Steve Boyd
fb0d769049
Merge pull request #9969 from creative-commoners/480-tag
...
Security fixes from 4.8.0
2021-06-08 11:47:35 +12:00
Steve Boyd
8024551376
[CVE-2020-26138] Validate custom multi-file uploads
2021-06-02 16:24:23 +12:00
Steve Boyd
7f97734a20
[CVE-2020-25817] Prevent loading of xml entities
2021-06-02 16:24:17 +12:00
Michal Kleiner
2017a20433
FIX Use empty array as a fallback for preg_split within dbtext summary
...
If the content is invalid for whatever reason e.g. when instantiating
a DBText field to get a summary of text through
`DBField::create_field('Text', $content)->Summary(10)`, preg_split returns
false and the rest of the code expects an array.
This tweak ensures an array is always returned even when preg_split fails.
2021-06-02 15:17:58 +12:00
Steve Boyd
9ccdb8efb2
Merge branch '4.7' into 4.8
2021-05-31 17:04:54 +12:00
Maxime Rainville
472fc4ebb4
BUG Update DataQuery::exists to return false when limit causes no result to be returned ( #9946 )
...
* BUG Update DataQuery::exists to return false when limit causes no result to be returned
* Update comment
* Fixing linting issue
2021-05-31 16:50:58 +12:00
Steve Boyd
a6ccc86f94
Merge branch '4.7' into 4.8
2021-05-03 14:21:37 +12:00
Steve Boyd
e6aeff6468
Merge branch '4.6' into 4.7
2021-05-03 14:21:20 +12:00
Garion Herman
debf1ae9fb
Merge pull request #9887 from lekoala/patch-18
2021-04-24 21:05:29 +12:00
Maxime Rainville
67a008365a
Merge pull request #9743 from kinglozzer/treedropdown-root-id
...
NEW: Expose TreeDropdownField root node ID in schema
2021-04-23 18:06:23 +12:00
maks
12a6f7bd0f
fix typo in core constants phpdoc block
2021-04-20 18:25:24 +02:00
Maxime Rainville
37ee3a923f
Merge pull request #9917 from creative-commoners/pulls/4/rememberloginhash-getset
...
API Methods to override logout_accross_devices
2021-04-20 09:49:36 +12:00
Steve Boyd
3d7868449f
Merge branch '4.7' into 4
2021-04-19 16:39:15 +12:00
Steve Boyd
bcccc63d33
API Methods to override logout_accross_devices
2021-04-19 13:13:35 +12:00
Loz Calver
097da7aed5
Merge pull request #9916 from chrometoasters/bugfix/absolute-base-url-generation
...
[BUGFIX] Prevent call getHeader() on null HTTPRequest object
2021-04-16 09:15:15 +01:00
Maxime Rainville
fdd23a3675
Merge branch '4.7' into 4
2021-04-14 11:35:58 +12:00
Maxime Rainville
6fc25e4e96
RFC Add chunk method to DataList to iterate over large dataset ( #8940 )
2021-04-14 07:49:44 +12:00
André Kiste
e2777ded8e
• Add missing string
...
• Move attribute to login-forms
2021-04-13 15:33:49 +12:00
Kunal Hari
31c5ab2069
[BUGFIX] Prevent call getHeader() on null HTTPRequest object
2021-04-13 14:06:21 +12:00
André Kiste
bbcc187c02
Update conflicting translations.
...
Revert removal of translations.
2021-04-12 11:42:57 +12:00
Andre Kiste
dcdc25500b
Merge pull request #9909 from creative-commoners/pulls/4/remember-thirty
...
ENH Reduce default token period from 90 to 30 days
2021-04-08 12:39:22 +12:00
André Kiste
8692aabe9b
Use new designs
2021-04-08 12:32:12 +12:00
Steve Boyd
7ec838f9c2
Merge pull request #9908 from sunnysideup/patch-15
...
PATCH: fix param in docblock ... add \ to FormField::__construct
2021-04-07 09:56:40 +12:00
Steve Boyd
160ed6f3f1
Merge pull request #9882 from creative-commoners/pulls/4/doc-composite-validator
...
DOC Clarify return value for CompositeValidator::getValidatorsByType()
2021-04-06 15:26:16 +12:00
Steve Boyd
1c7fd287a1
ENH Reduce default token period from 90 to 30 days
2021-04-06 13:22:10 +12:00
Nicolaas
b75860b195
PATCH: fix param in docblock ... add \ to FormField::__construct
2021-04-05 19:43:41 +12:00
Nicolaas
2ecd8b34ee
adding use SilverStripe\Security\Member; to make sure linting works
...
adding `use SilverStripe\Security\Member;` to make sure that linting works.
2021-04-01 23:36:36 +13:00
Maxime Rainville
66fa597b3b
FIX Better handling of remember me token when login across devices is disabled ( #9895 )
...
* BUG Make sure remember me tokens are not invalidated when logging out without the logout_across_devices flag
* Remove unneeded comment
2021-03-31 11:31:52 +13:00
André Kiste
44fae4497b
Better describe the 'keep me signed in' checkbox
2021-03-30 13:19:55 +13:00
Nicolaas
504e20320e
Update DBBoolean.php ( #9893 )
2021-03-24 12:05:33 +13:00
Steve Boyd
169c06131a
Merge pull request #9748 from tom890180/4.6
...
Merge the "Merge pull request #9565 from tom890180/check_items_exist" to 4.6
2021-03-23 11:01:30 +13:00
Christopher Darling
daa9060c1a
remove unused class import Convert
...
Was missed from PR b02a6fa02d
2021-03-22 14:34:13 +00:00
Thomas Portelange
22b2d58b5a
Update src/Security/Member.php
...
Co-authored-by: Steve Boyd <emteknetnz@gmail.com>
2021-03-22 09:02:18 +01:00
Thomas Portelange
19052e6924
Update src/Security/Member.php
...
Co-authored-by: Steve Boyd <emteknetnz@gmail.com>
2021-03-22 09:02:13 +01:00
Thomas Portelange
0586c55e62
prevent spaces in emails
...
so this is not the first time a customer of mine is just copy pasting stuff in emails fields and somehow, a space at the end skips validation. this update ensure there is no space before or after the email, it would probably save a lot of time for everyone to have this build in.
it's probably better to fix it here rather than at form level because this also happens for csv imports etc
2021-03-19 10:11:02 +01:00
Maxime Rainville
7a04090bdf
Merge branch '4.7' into 4
2021-03-15 14:27:47 +13:00
Maxime Rainville
4ee92da6b5
DOC Clarify return value for CompositeValidator::getValidatorsByType()
2021-03-10 22:59:06 +13:00
Nik
d2fa64b489
BUG Allow Email to re-render when data changes ( #9876 )
...
* Fix: Allow Email to re-render when data changes
* Add invalidateBody function
* Make the linter happy
2021-03-04 11:18:46 +13:00
Maxime Rainville
2c54a3fd2f
Merge branch '4.7' into 4
2021-03-01 20:37:04 +13:00
Maxime Rainville
028c4fdaa1
BUG Tweak shortcode parser so it properly parse empty attributes
2021-02-25 15:18:16 +13:00
Loz Calver
095a3b70f8
NEW: Provide helpers for isDev/isTest/isLive in templates
2021-02-11 11:19:07 +00:00
Guy Marriott
eaadd40c3b
Merge pull request #9845 from HARVS1789UK/dataquery-exists-sql-portability-fix
...
Bug Fix - Ensure DataQuery::exists() SQL is both valid MySQL and T-SQL
2021-02-10 10:21:42 -08:00
Antony Thorpe
77ecbd854d
Updated TreeDropdownField.php documentation
...
Updated code example for SS4
2021-02-09 16:27:13 +13:00
Joe Harvey
33365b92f3
Bug Fix - Ensure DataQuery::exists() SQL is both valid MySQL and T-SQL
...
The original SQL statement is not valid T-SQL for use with SQL Server
2021-02-08 17:22:20 +00:00
Maxime Rainville
9ca33950a2
API Add a CREATE_MEMORY_HYDRATED option to DataObject constructor ( #9767 )
2021-01-21 14:07:06 +13:00
3Dgoo
d1cca0f3fb
Fix DataQuery::exists() not working correctly
...
Fixes `DataQuery::exists()` not working correctly in some cases as discussed in #9809
2021-01-20 17:03:36 -08:00
Maxime Rainville
0dd59a1e7b
BUG Reset GridFieldFilterHeader grid state when search is cleared ( #9829 )
2021-01-21 13:47:40 +13:00
Maxime Rainville
54bdabd203
Merge branch '4.7' into 4
2021-01-20 12:57:01 +13:00
Maxime Rainville
d13d3a1134
Merge pull request #9818 from creative-commoners/pulls/4.7/check-object-for-key
...
FIX Type checking in objectForKey() to fix postgres bug
2021-01-20 12:41:49 +13:00
Maxime Rainville
17c6f98ba2
BUG Fix PostgreSQL issue in TreeMultiselectField where field would try to filter list by a blank ID
2021-01-20 12:23:09 +13:00