Commit Graph

12350 Commits

Author SHA1 Message Date
Ingo Schommer
18ae4c5db6 Returning 404 on /Security, instead of Controller.ss template
We shouldn't expose unsolicited content on public URLs,
mainly because it impacts SEO.
2013-08-20 21:12:55 +02:00
Ingo Schommer
46362175f0 Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-08-20 20:59:31 +02:00
Ingo Schommer
a592c36adf Merge remote-tracking branch 'origin/3.0' into 3.1.0
Conflicts:
	docs/en/changelogs/index.md
2013-08-20 20:49:01 +02:00
Ingo Schommer
699cbfe851 Merge branch '3.1.0' into 3.1
Conflicts:
	thirdparty/jquery-entwine/dist/jquery.concrete-dist.js
	thirdparty/jquery-entwine/spec/SpecRunner.html
	thirdparty/jquery-entwine/spec/spec.entwine.eventcapture.js
	thirdparty/jquery-entwine/spec/spec.entwine.namespaces.js
	thirdparty/jquery-entwine/src/domevents/jquery.entwine.domevents.addrem.js
	thirdparty/jquery-entwine/src/jquery.entwine.eventcapture.js
	thirdparty/jquery-entwine/src/jquery.entwine.js
	thirdparty/jquery-entwine/src/jquery.focusinout.js
2013-08-20 16:58:40 +02:00
Ingo Schommer
a2f9af54c7 Merge pull request #2340 from hafriedlander/fix/memleaks
Fix some memory leaks in 3.1.0 admin
2013-08-20 07:28:14 -07:00
Ingo Schommer
2fd5558a70 Fixed "insert image" behat feature
Was using wrong button label, and ignoring the
"unsaved changes" warning dialog
2013-08-20 16:19:30 +02:00
Ingo Schommer
351c1168b6 Merge pull request #2314 from mateusz/required-attrs
HTML5 required attributes on default fields, add validator to the login form
2013-08-20 06:40:58 -07:00
Ingo Schommer
79d633a320 Merge pull request #2335 from evjan/3.1
Corrected parameters in model relations example
2013-08-20 06:28:35 -07:00
Ingo Schommer
99da5cd198 Merge pull request #2336 from hafriedlander/fix/flush_30
FIX Double slashes in ParameterConfirmationToken
2013-08-20 06:26:44 -07:00
Ingo Schommer
a1419b2f7e Updated entwine dependency
And removed unnecessary files, just adds
to the security surface of the webroot.
2013-08-20 15:19:51 +02:00
Ingo Schommer
6627a19994 Merge branch 'context-menu' of https://github.com/adrexia/framework into adrexia-context-menu
Conflicts:
	admin/scss/_tree.scss
2013-08-20 15:04:02 +02:00
Hamish Friedlander
68d8ec31a5 FIX Memory leaks in jstree drag & drop 2013-08-20 16:07:54 +12:00
Hamish Friedlander
fda4b91d06 FIX Make sure CurrentXHR is set back to null on completion 2013-08-20 15:49:37 +12:00
Hamish Friedlander
e282f0b661 FIX Two memory leaks with HtmlEditorField
We werent calling tinyMCE.Editor.destroy, which is needed to
clean up event bindings. The advanced theme also wasnt cleaning
up after itself on destroy properly
2013-08-20 15:49:04 +12:00
Hamish Friedlander
13377ee4bd Update jQuery Entwine to latest to pull memory leak fix 2013-08-20 15:17:50 +12:00
Naomi Guyer
e6b06cade4 BUG: Context menu too long - CSS only (Fixes CMS #811) 2013-08-20 11:35:22 +12:00
Hamish Friedlander
4a7aef0e25 FIX Double slashes in ParameterConfirmationToken 2013-08-19 11:35:34 +12:00
Peter Evjan
76cf3c3ed9 Corrected parameters in model relations example
An identifier needs to be specified when creating an object with relations, but the example had omitted that.
2013-08-18 13:24:54 +10:00
Will Rossiter
1621d6afde Merge pull request #2316 from chillu/pulls/editor-brokenlink
Render broken link in HtmlEditorField
2013-08-17 17:01:14 -07:00
Will Rossiter
c7bdfcd76a Merge pull request #2293 from robert-h-curry/empty-arraylist
Preempt fatal errors when making some function calls on an empty ArrayList
2013-08-17 16:53:48 -07:00
Ingo Schommer
3690ae1658 Merge remote-tracking branch 'origin/3.0' into 3.1
Conflicts:
	docs/en/changelogs/index.md
2013-08-16 17:12:12 +02:00
Ingo Schommer
02cc662aaf More specific entwine rule for delete alert in GridField
The rule didn't apply in Firefox because of how it handles specificity,
so made it a bit more specific (added "button" and ".action")
2013-08-16 16:06:31 +02:00
Ingo Schommer
d325551079 Merge remote-tracking branch 'origin/3.1.0' into 3.1 2013-08-16 13:36:34 +02:00
Ingo Schommer
de3b1b22d3 Fixed behat tests for confirming grid field dialogs 2013-08-16 13:34:23 +02:00
Ingo Schommer
362d35742f Fixed behat tests to confirm file deletion dialog 2013-08-16 13:34:23 +02:00
Naomi Guyer
fb67181366 BUG: Context menu too long - CSS only (Fixes CMS #811) 2013-08-16 13:34:23 +02:00
Ingo Schommer
acc07e67ea Merge pull request #2318 from micmania1/2317-gridfieldfilterheader-duplicate-fields
Added gridField->getName() to field names to avoid duplication
2013-08-15 15:44:17 -07:00
Sean Harvey
ee509c905c Merge pull request #2326 from chillu/pulls/mysql-create-db-utf8
UTF8 defaults for MySQLDatabase->createDatabase()
2013-08-15 15:40:35 -07:00
Ingo Schommer
b6b06945d0 Merge pull request #2320 from jbridson/3.1
MINOR: ISSUE-19 CWP Accessibility fixes - Added macron to Māori toggle b...
2013-08-15 14:35:25 -07:00
Ingo Schommer
74f65540a2 Validate 'archiveDate' user data in Versioned
Not a security issue as such, since the user input is sanitized
before being used in Versioned->augmentSQL(). But it shouldn't
reach the session state either, since that's commonly assumed
to be sanitized data, and it leaves unnecessary room for error.

strtotime() has fairly loose validation rules around dates,
but its a good "first line of defence".
2013-08-15 22:17:38 +02:00
Ingo Schommer
a6fef9335d Merge pull request #2327 from ARNHOE/3.1-textcollectorupdate2
BUG Added _config as valid module folder in TextCollector
2013-08-15 13:02:38 -07:00
Arno Poot
537ee24bd3 BUG Added _config as valid module folder in TextCollector 2013-08-15 21:47:09 +02:00
Ingo Schommer
eb17cf3eb9 Merge pull request #2275 from ARNHOE/3.1-updatefieldgroupstyle
BUG Fieldgroup styling
2013-08-15 12:14:05 -07:00
Ingo Schommer
0e40b779c9 UTF8 defaults for MySQLDatabase->createDatabase()
Doesn't have much effect in practice, because charset and collation
are already hardcoded on an ALTER TABLE level (field definitions),
which take priority. Since most MySQL installs will still default
to a latin1 encoding, this propagates to the table though,
confusing devs and in some cases causing wrong data.

Example: A MSSQL->MySQL DB migration tool used the table metadata
to determine the charset, creating encoding issues.

In terms of hardcoding, we don't really support anything other than UTF8,
and the field-level settings are already hardcoded.

We should probably remove the field-specific settings and rely
on the DB defaults, but that's a sensitive API change
(need to set on existing DBs during upgrade).
2013-08-15 12:49:15 +02:00
Will Rossiter
5032c97672 Merge pull request #2323 from chillu/pulls/optionset-label-for
No <label for> on OptionsetField/CheckboxSetField holder
2013-08-14 02:05:40 -07:00
Will Rossiter
e046846fa1 Merge pull request #2324 from silverstripe-rebelalliance/sapphireChange
Updating old reference of sapphire to framework
2013-08-13 23:13:36 -07:00
Kirk Mayo
6bb9386159 BUG: Updating old reference of sapphire to framework 2013-08-14 12:18:55 +12:00
Ingo Schommer
6352201738 No <label for> on OptionsetField/CheckboxSetField holder
It produces invalid HTML since the "for" attribute doesn't
map to any HTML input field. Each individual checkbox or radio button
input element has its own <label for>
2013-08-13 18:05:11 +02:00
Jeremy Bridson
cf75166d83 MINOR: ISSUE-19 CWP Accessibility fixes - Added macron to Māori toggle button for translations on the CWP demo site. 2013-08-12 15:39:00 +12:00
Mateusz Uzdowski
085d2e62cb BUG MemberLoginForm fields should be tagged as required. 2013-08-12 09:32:03 +12:00
Mateusz Uzdowski
090f07d978 BUG Apply HTML5 required attributes when fields are required. 2013-08-12 09:32:03 +12:00
micmania1
8ce50c3ae6 Added gridField->getName() to field names to avoid duplication 2013-08-09 22:57:48 +01:00
Ingo Schommer
fd2a0cd1f9 Updated translations 2013-08-09 15:33:01 +02:00
Ingo Schommer
79205f7d43 Render broken link in HtmlEditorField
Regression: 2.4 had this in the default cms/css/editor.css,
which got moved to the simple theme at some point,
where this styling was removed.
2013-08-09 11:51:18 +02:00
Hamish Friedlander
0918cd2092 Remove SiteTree link tracking out of HtmlEditorField 2013-08-09 11:24:10 +02:00
Ingo Schommer
810f505924 Merge pull request #2315 from jbridson/patch-2
Fixed Grammatical errors and issues where sentences didn't make sense.
2013-08-09 02:04:01 -07:00
jbridson
1ce0a0d2b9 Fixed Grammatical errors and issues where sentences didn't make sense. 2013-08-09 15:22:03 +12:00
Sam Minnee
3510b60ab8 Added 3.1.0-rc1 changelog 2013-08-09 14:25:58 +12:00
Sean Harvey
f9dca6f857 Merge pull request #2313 from jbridson/patch-1
Fixed issue with inconsistent use of punctuation and wording of Tutorial...
2013-08-08 19:22:16 -07:00
jbridson
0c4ff76921 Fixed issue with inconsistent use of punctuation and wording of Tutorial 5 summary 2013-08-09 14:20:41 +12:00