Commit Graph

685 Commits

Author SHA1 Message Date
Ingo Schommer
d4a1e6d294 BUG Prevent clickjacking in CMS and Security controllers (fixes #2215) 2013-07-14 22:44:09 +02:00
Will Rossiter
65e9f05c36 Merge pull request #2220 from jthomerson/pulls/small_doc_fix_1
Small typo causing linking error
2013-07-11 20:42:36 -07:00
Jeremy Thomerson
71f8c1306f DOCFIX: small typo causing linking error 2013-07-11 13:40:34 +00:00
Ingo Schommer
b58e2dbe3a Member.lock_out_delay_mins configurable, password security docs 2013-07-11 09:47:28 +02:00
Hamish Friedlander
7b7982969b Add some docs about admin-side HTML sanitisation 2013-07-10 16:44:51 +12:00
Ingo Schommer
e6011f3aae Rewritten "extend cms" docs (#1671)
Hopefully this commit can be reverted once we fix the
layout manager to work with all four directions (north, south, east, west).
A "bookmark bar" makes more sense as an example than having the links
in the menu, and it allows us to illustrate the CMS layout techniques.
2013-07-09 22:15:43 +02:00
Simon Welsh
d844c74e3c Merge branch '3.0' into 3.1
Conflicts:
	.travis.yml
	control/HTTP.php
	email/Mailer.php
	tests/control/HTTPTest.php
2013-07-05 10:17:14 +12:00
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Mateusz Uzdowski
f9ede95e5b Add configuration system tests for Only and Except combinations. 2013-07-02 15:51:53 +12:00
Hamish Friedlander
df218d76da Clarify how Only and Except rules combine 2013-07-02 14:09:11 +12:00
Ingo Schommer
2a4fd90316 Docs: Note about branch merging 2013-06-25 10:35:30 +02:00
Ingo Schommer
fb784af738 API Enforce $allowed_actions in RequestHandler->checkAccessAction()
See discussion at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/Dodomh9QZjk

Fixes an access issue where all public methods on FormField were allowed,
and not checked for $allowed_actions. Before this patch you could e.g.
call FormField->Value() on the first field by using action_Value.

Removes the following assertion because it only worked due to RequestHandlingTest_AllowedControllerExtension
*not* having $allowed_extensions declared: "Actions on magic methods are only accessible if explicitly allowed on the controller."
2013-06-24 14:50:40 +02:00
Ingo Schommer
474dde8012 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	docs/en/reference/grid-field.md
2013-06-24 14:39:09 +02:00
Will Rossiter
d1756a5a58 Update simple-contact-form.md 2013-06-20 18:35:12 +12:00
CheeseSucker
2ac3444675 MINOR: Fixed typo 2013-06-19 16:48:49 +02:00
Ingo Schommer
2160fb8000 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	admin/javascript/LeftAndMain.js
	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
	tests/control/ControllerTest.php
2013-06-19 14:03:43 +02:00
Sean Harvey
726e4c313e Merge pull request #2084 from chillu/pulls/cmsform
Handle ValidationException on CMS forms
2013-06-18 14:41:51 -07:00
CheeseSucker
671b7a0cc7 Consolidated command line examples
Examples were broken into several <pre> blocks.
2013-06-18 15:50:32 +03:00
vikas srivastava
2f16d93d48 Update 3.1.0.md
I was trying 
Member:
  extensions:
    MyMemberExtension

And it didn't work then someone on IRC pointed that I need to put a '-' before values. So this works.
Member:
  extensions:
    - MyMemberExtension
Hope will help someone else.
2013-06-17 14:21:46 +05:30
CheeseSucker
476df739a2 A few minor improvements to the "Module development" documentation 2013-06-16 12:55:39 +03:00
Ingo Schommer
6a4ec840d2 Merge pull request #2098 from CheeseSucker/patch-2
[MINOR] Fixed typo
2013-06-15 00:14:53 -07:00
Will Rossiter
8fca3799c3 Update module development, remove outdated release steps 2013-06-15 12:06:25 +12:00
CheeseSucker
091e34e2e8 [MINOR] Typo 2013-06-15 02:49:52 +03:00
Ingo Schommer
9d4b8f61ca Note about IE10 support 2013-06-13 10:27:19 +02:00
Ingo Schommer
bfff11eb9c API New CMSForm class to allow validation responses in CMS (fixes #1777)
Thanks to @willmorgan for getting this discussion started
(see https://github.com/silverstripe/sapphire/pull/1814).
2013-06-13 07:51:05 +02:00
Damian Mooyman
be986c6524 API Allow $summary_fields to support methods on DBFields 2013-06-13 09:41:24 +12:00
Will Rossiter
6d792adab2 Update documentation static declarations to private
Also spelling, grammar and line length clean up.
2013-06-08 15:16:59 +12:00
Stevie Mayhew
76f6e0f71e MINOR: equality check consistency
Updated all equality checks to use double equals (==) for consistency.
2013-06-07 12:37:52 +12:00
Stevie Mayhew
6aae3d7d05 MINOR: equality check consistency
Updated all equality logic checks to use double == for consistency across the page.
2013-06-07 12:33:57 +12:00
Will Rossiter
e1b1fce31f Doc cleanup (spelling, line length, grammar) 2013-06-02 13:38:10 +12:00
Will Rossiter
db85f3ca16 FIX extra_requirements to accept non associative arrays.
Added unit tests for extra_requirements_js and extra_requirements_css.

Fixed YAML documentation to indicate list syntax.
2013-06-02 13:37:34 +12:00
Che Van Lawrence
657c2033ae Improve docs (mostly spelling) 2013-05-29 18:23:25 +02:00
Damian Mooyman
163917b83e Fixed scrutiniser issues 2013-05-27 15:42:10 +12:00
Damian Mooyman
7f057ce343 API UploadField functions on new records
Fixed regression from 1e5d40474d (UploadField::canPreviewFolder).
Merged in pull request #2009 - (6018bdd631).
Merged pull request #1259 (34bfc862ee).
2013-05-27 15:22:59 +12:00
Simon Welsh
e90012787d Merge branch 'hackfest_may_2013' of https://github.com/NightJar/sapphire into 3.1
Conflicts:
	docs/en/changelogs/3.1.0.md
2013-05-25 20:07:54 +12:00
Nightjar
5ec8158977 Check that Webserver is not Apache/1.x in light of installer assets/.htaccess alterations 2013-05-25 20:03:36 +12:00
Stephen Shkardoon
5e5b892043 Note for magic quotes change 2013-05-25 20:02:51 +12:00
Julian Seidenberg
22c7bbfcd4 NEW UploadField displays a warning before overwriting files (only relevant if config.yml: Upload:replaceFile = true). 2013-05-25 19:07:06 +12:00
Sam Minnée
5bbe48b799 Update commandline.md 2013-05-25 18:54:54 +12:00
Sam Minnée
99275ea783 Merge pull request #1760 from jedateach/patch-3
CommandLine: Info about running regular tasks with cron
2013-05-24 23:53:45 -07:00
Che Van Lawrence
ec8eeeb07a Update common-problems.md 2013-05-25 11:50:31 +12:00
Che Van Lawrence
b6b13c1adf Update common-problems.md 2013-05-25 11:49:22 +12:00
Che Van Lawrence
2acf91a1bd Update common-problems.md 2013-05-25 11:48:09 +12:00
Che Van Lawrence
51f11869a8 Update server-requirements.md 2013-05-25 11:41:00 +12:00
Stephen Shkardoon
45462baff1 Fix misleading composer link
Fix misleading composer link
2013-05-25 10:41:56 +12:00
Sam Minnee
738581f0f5 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	.travis.yml
2013-05-23 18:59:34 +12:00
Will Rossiter
17ac2e36fc Merge pull request #1864 from tomzen/patch-1
Have 'Configuration Reference' link point to uploadfield page
2013-05-21 03:38:20 -07:00
Ingo Schommer
e0f4bd6113 Fixed conventions in shortcode docs 2013-05-17 14:02:33 +02:00
Ingo Schommer
306d3b0c7e Merged existing shortcode docs with new topics docs from 3.0 2013-05-17 14:01:42 +02:00
Ingo Schommer
4c7c40e8b9 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	parsers/ShortcodeParser.php
2013-05-17 13:51:54 +02:00