Hamish Friedlander
d44024b1cf
Merge branch 'origin/3.1'
2013-07-24 13:29:55 +12:00
Hamish Friedlander
541436feb0
Merge branch 'origin/3.0' into 3.1
2013-07-24 12:09:44 +12:00
Sam Minnée
3c6ba1c322
Merge pull request #2257 from hafriedlander/fix/flush_30
...
FIX Nice errors and allows flush on module removal
2013-07-23 16:44:25 -07:00
Sean Harvey
23d1e8c76d
Merge pull request #2260 from ARNHOE/3.1-fixedeastgermany
...
Fixed CountryDropDownField showing East Germany
2013-07-23 15:25:17 -07:00
Hamish Friedlander
a1ea905ca8
FIX Nice errors and allows flush on module removal
2013-07-24 09:57:01 +12:00
Arno Poot
aa6da4ee4e
Fixed CountryDropDownField showing East Germany
2013-07-23 19:13:11 +02:00
Will Rossiter
ff1b0e3a08
Merge pull request #2256 from tractorcow/3.1-setratiosize-dbz-fix
...
BUG Fixed divide by zero with SetRatioSize on missing image file
2013-07-22 23:02:29 -07:00
Damian Mooyman
b3ca4a275b
BUG Fixed divide by zero with SetRatioSize on missing image file
...
Fixes issue #2047
2013-07-23 11:24:48 +12:00
Sam Minnée
88d0cbea62
Merge pull request #2255 from hafriedlander/fix/flush_30
...
Split Core.php into Constants.php and Core.php and adjust main.php startup
2013-07-22 15:33:35 -07:00
Hamish Friedlander
84011aa736
FIX Only suppress fatal errors
2013-07-22 14:48:16 +12:00
Hamish Friedlander
604d9bf7dc
Split Core.php into Constants.php and Core.php and adjust main.php startup
...
The recent flush filter fix had a problem that you couldnt set a custom
BASE_PATH in _ss_environment because that file didnt get included until
after checking the confirmation token. This patch pulls the part of Core.php
that defines BASE_PATH into a seperate file that can be included earlier
in the startup sequence so that ParameterConfirmationToken can access it.
Core.php includes Constants.php with a require_once call, so for startup
scripts that dont pull in Constants.php themselves (like cli-script.php)
no change is needed.
2013-07-22 13:52:00 +12:00
Will Rossiter
58a2eb0155
Versioned documentation typo (Thanks aragonne)
2013-07-19 18:14:53 +12:00
Hamish Friedlander
0a79ac3592
Merge branch 'origin/3.1'
...
Conflicts:
templates/forms/CheckboxSetField.ss
templates/forms/FormField_holder.ss
templates/forms/OptionsetField.ss
2013-07-19 16:25:38 +12:00
Hamish Friedlander
bed25a7a79
Merge branch 'origin/3.0' into 3.1
2013-07-19 15:51:54 +12:00
Sam Minnée
7bfc872a8e
Merge pull request #2248 from hafriedlander/fix/flush_30
...
FIX: Have ParameterConfirmationToken work regardless of include path
2013-07-18 20:46:56 -07:00
Hamish Friedlander
a312cd08e1
FIX: Ignore invalid tokens instead of throwing 403
2013-07-19 14:47:05 +12:00
Hamish Friedlander
036c36a7dd
FIX: Have ParameterConfirmationToken work regardless of include path
2013-07-19 14:33:56 +12:00
Hamish Friedlander
d38bd7d5cb
Merge branch 'origin/3.0' into 3.1
2013-07-19 14:18:49 +12:00
Sam Minnée
7656a22329
Merge pull request #2243 from hafriedlander/fix/flush_30
...
FIX Prevent DOS by checking for env and admin on ?flush=1 (#1692 )
2013-07-18 17:39:10 -07:00
Hamish Friedlander
1298d4a5bd
FIX Prevent DOS by checking for env and admin on ?flush=1 ( #1692 )
2013-07-19 12:24:32 +12:00
Hamish Friedlander
b915c2364c
Merge pull request #2244 from mateusz/lockout-errors
...
BUG First error should take precedence here. No further checks needed.
2013-07-18 14:38:23 -07:00
Mateusz Uzdowski
d4a6f7304e
BUG First error should take precedence here. No further checks needed.
2013-07-19 08:54:52 +12:00
Sam Minnée
2ca089532f
Merge pull request #2219 from chillu/pulls/clickjacking
...
BUG Prevent clickjacking in CMS and Security controllers (fixes #2215 )
2013-07-16 14:35:53 -07:00
Simon Welsh
d9b0d14ee9
Merge pull request #2229 from ss23/patch-6
...
FIX preg_replace_callback in emailer was broken
2013-07-14 21:55:07 -07:00
Stephen Shkardoon
999fd3901c
FIX preg_replace_callback in emailer was broken
...
Fixes bug introduced by 9deb11f9a0
Email has no content
This is what happens when we make commits without testing!
2013-07-15 16:50:41 +12:00
Ingo Schommer
d1fec14bd1
Merge pull request #2226 from Brancom/3.1
...
Updated loop/if/with to be more consistent
2013-07-14 13:58:06 -07:00
Ingo Schommer
d4a1e6d294
BUG Prevent clickjacking in CMS and Security controllers ( fixes #2215 )
2013-07-14 22:44:09 +02:00
ARNHOE
2427d57fa5
Updated loop/if/with to be more consistent
2013-07-14 20:43:52 +12:00
Ingo Schommer
920edf88e7
Test allowedExtensions in UploadField, return correct HTTP status
2013-07-12 13:16:34 +02:00
Will Rossiter
d80b16597a
Merge pull request #2224 from tractorcow/3.1-foreignkey-typo
...
Typo
2013-07-11 20:45:44 -07:00
Will Rossiter
65e9f05c36
Merge pull request #2220 from jthomerson/pulls/small_doc_fix_1
...
Small typo causing linking error
2013-07-11 20:42:36 -07:00
Damian Mooyman
7fbc752764
Typo
2013-07-12 15:07:43 +12:00
Sean Harvey
a5363aba6d
Merge pull request #2214 from chillu/pulls/password-docs
...
Member.lock_out_delay_mins, password security docs
2013-07-11 15:04:15 -07:00
Jeremy Thomerson
71f8c1306f
DOCFIX: small typo causing linking error
2013-07-11 13:40:34 +00:00
Ingo Schommer
bdbd61cb22
Merge remote-tracking branch 'origin/3.0' into 3.1
2013-07-11 15:14:07 +02:00
Ingo Schommer
c2c8498c64
BehatFixtureFactory 5.3.8 compat (wrong usage of is_a())
2013-07-11 15:13:37 +02:00
Ingo Schommer
b58e2dbe3a
Member.lock_out_delay_mins configurable, password security docs
2013-07-11 09:47:28 +02:00
Ingo Schommer
84bc3ed024
Merge pull request #2202 from tractorcow/3.1-aggregate-deprecation
...
API Deprecate Aggregate and DataObject::getComponentsQuery
2013-07-11 00:25:26 -07:00
Ingo Schommer
cc33427218
Merge pull request #2123 from willmorgan/forajaxtemplate-session-message
...
MINOR clear session message whenever forAjaxTemplate is used
2013-07-10 16:04:48 -07:00
Ingo Schommer
ed69a2bf82
Merge pull request #2212 from dhensby/patch-3
...
Adding test to prove issue with HTTP Header parsing in RestfulService
2013-07-10 08:32:04 -07:00
Daniel Hensby
ddd6a15b4a
FIX RestfulService header parsing now accepts non-title case headers
2013-07-10 13:00:40 +01:00
Daniel Hensby
378d829e8f
Adding test to prove issue with HTTP Header parsing in RestfulService
...
I have a header like:
X-BB-Auth: xxxx
and it is being given back to me as X-Bb-Auth - i want to prove the issue and the fix
2013-07-10 12:47:13 +01:00
Ingo Schommer
c3f62de0eb
Merge pull request #2208 from hafriedlander/fix/sanitise
...
Add some docs about admin-side HTML sanitisation
2013-07-10 01:33:52 -07:00
Andrew Short
8a62593754
Merge branch '3.1'
2013-07-10 18:27:19 +10:00
Hamish Friedlander
7b7982969b
Add some docs about admin-side HTML sanitisation
2013-07-10 16:44:51 +12:00
Simon Welsh
e5ed8f1ef2
Merge branch '3.0' into 3.1
2013-07-10 12:31:38 +12:00
Hamish Friedlander
ca2b81c6c2
Merge pull request #2207 from camspiers/config-caching-fix
...
FIX ConfigManifest regenerating every request if variantKeySpec is an empty array()
2013-07-09 17:30:33 -07:00
Simon Welsh
b506eb1b29
Use httpError() instead of non-existent HTTPResponse_Exception class
2013-07-10 12:30:27 +12:00
Cam Spiers
b44641336b
FIX ConfigManifest regenerating every request if variantKeySpec is an empty array()
2013-07-10 11:53:44 +12:00
Ingo Schommer
e6011f3aae
Rewritten "extend cms" docs ( #1671 )
...
Hopefully this commit can be reverted once we fix the
layout manager to work with all four directions (north, south, east, west).
A "bookmark bar" makes more sense as an example than having the links
in the menu, and it allows us to illustrate the CMS layout techniques.
2013-07-09 22:15:43 +02:00