Ingo Schommer
bea1b9002d
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
control/HTTP.php
2013-02-26 13:28:35 +01:00
Ingo Schommer
92458d9f43
Fixed line lengths
2013-02-18 14:41:49 +01:00
Ingo Schommer
634c91c6ff
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
email/Mailer.php
2013-01-30 12:46:24 +01:00
Simon Welsh
c9f728fefb
FIX Only check the remember token if a user exists
2013-01-30 09:17:47 +13:00
jean
c048a019f6
BUGFIX Avoid infinite redirection when logging out and when showing a custom login page after displaying the draft version of a page.
2013-01-29 19:24:37 +01:00
Ingo Schommer
22eeaa4ac1
BUG Members should not be allowed to delete themselves ( fixes #8121 )
2012-12-16 23:53:45 +01:00
Hamish Friedlander
27113f82c3
API Make DataList and ArrayList immutable
...
In 3.0 there was some confusion about whether DataLists and ArrayLists
were mutable or not. If DataLists were immutable, they'd return the result, and your code
would look like
$list = $list->filter(....);
If DataLists were mutable, they'd operate on themselves, returning nothing, and your code
would look like
$list->filter(....);
This makes all DataLists and ArrayList immutable for all _searching_ operations.
Operations on DataList that modify the underlying SQL data store remain mutating.
- These functions no longer mutate the existing object, and if you do not capture the value
returned by them will have no effect:
ArrayList#reverse
ArrayList#sort
ArrayList#filter
ArrayList#exclude
DataList#dataQuery (use DataList#alterDataQuery to modify dataQuery in a safe manner)
DataList#where
DataList#limit
DataList#sort
DataList#addFilter
DataList#applyFilterContext
DataList#innerJoin
DataList#leftJoin
DataList#find
DataList#byIDs
DataList#reverse
- DataList#setDataQueryParam has been added as syntactic sugar around the most common
cause of accessing the dataQuery directly - setting query parameters
- RelationList#setForeignID has been removed. Always use RelationList#forForeignID
when querying, and overload RelationList#foreignIDList when subclassing.
- Relatedly,the protected variable RelationList->foreignID has been removed, as the ID is
now stored on a query parameter. Use RelationList#getForeignID to read it.
2012-12-14 13:30:35 +13:00
Ingo Schommer
644cc79ebb
API Removed methods previously deprecated in 3.0
2012-12-14 01:16:47 +01:00
Ingo Schommer
5fed5b91c9
API Moved email bounce handling to new 'emailbouncehandler' module
2012-12-12 23:36:42 +01:00
Simon Welsh
b0121b541c
Add codesniffer that ensures indentation is with tabs.
2012-12-12 17:33:31 +13:00
Simon Welsh
fc5dd2994c
Add codesniffer that ensures indentation is with tabs.
2012-12-12 00:12:11 +13:00
Ingo Schommer
c55c7c33f8
Merge branch '3.0'
...
Conflicts:
admin/code/CMSProfileController.php
composer.json
tests/model/DataObjectTest.php
2012-11-22 23:51:28 +01:00
Mateusz Uzdowski
a8b0e44d98
API Hash autologin tokens before storing in the database.
...
Refactor the code to make it clear the distinction is made between a
plaintext token and a hashed version. Rename fields so it is more
obvious what is being written and what sent out to the user.
This reuses the salt and algorithm from the Member, which are kept
constant throughout the Member lifetime in a normal scenario. If they do
change, users will need to re-request so the hashes can be regenerated.
2012-11-09 11:29:42 +01:00
Will Rossiter
69ea73b4ed
Merge pull request #777 from halkyon/field_edit3
...
Member_ProfileForm respect canEdit() permissions on Member
2012-10-27 20:11:46 -07:00
Ingo Schommer
d1ee7612f5
Merge remote-tracking branch 'origin/3.0'
2012-10-08 16:48:52 +02:00
Saophalkun Ponlu
e3a27ea7da
CMS member profile now is no longer in a popup ( #7880 )
2012-10-08 12:57:55 +02:00
Sean Harvey
0cce58040a
BUG Fix deprecated use of dataFieldByName() in Member_Validator
2012-10-08 09:26:28 +13:00
Sam Minnee
1f7fc1f76a
FIX Remove instances of lines longer than 120c
...
The entire framework repo (with the exception of system-generated files) has been amended to respect the 120c line-length limit. This is in preparation for the enforcement of this rule with PHP_CodeSniffer.
2012-09-30 17:18:13 +13:00
Ingo Schommer
91e4fde96f
ENHANCEMENT "Readonly" behaviour for CMS tabs
2012-09-28 16:37:35 +02:00
Ingo Schommer
e2f073f38a
Method visibility according to coding conventions
2012-09-20 10:46:59 +02:00
Sean Harvey
5cbd2dbeb4
BUG CMSProfileController::Member_ProfileForm() respecting canEdit() permissions on Member
...
CMSProfileController currently checks canView() which ensures that a logged in CMS
Member can access the profile controller, but when saving the record on Member_ProfileForm
there is no check for canEdit(), so extended permissions don't get respected.
This adds a check for canEdit() in Member_ProfileForm, and adds some functional tests
to check permissions.
2012-09-07 11:24:47 +12:00
Sean Harvey
dcf5d217ad
BUG Fixing deprecated usage of dataFieldByName() in Member_Validator
2012-09-07 11:24:41 +12:00
Roland Lehmann
701da8b822
Updated translations; i18n for fieldLabels
2012-08-15 20:30:30 +02:00
Naomi Guyer
ae52be54f0
FIX: Missing last login time (fixes 7666)
...
Add in missing user login time
2012-08-10 18:08:53 +12:00
Hamish Friedlander
b7691077cf
API Prep forForeignID for immutability in 3.1 per 7673
2012-07-23 10:31:47 +12:00
Will Rossiter
d82b67cf97
ENHANCEMENT: remove dependencies between framework tests and cms module.
2012-06-20 16:28:06 +02:00
Marcus Nyeholt
82a1e7d282
MINOR Use injector for creating Member_GroupSet object
...
MINOR Use injector for creating many many list objects
MINOR Use injector for creating objects from within the DataList
MINOR Use Injector::inst() for creating objects; cannot rely on this->injector being present due to many classes being created with 'new', so use inst() directly
MINOR Remove injector autoset property for now; automatically setting it breaks a few test cases that don't know about it for now, and it's not needed just yet
2012-06-05 01:33:44 +10:00
Sean Harvey
c3eabffcb9
MINOR Use shorthand {class}::get() syntax instead of DataList::create()
...
in core code.
2012-05-28 21:13:42 +12:00
Ingo Schommer
69fbdad722
MINOR Removed non-functional "close popup" link from profile editing in CMS ( fixes #7343 )
2012-05-20 14:03:50 +02:00
Sean Harvey
e5e8f489a2
Merge branch (pull request #247 ) 'template-global-fixes' of https://github.com/sminnee/sapphire into sminnee-template-global-fixes
2012-05-19 15:39:59 +12:00
Stig Lindqvist
bbe3879eaa
BUGFIX: Member::mapInGroups() throws SQL error
...
Renamed the Member::mapInGroups() to Member::map_in_groups() since it's a static method and throws deprecation message if using the old variant.
Rewrote the mapInGroups to use a more ORMy way of fetching Members for a set of groups and included a test for.
2012-05-10 13:53:54 +12:00
Stig Lindqvist
a16b75d459
Merge pull request #405 from halkyon/member_changes2
...
API CHANGE Removed Member_SignupEmail and deprecate sendInfo() on Member
2012-05-06 21:47:05 -07:00
Andrew O'Neil
89fc8e5fdd
APICHANGE: PasswordEncryptor::check() allows for more powerful password checking, deprecating PasswordEncryptor::compare()
2012-05-07 15:03:53 +12:00
Sean Harvey
d4154dae9e
API CHANGE Deprecate Member::sendInfo(), use Member_ChangePasswordEmail and Member_ForgotPasswordEmail class directly instead.
2012-05-05 10:04:46 +12:00
Sean Harvey
fd0ec1c47f
API CHANGE Removed Member_SignupEmail, use your own custom sign up Email class instead.
2012-05-05 10:04:23 +12:00
Ingo Schommer
7b18d9d0da
MINOR Switching _t() calls from sprintf() to using injection parameters ( #7170 )
2012-05-01 22:17:00 +02:00
Ingo Schommer
ffe698ca1e
MINOR Placeholder text for adding a group in Member->getCMSFields() ( fixes #7217 )
2012-04-30 10:29:09 +02:00
Sean Harvey
8a6671d72e
BUGFIX Member::onChangeGroups() should allow ADMIN permission grant if the logged in user is an ADMIN
2012-04-27 12:27:46 +12:00
Andrew O'Neil
a89228e934
MINOR: Fix deprecation notice when saving user settings
2012-04-16 14:13:21 +12:00
Ingo Schommer
d44f6b3e1f
MINOR Removed deprecated usage of $priority argument in _t() calls
2012-04-15 17:17:17 +02:00
Simon Welsh
f07258f3cf
MINOR Update @package values to match renaming sapphire
2012-04-15 10:50:19 +12:00
Simon Welsh
3a6341a251
API-CHANGE sapphire folder can now be renamed.
2012-04-15 10:50:19 +12:00
Ingo Schommer
8ba9c3ca6b
API CHANGE Removed $params argument to DataObject->getCMSFields(), please use FormScaffolder directly ( fixes #7135 )
2012-04-13 15:46:47 +02:00
Ingo Schommer
40d73127ae
MINOR Using late static binding instead of Object::create() calls
2012-04-04 17:10:31 +02:00
Sean Harvey
e097f6e1a8
MINOR Fixes to method arguments in core classes for E_STRICT support.
...
API CHANGE Remove abstract static function and just use static functions
in Authenticator (PHP 5.3+ doesn't support abstract static functions)
2012-03-28 22:41:42 +13:00
Sam Minnee
6c35588eda
API CHANGE: Rename 'PastMember' to 'IsRepeatMember' in templates.
...
API CHANGE: Move Controller::PastMember() to Member::is_repeat_member() in code.
API CHANGE: Removed Controller::CurrentMember(), it was only ever intended as a template global provider.
2012-03-16 15:05:28 +13:00
Ingo Schommer
01b24daace
API CHANGE Removed Member::isAdmin(), use Permission::check('ADMIN') instead
...
API CHANGE Removed Member->setByCheckboxes()/setByCheckboxSetField(), Use setByIdList() and/or a CheckboxSetField instead
API CHANGE Removed Member->addManyByGroupID(), Use DataList->addMany() instead.
API CHANGE Removed Member->removeManyByGroupID(). Use DataList->removeMany() instead.
API CHANGE Removed Member->getGroupsFromIDs(). Use DataObject::get("Group")->byIds() instead.
API CHANGE Removed Member->addManyByCodename()/removeManyByCodename(). Don\'t rely on codename
2012-03-09 21:33:52 +01:00
Sean Harvey
d28da56e19
BUGFIX Fixed regression where Member::PasswordEncryption field wouldn't be set to the default
2012-03-09 17:29:57 +13:00
Sean Harvey
9f3344b355
API CHANGE Removed built-in behaviour.js client-side form validation.
...
This is no longer supported. Please use custom client-side validation instead. (see 3.0.0 changelog
for more information)
2012-03-09 12:19:57 +13:00
Ingo Schommer
e4a6dd5850
Merge branch 'integration'
...
Conflicts:
forms/gridfield/GridField.php
2012-03-08 20:25:21 +01:00
Ingo Schommer
79d420f941
ENHANCEMENT Member->DirectGroups() (to complement Group->DirectMembers(), and aid with relationship saving through Member->getCMSFields())
2012-03-07 01:23:40 +01:00
Ingo Schommer
bb6d4c506e
BUGFIX Fixed HasManyList and ManyManyList queries for relationships on new records (was returning all available records due to the SQL filtering ignoring ID=0)
2012-03-06 01:23:34 +01:00
Hamish Friedlander
374ed19406
API CHANGE: Change variable expose method in TemplateGlobalProvider and TemplateIteratorProvider to (a) not clash with each other and, (b) be less generic
2012-03-06 09:31:57 +13:00
Hamish Friedlander
fb246bdd08
APICHANGE: Rename getExposedVariables to match coding conventions
2012-03-06 09:31:56 +13:00
Hamish Friedlander
927dbbe717
API-CHANGE: Global template variables can now be called directly using SSViewer_DataPresenter instead of needing to inherit off ViewableData
2012-03-06 09:11:46 +13:00
Ingo Schommer
e8ad2c2173
MINOR Using ListboxField instead of CheckboxSetField in Member->getCMSFields() for group assignment
2012-03-05 10:55:32 +01:00
Ingo Schommer
46628721fe
ENHANCEMENT Using chosen.js for group selection in Member->getCMSFields()
2012-03-02 20:46:22 +01:00
Ingo Schommer
0ab43cdcb8
API CHANGE Moved "IP Address restrictions for groups" feature to a new "ipaddress-restriction" module (SSF-53)
2012-03-01 21:36:01 +01:00
Ingo Schommer
abfa16fa70
ENHANCEMENT Using native jQuery UI buttons and icon styling for a less coupled implementation (e.g. assuming that a "constructive" button always has a specific icon, or one at all). All CMS UI buttons switched to use <button> markup, which allows for inline icons and correctly aligned multi-line button labels.
2012-02-17 15:58:32 +01:00
Ingo Schommer
b4b6e5a2db
MINOR Cleaned up CMS dialog styling (now works with/without tabs, in iframe and inline markup), removed superfluous SCSS variable declarations
2012-01-03 18:11:21 +01:00
Wolf Vollprecht
2a429c9850
MINOR: Added Member Profile Popup Styling
...
MINOR: Better button styles
MINOR: Now compass for button sprites
2011-12-29 09:48:22 +01:00
Ingo Schommer
7d245c3803
MINOR Reduced unnecessary autoloading
2011-12-23 10:31:35 +01:00
Ingo Schommer
96d18efa58
MINOR Replaced calls to deprecated FormField->Name() with getName()
2011-10-29 13:27:11 +02:00
Sam Minnee
beb10ef4be
BUGFIX: Fix Member::mapInGroups() and Member::mapInCMSGroups() to not use deprecated.
2011-10-29 18:07:54 +13:00
Sam Minnee
22e5617ee2
MINOR: Moved from use of deprecated SQLMap to SS_Map.
2011-10-29 17:36:37 +13:00
Sam Minnee
e5afa25522
MINOR: Use Deprecation class to indicate deprecated methods in core.
2011-10-29 17:34:31 +13:00
Stig Lindqvist
e38dd08ea5
MINOR: Fix docblocks to reference SS_List instead of (now deprecated) DataObjectSet where appropriate
2011-10-28 15:58:55 +13:00
Hamish Friedlander
0a3e0f15de
MINOR: Replace references to FieldSet (now deprecated) with references to FieldList
2011-10-28 15:58:55 +13:00
Ingo Schommer
0a8a17833f
MINOR Quoting relation tables in new ManyManyList API
2011-10-07 14:11:07 +02:00
Will Rossiter
1732a17114
Merged new-orm into datagrid
2011-09-26 16:47:54 +13:00
Ingo Schommer
ce8e72cf0e
MINOR Removing executable flag from all files (thanks miiihi)
2011-09-18 22:04:02 +02:00
Ingo Schommer
7d01b4042f
BUGFIX Increasing length of Member.Email database column to comply with recommended RFC lengths for email addresses
2011-08-22 08:56:42 +02:00
Will Rossiter
ef6432d647
BUGFIX: Member::autoLogin() not setting alc_enc properly. PATCH via simon_w. FIXES : #6646 .
2011-05-30 10:04:55 +12:00
Sam Minnee
878b348a0f
Merge branch 'master' into new-orm
...
Conflicts:
docs/en/reference/built-in-page-controls.md
model/SQLQuery.php
2011-05-26 17:08:10 +12:00
ajshort
1f6f7f0862
API CHANGE: Deprecated CompositeField->FieldSet() in favour of CompositeField->FieldList().
...
MINOR: Replaced usage of FieldSet with FieldList.
MINOR: Renamed FieldSetTest to FieldListTest.
2011-05-11 17:51:54 +10:00
Ingo Schommer
afbb4cc045
MINOR Fixed Member_ProfileForm styling, inlining into _style.css. Misc style fixes
2011-05-01 20:23:07 +12:00
Ingo Schommer
87163d5bb6
MINOR Removed unnecessary headers from Member->getCMSFields()
2011-05-01 20:23:07 +12:00
Ingo Schommer
f8b38e9adb
MINOR Moving _layout.scss include from screen.css into its own file, in order to selectively block layout options like body {overflow: none;} while retaining all other cms styles (useful in a dialog context)
2011-05-01 20:23:07 +12:00
ajshort
81c0caaddb
API CHANGE: Renamed DataList::filter() and DataQuery::filter() to ::where().
2011-05-01 15:26:30 +12:00
Sam Minnee
33fa7825f9
BUGFIX: Updated Member <-> Group relations to work with new ManyManyList. API CHANGE: Deprecated the special methods in Member_GroupSet.
2011-05-01 15:25:45 +12:00
Sam Minnee
de1494e3a8
ENHANCEMENT: Implemented DataList as the successor of DataObjectSet. DataList doesn't execute the query until it's actually needed, allowing for a more flexible ORM.
...
API CHANGE: augmentSQL is now passed a DataQuery object from which query parameters can be extracted.
API CHANGE: DataObjectDecorators that manipulate the query can now define augmentDataQueryCreation().
API CHANGE: The container class argument for DataObject::get() is deprecated.
API CHANGE: DataObject::buildSQL() and DataObject::extendedSQL() are deprecated; just use DataObject::get() now.
API CHANGE: DataObject::instance_get() and DataObject::instance_get_one() are deprecated, and can no longer be overloaded.
API CHANGE: DataObject::buildDataObjectSet() is deprecated.
API CHANGE: Cant't call manual manipulation methods on DataList such as insertFirst()
2011-05-01 15:25:45 +12:00
Ingo Schommer
79e0634537
Merge branch 'cms-ui-preparation'
2011-04-28 22:48:02 +12:00
ajshort
3a1c2df4e7
API CHANGE: Renamed DataObjectDecorator to DataExtension.
...
API CHANGE: Renamed LeftAndMainDecorator to LeftAndMainExtension.
MINOR: Replaced all references to decorators with extension.
2011-04-26 11:01:38 +10:00
Ingo Schommer
43491c2641
MINOR Reducing number of asset downloads by combining files in LeftAndMain->init() and including full jquery.ui.css instead of multiple @import statements
2011-04-25 21:36:51 +12:00
Sam Minnee
5755c27c30
ENHANCEMENT Improved performance of DataObject::get_by_id() by setting order to "1" in the contained get_one() call
2011-03-21 18:09:12 +13:00
Ingo Schommer
498e5758bf
BUGFIX Avoid privilege escalation from EDIT_PERMISSIONS to ADMIN through TreeMultiselectField (in Member->getCMSFields()) by checking for admin groups in Member->onChangeGroups()
2011-03-09 15:49:41 +13:00
Will Rossiter
9f6e3c9162
ENHANCEMENT: added requireDefaultRecords. PATCH via fragarach ( #6133 )
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114810 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-11 00:45:05 +00:00
Ingo Schommer
f61a307486
MINOR Reverting Member "AutoLoginHash", "RememberLoginToken" and "Salt" to their original VARCHAR length to avoid problems with invalidated hashes due to shorter field length
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114748 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-09 08:17:35 +00:00
Ingo Schommer
674d8e0f4a
MINOR Reduced VARCHAR length from 1024 to 40 bytes, which fits the sha1 hashes created by RandomGenerator. 1024 bytes caused problems with index lengths on MySQL
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114743 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-09 05:48:33 +00:00
Ingo Schommer
50f823697c
MINOR Fixed regression from r114504
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114505 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-05 00:43:10 +00:00
Ingo Schommer
a0a88af255
BUGFIX Using RandomGenerator class in Member->logIn(), Member->autoLogin() and Member->generateAutologinHash() for better randomization of tokens. Increased VARCHAR length of 'RememberLoginToken' and 'AutoLoginHash' fields to 1024 characters to support longer token strings.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114504 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-05 00:39:25 +00:00
Sam Minnee
d8a8635374
API CHANGE Member->canEdit() returns false if the editing member has lower permissions than the edited member, for example if a member with CMS_ACCESS_SecurityAdmin permissions tries to edit an ADMIN ( fixes #5651 ) (from r110856)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112861 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 02:46:26 +00:00
Sam Minnee
102375954a
MINOR Remove whitespace if Surname field set on Member, but not FirstName (from r109334)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112824 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 01:24:43 +00:00
Sam Minnee
00ddc0ff83
MINOR: trim space off end of firstname if surname is not set. #5925 (from r109330)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112822 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 01:23:44 +00:00
Sam Minnee
496e9bcef6
API CHANGE #5873 DataObjectSet::shift() now performs a proper shift instead of unshift (wrong). Please use DataObjectSet::unshift($item) if unshifting was intended!
...
API CHANGE Added DataObjectSet::pop()
MINOR Unit tests for DataObjectSet::shift(), DataObjectSet::unshift() and DataObjectSet::pop() (from r109156)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112817 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 01:20:56 +00:00
Sam Minnee
cf6907931b
API CHANGE Member::set_session_regenerate_id() can now be used to disable Member::session_regenerate_id() which can break setting session cookies across all subdomains of a site (from r109103)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112781 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 00:55:33 +00:00
Sam Minnee
60c78eb54d
ENHANCEMENT New Member records are populated with the currently set default through i18n::set_locale() (from r108499)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112753 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 00:37:43 +00:00
Sam Minnee
066bf90f02
BUGFIX Member_ProfileForm should fallback to english text for save button if no translation defined for current language (from r108408)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112727 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-18 22:54:17 +00:00
Sam Minnee
bd96d249f0
MINOR Fixed incorrect word "colon" with "dot" (from r108002)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112704 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-18 22:37:11 +00:00
Sam Minnee
7254c00aef
BUGFIX #5833 Duplicate IDs when two similar date formats in Member_DatetimeOptionsetField containing different delimiters (e.g / and .) replaced to an empty string (from r108001)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112703 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-18 22:34:09 +00:00
Ingo Schommer
577e82a123
BUGFIX Fixed Member->PasswordEncryption defaults when writing new Member without setting a password. Fixes critical issue with MemberTableField saving in admin/security, where new members are stored with a cleartext password by default instead of using the default SHA1 (see #5772 ) (from r107532)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112602 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:52:38 +00:00
Ingo Schommer
ad7267aa4c
ENHANCEMENT Member_DatetimeOptionsetField toggle text is now translatable (from r107365)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112570 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:23:43 +00:00
Ingo Schommer
6959909cb6
ENHANCEMENT #5352 Translatable entities for help text in Member_DatetimeOptionsetField::getFormattingHelpText() (from r107334)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112569 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:23:22 +00:00
Ingo Schommer
47762cdf5b
ENHANCEMENT #5352 Decouple date display from i18n locales, users now have access to change their date and time formats in Member::getCMSFields() using Member_DatetimeOptionsetField field (from r107326)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112568 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:23:02 +00:00
Ingo Schommer
39b056024f
APICHANGE: moved Group::addToGroupByName to $member->addToGroupByCode. (from r106217)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112528 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:00:48 +00:00
Ingo Schommer
95e1efb4bf
BUGFIX: get_title_sql has string concat hardcoded as ||, fixed for MSSQL which uses +, fix for #5613 (from r105337)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112497 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 02:48:51 +00:00
Ingo Schommer
589adbfde3
BUGFIX: when using custom Member title, the join was failing - it had wrong parameters. Now changed to correctly handle the ansi sql join for all Member columns. (from r104552)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112351 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 00:28:57 +00:00
Ingo Schommer
d46c3c877f
BUGFIX: table and column names now quoted properly (from r103851)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112322 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-14 23:50:36 +00:00
Sam Minnee
1e925a9e91
BUGFIX Choosing i18n::default_locale() in Member->populateDefaults() instead of "current locale". This fixes a bug where a new member created through admin/security automatically "inherits" the current locale settings of the admin creating it. (from r103582)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112149 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 03:57:49 +00:00
Sam Minnee
eb43fb14ef
MINOR Returning ValidationResult from Member->onBeforeWrite() to ensure the ValidationException is compatible with MemberTableField (related to r103336) (from r103337)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112133 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 03:42:49 +00:00
Sam Minnee
50c5887aec
BUGFIX: exchanged MySQL CONCAT function with ANSI compliant operator (from r102237)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112063 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 01:37:24 +00:00
Sam Minnee
1a12f98382
BUGFIX avoid call to non-object (from r101794)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112038 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 01:09:02 +00:00
Sam Minnee
df0e553eee
BUGFIX: tables and column quoted properly (from r101554)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112003 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 00:48:57 +00:00
Sam Minnee
9f2ca79c67
BUGFIX Cookies set to a value other than NULL (effectively unsetting the cookie) will now use the httpOnly parameter by default for better XSS protection (from r101045) (from r101046)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@111570 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-04 04:40:50 +00:00
Andreas Piening
1941c6042c
ENHANCEMENT Creating default "Content Authors" group with limited rights if no other groups exist.
...
MINOR Moved Permission->requireDefaultRecords() to Group->requireDefaultRecords() and Member->requireDefaultRecords().
MINOR Removed outdated checks for CanCMS and CanCMSAdmin from Permission->requireDefaultRecords() (from r100799)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@108804 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-08-03 01:05:27 +00:00
Ingo Schommer
b9e75f9cef
BUGFIX: Set Member default Locale (from r100527)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@105595 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-05-25 04:15:13 +00:00
Ingo Schommer
c3e001f82c
BUGFIX: Take into account tablename with custom columns in get_title_sql (from r97003) (from r99101)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102848 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-14 04:08:51 +00:00
Ingo Schommer
a9c9aaef67
BUGFIX use proper quotes for sep (from r96401) (from r99100)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102847 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-14 04:08:37 +00:00
Ingo Schommer
ae7439a4c3
MINOR ability to customize the text that comes out of Member->Title
...
MINOR updated workflow reports (from r96352) (from r99099)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102846 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-14 04:08:22 +00:00
Ingo Schommer
1260790685
BUGFIX Don't show FailedLoginCount field unless Member::$lock_out_after_incorrect_logins is enabled (from r99031)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102822 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-14 03:51:34 +00:00
Ingo Schommer
3a1868e8cf
BUGFIX: fixed member labels not appearing in cms popup. #5025 (from r98030)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102567 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-13 01:49:24 +00:00
Ingo Schommer
feb30e194f
API CHANGE Removed Member::init_db_fields(), its no longer needed due to the Member.PasswordEncyrption property changing from an ENUM to Varchar. (from r97818)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102535 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 23:40:58 +00:00
Ingo Schommer
426190bc9e
API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271 )
...
API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method.
ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install()
MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin' (from r97478)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102493 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 21:16:26 +00:00
Ingo Schommer
c604341a1d
API CHANGE Removed "auto-merging" of member records from Member->onBeforeWrite() due to security reasons - please use DataObject->merge() explicitly if this is desired behaviour
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@100705 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-03-09 04:10:38 +00:00
Ingo Schommer
f4e284a3c1
BUGFIX Fixing Member_ProfileForm to validate for existing members via Member_Validator to avoid CMS users to switch to another existing user account by using their email address
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@100704 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-03-09 04:08:52 +00:00
Ingo Schommer
09de9f7834
ENHANCEMENT Only show 'HTML Editor Config' dropdown in Group->getCMSFields() if more than one option exists
...
BUGFIX Fixed bogus HTMLEditorConfig instance when get() is called without a valid identifier (due to NULL database columns)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99599 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-02-22 09:38:15 +00:00
Ingo Schommer
11ad275522
FEATURE Showing (readonly) permissions for a Member record in admin/security popup
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99586 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-02-22 04:37:36 +00:00
Ingo Schommer
aea2f94a5e
FEATURE View and select groups for a specific member via the member popup in admin/security (requires EDIT_PERMISSIONS)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@98880 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-02-12 04:01:42 +00:00
Andrew Short
5e9b78b798
FEATURE: Moved the log-in validation process from individual authenticators into Member->checkPassword() and canLogIn(), to allow more extensibility and control (trunk, 2.4).
...
MINOR: Use a ValidationResult to log in a member so that custom errors can be generated.
From: Andrew Short <andrewjshort@gmail.com>
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@98267 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-02-05 00:36:25 +00:00
Andrew Short
bbd9f2a2b5
ENHANCEMENT: Updated Member->getMemberFormFields() to use scaffolding and to be in line with Member->getCMSFields().
...
From: Andrew Short <andrewjshort@gmail.com>
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@97401 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-01-21 22:59:19 +00:00
Sean Harvey
35628832d6
BUGFIX #4686 Fixed $member non-object error, and decorated checks from not working in Member::canView(), Member::canEdit() and Member::canDelete()
...
MINOR Added additional tests to MemberTest (from r94358)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95601 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-12-16 05:39:39 +00:00
Will Rossiter
2ff4631c1f
API CHANGE: removed listOfFields() function. Use custom code instead.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@93647 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-26 21:24:38 +00:00
Ingo Schommer
1b138d6916
MINOR Removed layout_helpers.js dependency
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92516 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 02:30:42 +00:00
Ingo Schommer
a11db29672
MINOR Changed paths to moved thirdparty dependencies (mostly from /jsparty to /sapphire/thirdparty, /cms/javascript and /sapphire/javascript)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92502 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 02:29:59 +00:00
Ingo Schommer
48c0418840
BUGFIX More robust checks on the current member in Member::canEdit() and Member::canDelete() if there is no logged in member (from r92129)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92458 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 01:43:16 +00:00
Ingo Schommer
e675381cd4
ENHANCEMENT Pluggable password encryption through PasswordEncryptor class ( #3665 )
...
BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004 )
API CHANGE Deprecated Security::encrypt_passwords()
API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation
API CHANGE Removed Security::get_encryption_algorithms()
API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword
API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90949 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-06 02:23:21 +00:00
Tom Rix
8216448da3
MINOR run checks before running hasMethod, as an extension does not neccessairily have that method.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90691 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-03 02:33:53 +00:00
Tom Rix
3dfa7a2103
MINOR fixed ambiguous column
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90481 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-30 00:23:02 +00:00
Sam Minnee
994e93f790
API CHANGE: replaced Database::USE_ANSI_SQL with DB::USE_ANSI_SQL
...
API CHANGE: replaced Database::alteration_message() with DB::alteration_message()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90097 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-26 22:03:29 +00:00
Andrew Short
79773042be
API CHANGE: Renamed conflicting classes to have an "SS_" namespace, and renamed existing "SS" namespace to "SS_". The affected classes are: HTTPRequest, HTTPResponse, Query, Database, SSBacktrace, SSCli, SSDatetime, SSDatetimeTest, SSLog, SSLogTest, SSLogEmailWriter, SSLogErrorEmailFormatter, SSLogErrorFileFormatter, SSLogFileWriter and SSZendLog.
...
MINOR: Replaced usage of renamed classes with the new namespaced name.
From: Andrew Short <andrewjshort@gmail.com>
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90075 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-26 03:06:31 +00:00
Sean Harvey
8bd78f77d8
MINOR Supress session warnings in session_regenerate_id() for a win32 environment (from r81984)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89712 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-21 02:21:05 +00:00
Sam Minnee
9642c7171c
ENHANCEMENT: Added Member::set_login_marker_cookie(), to let developers bypass static caching for logged-in users (from r73803)
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@88635 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-12 03:27:41 +00:00
Sean Harvey
8b6772fff0
Merged in Member::sendInfo() bug fixes from branches/2.3 - r85779
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86679 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-18 03:07:15 +00:00
Ingo Schommer
2700d73e97
ENHANCEMENT Limiting "alc_enc" cookie (remember login token) to httpOnly to reduce risk of information exposure through XSS
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86027 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 03:23:31 +00:00
Ingo Schommer
ed5475bbae
ENHANCEMENT Added Member->FailedLoginCount property to allow Member->registerFailedLogin() to persist across sessions by writing them to the database, and be less vulnerable to brute force attacks. This means failed logins will persist longer than before, but are still reset after a valid login.
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86017 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 02:42:26 +00:00
Sam Minnee
cd3db788a9
BUGFIX: Performance improvement to Member::currentUserID()
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84167 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-08-11 09:16:34 +00:00
Andrew O'Neil
66543e6002
NOTFORMERGE: Merged 84085 from 2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@84089 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-08-10 04:32:39 +00:00
Ingo Schommer
dfa44c055c
API CHANGE Changing DataObject::$changed to private visiblity. Please use getChangedFields() and isChanged()
...
ENHANCEMENT Added DataObject->isChanged() to detect if a field has been changed in this object instance
MINOR Changing call to CompositeDBField->compositeDatabaseFields() in DataObject->hasOwnDatabaseField()
BUGFIX Unsettig "Version" property in DataObject->getChangedField() to allow versioned to write a new version after a call to forceChange()
BUGFIX Introduced $markChanged in Money class
BUGFIX Casting Money->__toString() return value as string
MINOR Changing Member class to use new DataObject->isChanged() API
BUGFIX Using new $markChanged API for CompositeDBFields in DBField::create()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@77893 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-05-27 00:09:23 +00:00
Sean Harvey
230a70b0b7
API CHANGE Removed @deprecated 2.3 function isInGroup() from Member
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@77342 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-05-20 04:54:00 +00:00
Sean Harvey
a5e82ddff1
Merged from branches/2.3
...
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@75590 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-04-29 01:20:24 +00:00