't exist,
and rather gets processed and saved into a different field.
2013-04-29 09:32:05 +02:00
Will Rossiter
a6b0807b9f Merge pull request #1800 from willmorgan/patch-1
Define ConfirmedPassword::$children as a public variable
2013-04-24 16:18:44 -07:00