Commit Graph

2013 Commits

Author SHA1 Message Date
Nicolaas
c8c7ee4a08
DOCS better docblock for TinyMCEConfig::removeButtons 2021-07-18 11:30:29 +01:00
Steve Boyd
f6e8d6e591 Merge branch '4.8' into 4 2021-07-07 14:03:02 +12:00
Steve Boyd
87d076faa6 FIX Cast DBInt value to int 2021-07-06 16:43:54 +12:00
Ingo Schommer
e8c14a9d5b
Merge pull request #10005 from creative-commoners/pulls/4.8/10k
FIX Parse Enums with dots in their values
2021-07-02 09:33:29 +12:00
Steve Boyd
8e803bbcfc FIX Parse Enums with dots in their values 2021-07-01 16:00:08 +12:00
Steve Boyd
0b979dc345 FIX Cache duplicate embeds separately 2021-06-29 12:17:07 +12:00
Steve Boyd
325021c2f8 Merge branch '4.8' into 4 2021-06-21 14:59:01 +12:00
Steve Boyd
e812999632 Merge branch '4.7' into 4.8 2021-06-21 14:58:40 +12:00
Steve Boyd
b625ba99b3 ENH Remove wording for authenticated devices being manageable 2021-06-18 09:50:13 +12:00
Steve Boyd
7ed7ad0254 FIX Ensure changing a password to blank is validated 2021-06-17 12:05:20 +12:00
Steve Boyd
06dbd5237b [CVE-2020-26138] Validate custom multi-file uploads 2021-06-09 09:34:37 +12:00
Steve Boyd
3bb435c241 [CVE-2020-25817] Prevent loading of xml entities 2021-06-09 09:34:26 +12:00
Steve Boyd
9463aaf571 Merge branch '4.8' into 4 2021-06-08 11:49:01 +12:00
Steve Boyd
fb0d769049
Merge pull request #9969 from creative-commoners/480-tag
Security fixes from 4.8.0
2021-06-08 11:47:35 +12:00
David Peck
28b5b803be FIX Defensively copy mocked datetime 2021-06-05 16:46:19 +12:00
Steve Boyd
8024551376 [CVE-2020-26138] Validate custom multi-file uploads 2021-06-02 16:24:23 +12:00
Steve Boyd
7f97734a20 [CVE-2020-25817] Prevent loading of xml entities 2021-06-02 16:24:17 +12:00
Michal Kleiner
2017a20433 FIX Use empty array as a fallback for preg_split within dbtext summary
If the content is invalid for whatever reason e.g. when instantiating
a DBText field to get a summary of text through
`DBField::create_field('Text', $content)->Summary(10)`, preg_split returns
false and the rest of the code expects an array.
This tweak ensures an array is always returned even when preg_split fails.
2021-06-02 15:17:58 +12:00
Steve Boyd
a3df66860f Merge branch '4.8' into 4 2021-05-31 17:05:11 +12:00
Steve Boyd
9ccdb8efb2 Merge branch '4.7' into 4.8 2021-05-31 17:04:54 +12:00
Maxime Rainville
472fc4ebb4
BUG Update DataQuery::exists to return false when limit causes no result to be returned (#9946)
* BUG Update DataQuery::exists to return false when limit causes no result to be returned

* Update comment

* Fixing linting issue
2021-05-31 16:50:58 +12:00
Ingo Schommer
196752566f
Merge pull request #9655 from sminnee/pulls/9647-find-lost-records
NEW: Add GridFieldDetailForm::setRedirectMissingRecords()
2021-05-21 13:53:18 +12:00
Sam Minnee
8883413ba7 NEW: Add GridFieldDetailForm::setRedirectMissingRecords()
This new opt-in setting will let grid field detail forms redirect to the
“Correct” URL of a GridField if it’s not found in the current list.

This works by:
 * Looking for the item in the database
 * If it exists, check for a CMSEditLink() method that returns a value
 * If so, redirect to that

This is useful if you have a number of grid fields that each show a
partial list of records, and it’s possible for the user to make changes
such the item no longer appears in the list, but does appear in another
list.

It’s an opt-in feature as I think all changes like this should be
opt-in, based on previous experiences improving GridField and in turn
breaking SecurityAdmin and slowing versioned-data-browsing down. ;-)
2021-05-21 13:16:00 +12:00
Ingo Schommer
8c0efd3980 Extension hooks for CsvBulkLoader
Required for versioned-snapshots integration
2021-05-21 11:17:46 +12:00
Ingo Schommer
ad4e488dcf
Merge pull request #9192 from sminnee/fix-9163
NEW: Support dot syntax in form field names
2021-05-21 10:34:15 +12:00
Dylan Wagstaff
a5fc61a23a
Merge pull request #9948 from open-sausages/4
FIX Tidy extension and cli fix for tests
2021-05-21 09:19:22 +12:00
Guy Marriott
766df06f23
Merge pull request #9631 from open-sausages/pulls/4/custom-sort-gridfield-autocompleter 2021-05-20 14:02:44 -07:00
Ingo Schommer
8806b3befc Fixes required for dot notation support in fields
See #9163
2021-05-20 20:32:25 +12:00
Dan Hensby
23ffd2bbd6 Linting fix 2021-05-20 20:32:25 +12:00
Sam Minnee
5dcf5197da FIX: Make the ./_ substitution optional. 2021-05-20 20:32:25 +12:00
Sam Minnee
c7c6bdebdf FIX: Allow join-object to be referenced as a component
This avoids having arbitrary differences between a join object and a
has-one relation.
2021-05-20 20:32:25 +12:00
Sam Minnee
6ba7bf7b2f FIX: Replace ‘.’s with ‘_’s in HTML IDs
The functioning of dot-syntax in form fields mean that .s are more
likely to appear in names. This breaks javascript behaviour in HTML IDs 
and I believe is an invalid character for them.
2021-05-20 20:32:24 +12:00
Sam Minnee
02fb7c3b17 NEW: Support dot syntax in form field names
This change adds support for these in a few places.

 - Form::saveInto($record)
 - Form::loadDataForm($record)
 - Form::loadDataForm($_POST)

Fixes https://github.com/silverstripe/silverstripe-framework/issues/9163
2021-05-20 20:32:24 +12:00
Ingo Schommer
5e2ca7f0a3 FIX Tidy extension and cli fix for tests
Wrap doesn't actually wrap in the tidy extension.
This causes tests to be flakey, for example some of `FormTest` fails
if you happen to have `ext-tidy` installed (which is the default on most systems).
This happened to me on PHP 7.4.19 with tidy 5.6.0 (OSX Homebrew).
Note that the tests aren't failing in Travis right now.

You'd expect `wrap => 0` to be honoured. It's documented as an integer
in the tidy docs: https://api.html-tidy.org/tidy/quickref_5.6.0.html#wrap.

Even tracked this down to the PHP source which appears to be doing the right thing:
https://github.com/php/php-src/blob/master/ext/tidy/tidy.c#L300

There's a bug from 2018 against PHP 7.2.8 which was closed as "not a bug" without comment:
https://bugs.php.net/bug.php?id=76683

You can see the behaviour in action in the following test.

```
<?php
$html = '<p>a really long string which should not be wrapped</p>';

echo "## With tidy extension" . PHP_EOL;
$tidy = new tidy();
$tidy->parseString(
    $html,
    [
        'output-xhtml' => true,
        'numeric-entities' => true,
        'wrap' => 0,
    ],
    'utf8'
);
$tidy->cleanRepair();
echo $tidy . PHP_EOL;

echo "## With tidy cli" . PHP_EOL;
$cmd = sprintf("echo " . escapeshellarg($html) . " | tidy --force-output 1 -n -q -utf8 -asxhtml -w 0 2> /dev/null");
echo shell_exec($cmd);
```

Long story short, setting it to 99999 fixes the issue.
2021-05-20 20:09:42 +12:00
Steve Boyd
a6ccc86f94 Merge branch '4.7' into 4.8 2021-05-03 14:21:37 +12:00
Steve Boyd
e6aeff6468 Merge branch '4.6' into 4.7 2021-05-03 14:21:20 +12:00
Garion Herman
debf1ae9fb
Merge pull request #9887 from lekoala/patch-18 2021-04-24 21:05:29 +12:00
Maxime Rainville
67a008365a
Merge pull request #9743 from kinglozzer/treedropdown-root-id
NEW: Expose TreeDropdownField root node ID in schema
2021-04-23 18:06:23 +12:00
maks
12a6f7bd0f
fix typo in core constants phpdoc block 2021-04-20 18:25:24 +02:00
Maxime Rainville
37ee3a923f
Merge pull request #9917 from creative-commoners/pulls/4/rememberloginhash-getset
API Methods to override logout_accross_devices
2021-04-20 09:49:36 +12:00
Steve Boyd
3d7868449f Merge branch '4.7' into 4 2021-04-19 16:39:15 +12:00
Steve Boyd
bcccc63d33 API Methods to override logout_accross_devices 2021-04-19 13:13:35 +12:00
Loz Calver
097da7aed5
Merge pull request #9916 from chrometoasters/bugfix/absolute-base-url-generation
[BUGFIX] Prevent call getHeader() on null HTTPRequest object
2021-04-16 09:15:15 +01:00
Maxime Rainville
fdd23a3675 Merge branch '4.7' into 4 2021-04-14 11:35:58 +12:00
Maxime Rainville
6fc25e4e96
RFC Add chunk method to DataList to iterate over large dataset (#8940) 2021-04-14 07:49:44 +12:00
André Kiste
e2777ded8e • Add missing string
• Move attribute to login-forms
2021-04-13 15:33:49 +12:00
Kunal Hari
31c5ab2069 [BUGFIX] Prevent call getHeader() on null HTTPRequest object 2021-04-13 14:06:21 +12:00
André Kiste
bbcc187c02 Update conflicting translations.
Revert removal of translations.
2021-04-12 11:42:57 +12:00
Andre Kiste
dcdc25500b
Merge pull request #9909 from creative-commoners/pulls/4/remember-thirty
ENH Reduce default token period from 90 to 30 days
2021-04-08 12:39:22 +12:00
André Kiste
8692aabe9b Use new designs 2021-04-08 12:32:12 +12:00