Commit Graph

63 Commits

Author SHA1 Message Date
Damian Mooyman
a86ed93759 Merge remote-tracking branch 'origin/3'
Conflicts:
	docs/en/05_Contributing/01_Code.md
2015-02-20 14:09:38 +13:00
Daniel Hensby
6d0002780d API Adding default_classes to Form 2015-01-20 13:36:31 +00:00
Ingo Schommer
5d1c355cad Form action validation excempts
Thanks to @kinglozzer for doing the majority of work on this. See #2493.
2014-11-26 22:49:37 +13:00
Damian Mooyman
ce93a8a98e Resolve merge regressions 2014-11-19 11:05:07 +13:00
Damian Mooyman
0b1f297873 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	.travis.yml
	README.md
	admin/code/LeftAndMain.php
	admin/css/screen.css
	admin/scss/screen.scss
	api/RestfulService.php
	conf/ConfigureFromEnv.php
	control/injector/ServiceConfigurationLocator.php
	control/injector/SilverStripeServiceConfigurationLocator.php
	core/ClassInfo.php
	core/Object.php
	css/AssetUploadField.css
	css/ComplexTableField_popup.css
	dev/CSSContentParser.php
	dev/DevelopmentAdmin.php
	docs/en/changelogs/index.md
	docs/en/misc/contributing/code.md
	docs/en/reference/execution-pipeline.md
	filesystem/GD.php
	filesystem/ImagickBackend.php
	filesystem/Upload.php
	forms/Form.php
	forms/FormField.php
	forms/HtmlEditorConfig.php
	forms/gridfield/GridFieldDetailForm.php
	forms/gridfield/GridFieldSortableHeader.php
	lang/en.yml
	model/Aggregate.php
	model/DataList.php
	model/DataObject.php
	model/DataQuery.php
	model/Image.php
	model/MySQLDatabase.php
	model/SQLQuery.php
	model/fieldtypes/HTMLText.php
	model/fieldtypes/Text.php
	scss/AssetUploadField.scss
	search/filters/SearchFilter.php
	security/Authenticator.php
	security/LoginForm.php
	security/Member.php
	security/MemberAuthenticator.php
	security/MemberLoginForm.php
	security/Security.php
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsFormsContext.php
	tests/control/HTTPTest.php
	tests/control/RequestHandlingTest.php
	tests/filesystem/UploadTest.php
	tests/forms/FormTest.php
	tests/forms/NumericFieldTest.php
	tests/model/DataListTest.php
	tests/model/DataObjectTest.php
	tests/model/TextTest.php
	tests/security/MemberAuthenticatorTest.php
	tests/security/SecurityDefaultAdminTest.php
	tests/view/SSViewerCacheBlockTest.php
	tests/view/SSViewerTest.php
2014-11-18 12:45:54 +13:00
Damian Mooyman
53c40a94fa API Enable re-authentication within the CMS if a user session is lost
BUG Resolve issue with error redirection being ignored within CMS
BUG Fix issue with invalid securityID being re-emitted on failure
2014-10-14 15:19:48 +13:00
Sean Harvey
0e07f1a7f5 Merge remote-tracking branch 'origin/3.0' into 3.1 2014-08-22 17:50:36 +12:00
Ingo Schommer
1661213e5b FIX Opt-out pf form message escaping (fixes #2796)
This fixes a limitation introduced through http://www.silverstripe.org/ss-2013-008-xss-in-numericfield-validation/.
Form messages used to accept HTML, now they’re escaped by default, effectively removing the ability
to pass in HTML and take care of escaping manually.

We pass through HTML to message in core through the CTF system, so this needs to be fixed.
It’s an alternative fix to https://github.com/silverstripe/silverstripe-framework/pull/2803.
2014-08-22 16:59:34 +12:00
Damian Mooyman
eb069e605d Remove all redundant whitespace 2014-08-19 09:17:15 +12:00
Sean Harvey
9048eab4a2 Merge branch '3.1' 2014-02-12 11:06:54 +13:00
Loz Calver
058219c0ee NEW: Forms with invalid/expired SecurityIDs are repopulated (fixes #1891) 2014-02-09 10:19:24 +00:00
Ingo Schommer
455e550d9a Merge remote-tracking branch 'origin/3.1'
Conflicts:
	docs/en/topics/testing/create-silverstripe-test.md
	forms/Form.php
	i18n/i18n.php
	model/Image.php
2013-09-27 19:22:14 +02:00
Simon Welsh
fbce9fd7cd Merge branch '3.1'
Conflicts:
	.travis.yml
	docs/en/misc/contributing/code.md
	javascript/HtmlEditorField.js
2013-07-05 10:22:58 +12:00
Daniel Hensby
9a40b16496 Adding tests to FormField and Form for extra classes
Added tests that were missing from `Form` and ones for my new logic
2013-06-29 13:35:34 +01:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Ingo Schommer
5a1d476e8d Merge branch 'idvalidattr' of git://github.com/wilr/sapphire into wilr-idvalidattr 2013-05-31 19:27:19 +02:00
Will Rossiter
5acf2aab94 Use the new form ID selectors for FormTest 2013-05-30 21:05:39 +12:00
Fred Condo
59657d94bb Use upper case to represent HTTP methods for forms
Per [RFC 2616 section 5.1.1][ietf], HTTP methods are case-sensitive.

- Change the internal representation of the form's method to upper case
- Update FormTest to accommodate the case changes
- Change method to lower case for HTML in Form#getAttributesHTML()
[ietf]: http://tools.ietf.org/html/rfc2616#section-5.1.1
2013-05-28 17:51:56 -07:00
Will Rossiter
ca87b8b794 API: Form Field ID attribute should follow HTML specification
Fixes: http://open.silverstripe.org/ticket/4431.

Changes Form and Form Field classes to make use of Convert::raw2htmlid() which follows http://www.w3.org/TR/REC-html40/types.html#type-cdata.

Introduces a FormTemplateHelper class to assist in these sort of updates in the future.
2013-05-26 11:11:55 +12:00
Sam Minnee
d97ca43cd0 Merge branch '3.1'
Conflicts:
	README.md
	dev/install/install.php5
	forms/ConfirmedPasswordField.php
	tests/forms/FormTest.php
2013-05-23 19:01:58 +12:00
Ingo Schommer
14c59be85e API Form::setStrictFormMethodCheck() and strict argument to setFormMethod()
Thanks to @sminnee for getting this started
2013-05-08 10:25:13 +02:00
Ingo Schommer
b0d3f7f3a2 Merge remote-tracking branch 'origin/3.1'
Conflicts:
	api/RSSFeed.php
	dev/SapphireTest.php
	tests/control/RequestHandlingTest.php
2013-03-26 10:46:41 +01:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317)
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
2013-03-24 17:20:53 +01:00
Ingo Schommer
957469d770 API Removed auto-routing of controller name
Use custom routing rules to achieve this effect (see changelog)
2013-02-18 14:29:47 +01:00
Ingo Schommer
c55c7c33f8 Merge branch '3.0'
Conflicts:
	admin/code/CMSProfileController.php
	composer.json
	tests/model/DataObjectTest.php
2012-11-22 23:51:28 +01:00
Hamish Friedlander
0dd97a38f6 API: Form#loadDataFrom 2nd arg now sets how existing field data is merged with new data 2012-11-16 12:36:00 +13:00
Ingo Schommer
56f7ce1dcf Merge remote-tracking branch 'origin/3.0'
Conflicts:
	control/Cookie.php
	control/Director.php
	control/HTTPResponse.php
	model/Database.php
	model/MySQLDatabase.php
	model/SQLQuery.php
	view/Requirements.php
	view/SSViewer.php
2012-10-03 16:16:19 +02:00
Sam Minnee
1f7fc1f76a FIX Remove instances of lines longer than 120c
The entire framework repo (with the exception of system-generated files) has been amended to respect the 120c line-length limit.  This is in preparation for the enforcement of this rule with PHP_CodeSniffer.
2012-09-30 17:18:13 +13:00
Howard Grigg
aa6f345d1d API FormField::name_to_label() for unlabelled fields
Will convert camel case to spaces, e.g. "TotalAmount"
to "Total Amount".
2012-09-26 11:20:34 +02:00
Ingo Schommer
e2f073f38a Method visibility according to coding conventions 2012-09-20 10:46:59 +02:00
Sean Harvey
5462cdaab2 MINOR Removing "." from the end of validation messages 2012-06-01 13:13:06 +12:00
Sean Harvey
f446547cd7 MINOR Using Config system instead of Director::addRules() in tests 2012-05-22 17:13:05 +12:00
Sean Harvey
b1e17578c7 API CHANGE Removed assertType() and assertEmpty() workarounds. Use assertInstanceOf()
instead of assertType(), assertEmpty() is available in PHPUnit 3.5+.
PHPUnit 3.4 is no longer supported, so please upgrade your version to
work.

MINOR Removed FullTestSuite which was a workaround for PHPUnit but not
used.
2012-05-09 23:05:39 +12:00
Sean Harvey
007ed25c0b MINOR Fixing broken tests 2012-04-20 15:05:18 +12:00
Simon Welsh
f07258f3cf MINOR Update @package values to match renaming sapphire 2012-04-15 10:50:19 +12:00
Sean Harvey
e097f6e1a8 MINOR Fixes to method arguments in core classes for E_STRICT support.
API CHANGE Remove abstract static function and just use static functions
in Authenticator (PHP 5.3+ doesn't support abstract static functions)
2012-03-28 22:41:42 +13:00
Fred Condo
d370423825 Clean up trailing ?> per coding standard
All sapphire but the lang directory
2012-02-12 12:40:16 -08:00
Ingo Schommer
72694d8349 ENHANCEMENT Custom form attributes through Form->setAttribute() 2012-01-02 16:49:33 +01:00
Ingo Schommer
b3c08dba12 API CHANGE Deprecated FieldSet-specific methods from Form, namely dateFieldByName(), unsetDataFieldByName(), unsetFieldFromTab(), resetField() 2012-01-02 16:47:59 +01:00
ajshort
3478e4f9e6 ENHANCEMENT: Made the form enctype configurable via a method Form->setEncType().
API CHANGE: Deprecated Form->FormEncType() in favour of Form->getEncType().
MINOR: Added enctypes as constants to the Form class.
2011-12-26 18:36:24 +11:00
Will Rossiter
1732a17114 Merged new-orm into datagrid 2011-09-26 16:47:54 +13:00
Ingo Schommer
ce8e72cf0e MINOR Removing executable flag from all files (thanks miiihi) 2011-09-18 22:04:02 +02:00
ajshort
1f6f7f0862 API CHANGE: Deprecated CompositeField->FieldSet() in favour of CompositeField->FieldList().
MINOR: Replaced usage of FieldSet with FieldList.
MINOR: Renamed FieldSetTest to FieldListTest.
2011-05-11 17:51:54 +10:00
Ingo Schommer
2870eb9212 MINOR Changed $fixture_path to relative filenames in all sapphire test cases in order to allow easier file moving and less verbosity in tests 2011-03-30 23:04:48 +13:00
Ingo Schommer
a9b13509d2 MINOR Removed dependency on SiteTree in various unit tests 2011-03-29 18:07:58 +13:00
Paul Meyrick
dc36725869 MINOR Using BlankPage template in SecurityTest, BasicAuthTest to remove ContentController dependency
MINOR Checking for SiteTree class existence in Security, Translatable
MINOR Checking for ContentController existence in FulltextSearchable
MINOR Removed unnecessary ContentController tests from ObjectTest
MINOR Replaced CMS specific examples in PermissionCheckboxSetFieldTest, DataObjectTest
MINOR Changed SecurityTest to make assertions against Security/login rather than relying on redirection from admin/cms
2011-03-29 18:07:55 +13:00
Ingo Schommer
2184acf17d Revert "MINOR Replaced assertType() calls with assertInstanceOf(), deprecated in PHPUnit 3.6 (throws warnings as of 3.5.10)" - cased too many problems with mixed build environments that require PHP 3.4
This reverts commit 65f6104cd6.
2011-03-11 15:06:09 +13:00
Ingo Schommer
65f6104cd6 MINOR Replaced assertType() calls with assertInstanceOf(), deprecated in PHPUnit 3.6 (throws warnings as of 3.5.10) 2011-02-21 18:49:09 +13:00
Carlos Barberis
184e8bd852 ENHANCEMENT: Added allowed actions to core classes 2011-02-14 11:14:51 +13:00
Sam Minnee
854e0e30b4 ENHANCEMENT Added Form->enableSecurityToken() as a counterpart to the existing disableSecurityToken() (from r113284)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114531 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-05 08:30:32 +00:00