Ingo Schommer
cb517fda9e
Safety note on DataObject::$validation_enabled
2013-09-12 15:42:36 +02:00
Ingo Schommer
091c096dbf
FIX Disallow permissions assign for APPLY_ROLES (SS-2013-005)
...
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:36 +02:00
Ingo Schommer
a492d56f7c
3.1.0-rc2 changelog
2013-09-12 15:42:36 +02:00
Ingo Schommer
cfa88adf4b
FIX Privilege escalation through APPLY_ROLES assignment (SS-2013-005)
...
See http://www.silverstripe.org/ss-2013-005-privilege-escalation-through-apply-roles-assignment/
2013-09-12 15:42:36 +02:00
Ingo Schommer
46556b609e
FIX Privilege escalation through Group and Member CSV upload (SS-2013-004)
...
See http://www.silverstripe.org/ss-2013-004-privilege-escalation-through-group-and-member-csv-upload/
2013-09-12 15:42:35 +02:00
Ingo Schommer
68ca47b0dd
FIX Privilege escalation through Group hierarchy setting (SS-2013-003)
...
See http://www.silverstripe.org/ss-2013-003-privilege-escalation-through-group-hierarchy-setting/
2013-09-12 15:42:35 +02:00
Ingo Schommer
1c31c098ee
FIX Correct Zend_Locale fallbacks in i18n/DateField/DateTimeField
...
Due to the recent change of translations to transifex, some
locales changed their names, which prompted a fix to
i18n::get_available_translations() (see 00ffe7294
).
This caused a regression where short locales are determined
from the YAML file names (e.g. "en"), but weren't matched up
with fully qualified locales from get_available_translations() (e.g. "en_US").
Since this list is used in the admin/myprofile dropdown for the Member.Locale value,
it didn't match up with any entries and defaulted to the first one ("Africaans").
Note that the behaviour of admin/myprofile is still a bit weird:
It defaults the locale on new members to the one set for the current administrator.
So if a site defaults to en_US in _config.php, but the admin happens to view
his backend in de_DE, all members he creates default to de_DE as well.
Thanks to @tractorcow for contributing and peer reviewing!
2013-08-30 10:18:00 +02:00
Mateusz U
c396645aed
Merge pull request #2351 from hafriedlander/fix/ie8brokenfonts
...
FIX webfonts in preview iframe breaking admin fonts
2013-08-26 15:57:35 -07:00
Hamish Friedlander
45c1d2b0ce
FIX webfonts in preview iframe breaking admin fonts
...
In IE8, when a page in the preview iframe uses a web font (not just
references it in CSS, but actually has glyphs present in the page),
the fonts in the containing admin interface will become corrupted
(display as all squares) until the mouse moves.
This commit uses the technique described at
http://stackoverflow.com/questions/9809351/ie8-css-font-face-fonts-only-working-for-before-content-on-over-and-sometimes#10557782
to cause the admin panel to re-calculated all it's fonts
after the preview iframe has loaded, fixing the glitch
2013-08-27 10:49:24 +12:00
Hamish Friedlander
716e3b9d47
Merge pull request #2356 from mateusz/ie-download-fix
...
BUG Fix regression in IE no-cache https file downloads.
2013-08-26 15:47:57 -07:00
Mateusz Uzdowski
1461ae9e4c
BUG Fix regression in IE no-cache https file downloads.
...
Currently IE6-8 will refuse to download files over HTTPS with default
Framework settings.
Currently the HTTP::add_cache_headers competely overrides Cache-Control
headers on each request, so there is no way to inject custom headers
from the API-consuning methods.
Also of note: adding no-store header also fixes the issue but will
prevent proxies from caching the request body (which they do when using
no-cache). So the setting max-age to some low number is a better choice
here.
2013-08-26 17:15:58 +12:00
Ingo Schommer
40c239076b
Merge remote-tracking branch 'origin/3.0' into 3.1.0
...
Conflicts:
model/Hierarchy.php
2013-08-22 12:55:47 +02:00
Ingo Schommer
54edc0ddac
Fix Behat window switching in chrome
...
Workaround only, see https://groups.google.com/forum/#!topic/behat/QNhOuGHKEWI
2013-08-22 12:49:38 +02:00
Ingo Schommer
0c859b8587
Merge pull request #2348 from simonwelsh/scrut
...
Scrutinizer fixes
2013-08-21 04:43:12 -07:00
Simon Welsh
c66cc952d2
Correct line length and indentation
2013-08-21 21:27:16 +12:00
Simon Welsh
2c0d03b2d6
Exclude docs and images foldes from Scrutinizer
2013-08-21 21:02:12 +12:00
Simon Welsh
4cb98f1afd
Only have Scrutinizer check PHP files
2013-08-21 21:02:12 +12:00
Sean Harvey
c461ed51d6
Merge pull request #2346 from hafriedlander/fix/flush_when_secure
...
FIX flush when secure
2013-08-20 15:35:00 -07:00
Hamish Friedlander
a2026add04
FIX flushing on non-dev when Session::cookie_secure is true
2013-08-21 09:50:07 +12:00
Mateusz U
afd3e3f0d0
Merge pull request #2345 from hafriedlander/fix/performance
...
Couple of performance fixes - eliminate un-necessary redraws and preview updating
2013-08-20 14:40:22 -07:00
Hamish Friedlander
0ca4969cda
FIX Dont update preview iframe if hidden
...
Updating the iframe src when the iframe isnt visible in IE8 causes a
view disconcerting font glitch (and it slows down navigation anyway),
so if the iframe isnt visible, delay setting the src until it is
2013-08-21 09:29:28 +12:00
Hamish Friedlander
c59305d6d4
FIX Multiple redraw calls on navigation
2013-08-21 09:29:28 +12:00
Ingo Schommer
a592c36adf
Merge remote-tracking branch 'origin/3.0' into 3.1.0
...
Conflicts:
docs/en/changelogs/index.md
2013-08-20 20:49:01 +02:00
Ingo Schommer
a2f9af54c7
Merge pull request #2340 from hafriedlander/fix/memleaks
...
Fix some memory leaks in 3.1.0 admin
2013-08-20 07:28:14 -07:00
Ingo Schommer
2fd5558a70
Fixed "insert image" behat feature
...
Was using wrong button label, and ignoring the
"unsaved changes" warning dialog
2013-08-20 16:19:30 +02:00
Ingo Schommer
99da5cd198
Merge pull request #2336 from hafriedlander/fix/flush_30
...
FIX Double slashes in ParameterConfirmationToken
2013-08-20 06:26:44 -07:00
Hamish Friedlander
68d8ec31a5
FIX Memory leaks in jstree drag & drop
2013-08-20 16:07:54 +12:00
Hamish Friedlander
fda4b91d06
FIX Make sure CurrentXHR is set back to null on completion
2013-08-20 15:49:37 +12:00
Hamish Friedlander
e282f0b661
FIX Two memory leaks with HtmlEditorField
...
We werent calling tinyMCE.Editor.destroy, which is needed to
clean up event bindings. The advanced theme also wasnt cleaning
up after itself on destroy properly
2013-08-20 15:49:04 +12:00
Hamish Friedlander
13377ee4bd
Update jQuery Entwine to latest to pull memory leak fix
2013-08-20 15:17:50 +12:00
Hamish Friedlander
4a7aef0e25
FIX Double slashes in ParameterConfirmationToken
2013-08-19 11:35:34 +12:00
Ingo Schommer
de3b1b22d3
Fixed behat tests for confirming grid field dialogs
2013-08-16 13:34:23 +02:00
Ingo Schommer
362d35742f
Fixed behat tests to confirm file deletion dialog
2013-08-16 13:34:23 +02:00
Naomi Guyer
fb67181366
BUG: Context menu too long - CSS only (Fixes CMS #811 )
2013-08-16 13:34:23 +02:00
Ingo Schommer
b6b06945d0
Merge pull request #2320 from jbridson/3.1
...
MINOR: ISSUE-19 CWP Accessibility fixes - Added macron to Māori toggle b...
2013-08-15 14:35:25 -07:00
Jeremy Bridson
cf75166d83
MINOR: ISSUE-19 CWP Accessibility fixes - Added macron to Māori toggle button for translations on the CWP demo site.
2013-08-12 15:39:00 +12:00
Ingo Schommer
fd2a0cd1f9
Updated translations
2013-08-09 15:33:01 +02:00
Hamish Friedlander
0918cd2092
Remove SiteTree link tracking out of HtmlEditorField
2013-08-09 11:24:10 +02:00
Ingo Schommer
810f505924
Merge pull request #2315 from jbridson/patch-2
...
Fixed Grammatical errors and issues where sentences didn't make sense.
2013-08-09 02:04:01 -07:00
jbridson
1ce0a0d2b9
Fixed Grammatical errors and issues where sentences didn't make sense.
2013-08-09 15:22:03 +12:00
Sam Minnee
3510b60ab8
Added 3.1.0-rc1 changelog
2013-08-09 14:25:58 +12:00
Sean Harvey
f9dca6f857
Merge pull request #2313 from jbridson/patch-1
...
Fixed issue with inconsistent use of punctuation and wording of Tutorial...
2013-08-08 19:22:16 -07:00
jbridson
0c4ff76921
Fixed issue with inconsistent use of punctuation and wording of Tutorial 5 summary
2013-08-09 14:20:41 +12:00
Sam Minnee
750b5b4079
Updated translation master file
2013-08-09 14:18:10 +12:00
Ingo Schommer
7a117fe713
Added 3.0.6-rc1 changelog
2013-08-07 20:55:10 +02:00
Ingo Schommer
a213afd888
Added 3.0 changelog
2013-08-07 20:16:59 +02:00
Ingo Schommer
c78c0aa828
Fixed merge error
...
See 00ffe72944
2013-08-07 17:33:06 +02:00
Ingo Schommer
afe06661ef
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
admin/templates/Includes/LeftAndMain_Menu.ss
admin/templates/Includes/ModelAdmin_ImportSpec.ss
admin/templates/Includes/ModelAdmin_Tools.ss
admin/templates/LeftAndMain.ss
admin/templates/ModelSidebar.ss
i18n/i18n.php
templates/ComplexTableField.ss
templates/ComplexTableField_popup.ss
templates/FileIFrameField_iframe.ss
templates/Includes/GridFieldItemEditView.ss
templates/Includes/TableListField_PageControls.ss
templates/RelationComplexTableField.ss
templates/TableField.ss
templates/TableListField.ss
2013-08-07 17:14:47 +02:00
Ingo Schommer
c0f5007d57
Create folder if required in dev/generatesecuretoken
2013-08-07 16:59:18 +02:00
Ingo Schommer
b159284c6c
Fixed "session started" error on install.php
2013-08-07 16:28:54 +02:00