Commit Graph

12324 Commits

Author SHA1 Message Date
Ingo Schommer
b9e205abbf Allow <link/> in HTMLText->exists() (fixes #850) 2013-09-18 11:39:29 +02:00
Sean Harvey
c349322b7e Merge pull request #2428 from PutmanMedia/pulls/sqlquery-orderby-joins
Only compare array notations in SQLQuery->getOrderedJoins()
2013-09-17 18:15:58 -07:00
Ingo Schommer
ba5984e2bf Only compare array notations in SQLQuery->getOrderedJoins()
If more than two $from were added through SQLQuery->addFrom(),
the getOrderedJoins() comparison kicks in. It assumes all $from
parts are in array notation, which isn't always the case.
For legacy reasons, and because we don't have full API support,
you can still add literal joins through addFrom('INNER JOIN ...').
On PHP 5.3, the ordering comparison still works because it
allows array access in strings, with string rather than numeric indexes.
Thankfully that's no longer supported in PHP 5.4.
2013-09-17 22:08:48 +02:00
Ingo Schommer
f07ce0b25e Merge pull request #2423 from wilr/cliredirects
FIX: Follow internal redirections for cli operations.
2013-09-16 01:59:00 -07:00
Will Rossiter
63778550e5 FIX: Follow internal redirections for cli operations. 2013-09-16 20:11:28 +12:00
Will Rossiter
fd6a1619cb Remove StaticPublisher route. Now a module 2013-09-16 19:47:33 +12:00
Ingo Schommer
60966898e2 Trailing semicolon to fix TinyMCE bug (fixes #2408)
Regression introduced by #2386
2013-09-16 01:09:37 +02:00
Ingo Schommer
a87000170a Behat: "apply formatting" steps 2013-09-15 01:50:10 +02:00
Ingo Schommer
849f2c1cb1 Behat: "insert external link" feature 2013-09-14 19:50:22 +02:00
Ingo Schommer
d68a016026 Behat: Friendler field reference 2013-09-14 19:50:21 +02:00
Ingo Schommer
2fbe0c39f2 Behat: Correctly quote selector in dropdown step 2013-09-14 19:50:21 +02:00
Ingo Schommer
c9047a386f Behat: "insert link" feature 2013-09-14 19:50:21 +02:00
Ingo Schommer
7a4a1bbadb Behat: More "insert image" steps
Still needs definitions
2013-09-14 19:50:21 +02:00
Ingo Schommer
e202d4b3b0 Behat: Avoid false positives in dropdown traversal
Was identifying fields like <input value="Select a page">
when querying for a drop down labelled "Page"
2013-09-14 19:50:21 +02:00
Ingo Schommer
8de227554e Behat: More verbose error message in HTML field assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
fde6b65769 Behat: Allow quoted HTML in assertion 2013-09-14 19:50:21 +02:00
Ingo Schommer
35a32d608d More specific behat tree assertion 2013-09-14 19:50:21 +02:00
Simon Welsh
55fc0265f4 Merge pull request #2419 from bilekt3/patch-1
Update 3.1.0-rc2.md
2013-09-13 14:33:41 -07:00
Ingo Schommer
5a0b4b0f03 Shorter behat feature name
Looks better in relishapp ;)
2013-09-13 18:52:02 +02:00
Tomáš Bílek
65d5f10e60 Update 3.1.0-rc2.md
Corrected RC number in heading of page.
2013-09-13 18:50:45 +02:00
Ingo Schommer
819eebb5dc Behat: Profile feature (steps only) 2013-09-13 18:44:17 +02:00
Ingo Schommer
aa80c4eed2 Behat feature indentation (no content changes) 2013-09-13 18:42:27 +02:00
lukepercy
e6f7f637f3 Added feature file for behat test
- Added content formatting behat feature file Updated Given statement for Insert link behat feature file
- Added Behat test feature file for alignment buttons Updated formatting buttons feature file to include strikethrough formatting
2013-09-13 17:00:43 +02:00
Will Rossiter
2c11710832 Fix for duplicate class definition introduced in ddcfcf7. 2013-09-13 19:26:06 +12:00
Sean Harvey
17fb7752db Skipping SQLQueryTest::testZeroLimitWithOffset() for MSSQLDatabase.
This test doesn't work on MSSQLDatabase.
2013-09-13 15:50:36 +12:00
Sean Harvey
bf1110d911 Adding a test for SQLQuery::setLimit() parsing OFFSET string clause. 2013-09-13 15:44:46 +12:00
Sean Harvey
e4ff3b8ec8 Merge pull request #2414 from phptek/issue/2398
FIX: Fixes #2398
2013-09-12 17:26:13 -07:00
Russell Michell
bbda63a16f MINOR: Corrected tests to use assertFalse|True() 2013-09-13 12:27:37 +12:00
Russell Michell
3aaa12f114 FIX: Fixes #2398
- hasAmount() failed to return true for values <= 0.99 and >= 0.01
- Added unit tests
2013-09-13 12:21:21 +12:00
Ingo Schommer
a7f38f7b4d Merge pull request #2413 from ss23/patch-1
Update 3.0.6.md
2013-09-12 16:08:04 -07:00
Stephen Shkardoon
f765696d26 Update 3.0.6.md
Add reference to information disclosure in Versioned.php (SS-2013-006)
2013-09-13 10:34:51 +12:00
Simon Welsh
6df6cb719d Revert "Merge pull request #2390 from phptek/2389"
This reverts commit 58da57dd1b, reversing
changes made to 8864256601.
2013-09-13 08:22:32 +12:00
Ingo Schommer
92c9febb99 Merge pull request #2406 from dangerdan/testing
Resubmitting pull request, changes to docs: topics/testing
2013-09-12 13:09:07 -07:00
Dan Brooks
6afad377cb Changes to topics/testing 2013-09-12 18:22:46 +01:00
Ingo Schommer
03d1d58148 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/code/SecurityAdmin.php
	css/AssetUploadField.css
	docs/en/topics/configuration.md
	security/PermissionRole.php
2013-09-12 17:33:36 +02:00
Ingo Schommer
c2b312d76f Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-09-12 17:24:42 +02:00
Ingo Schommer
7627d95555 Updated changelog 2013-09-12 17:02:13 +02:00
Ingo Schommer
505db1f731 Updated translations 2013-09-12 16:53:32 +02:00
Ingo Schommer
24bae3f922 Tagged 3.0.6-rc2 2013-09-12 16:48:20 +02:00
Ingo Schommer
a6b402f491 Added 3.0.6-rc2 changelog 2013-09-12 16:48:15 +02:00
Ingo Schommer
2da4d76c3b Updated translations 2013-09-12 16:37:12 +02:00
Ingo Schommer
7c99cb4668 Merge branch 'pulls/security-issues-august-3.0' into 3.0 2013-09-12 15:45:13 +02:00
Ingo Schommer
5e0315dc62 Safety note on DataObject::validation_enabled 2013-09-12 15:42:43 +02:00
Ingo Schommer
f803704d91 FIX Disallow permissions assign for APPLY_ROLES (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:43 +02:00
Ingo Schommer
8b5c8eab72 Linking to older security issue in change log
Mainly for consistency with the newer format
2013-09-12 15:42:43 +02:00
Ingo Schommer
05757efceb FIX Privilege escalation through APPLY_ROLES assignment (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:43 +02:00
Ingo Schommer
6cff9671d4 FIX Privilege escalation through Group and Member CSV upload (SS-2013-004)
See http://www.silverstripe.org/ss-2013-004-privilege-escalation-through-group-and-member-csv-upload/
2013-09-12 15:42:43 +02:00
Ingo Schommer
720c149aee FIX Privilege escalation through Group hierarchy setting (SS-2013-003)
See http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/
2013-09-12 15:42:42 +02:00
Ingo Schommer
cb517fda9e Safety note on DataObject::$validation_enabled 2013-09-12 15:42:36 +02:00
Ingo Schommer
091c096dbf FIX Disallow permissions assign for APPLY_ROLES (SS-2013-005)
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:36 +02:00