Christopher Darling
e9b833f5f0
FIX: ConfirmedPassword field correctly reports mismatching passwords
...
added testFormValidation to prove #4780
2015-11-20 15:56:27 +00:00
Damian Mooyman
245e0aae2f
[ss-2015-026]: BUG Fix FormField error messages not being encoded safely
2015-11-11 17:50:02 +13:00
Ingo Schommer
ac4342d81d
[ss-2015-022]: XML escape RSSFeed $link parameter
2015-11-11 17:46:39 +13:00
Damian Mooyman
97f21fddb3
[ss-2015-021] Fix rewrite hash links XSS
2015-11-11 17:46:27 +13:00
Damian Mooyman
7367cf54c4
[ss-2015-020]: Prevent possible Privilege escalation
2015-09-10 13:01:24 +12:00
Will Morgan
17e97babf1
Merge pull request #4549 from kinglozzer/pulls/recursion-arraylist-sort
...
FIX: Recursion errors when sorting objects with circular dependencies (fixes #4464 )
2015-09-01 16:42:17 +01:00
Loz Calver
0943b3b1a0
FIX: Recursion errors when sorting objects with circular dependencies ( fixes #4464 )
2015-09-01 09:37:06 +01:00
Ingo Schommer
28554dbe94
Merge pull request #4504 from dhensby/pulls/fields-fix
...
When loading data into a form, make sure its using ALL fields
2015-08-28 08:38:49 +12:00
Daniel Hensby
cffb11e568
TEST Ensure data is loaded into complete FieldList
2015-08-27 17:56:22 +01:00
Daniel Hensby
2d4b743090
FIX Members can access their own profiles in CMS
2015-08-26 15:47:51 +01:00
Loz Calver
99a8a81e9a
Fix issues with tests and "subfolder" URLs
2015-08-25 11:49:01 +12:00
Daniel Hensby
6eede57ff2
Fix issue where Access All CMS Sections doesnt work
2015-08-20 22:30:43 +01:00
Loz Calver
687de33d0d
Ensure ClassInfo is backwards compatible with non-existant classes
2015-08-04 15:07:07 +01:00
Daniel Hensby
ffbeac6b7d
Ensuring classinfo is case insensitive
2015-07-28 11:17:50 +01:00
Daniel Hensby
5f0d0ab66a
Merge pull request #4155 from kinglozzer/pulls/getfiletype-case
...
FIX: File::getFileType() was case sensitive (fixes #3631 )
2015-07-28 00:13:26 +01:00
Russell
51722e3d12
DataObject accept arrays or stdClass
...
The constructor of DataObject can take an array or stdClass for $record.
However, it is access as an array [here](https://github.com/silverstripe/silverstripe-framework/blob/3.1/model/DataObject.php#L416 ) and [here](https://github.com/silverstripe/silverstripe-framework/blob/3.1/model/DataObject.php#L431 )
This pull request ensures $record is an array after validation
2015-07-27 10:29:34 +01:00
Sam Minnée
532bf6ccb9
Merge pull request #3554 from tractorcow/pr/3179
...
FIX: FulltextFilter did not work and was not usable
2015-07-22 11:29:57 +12:00
Sam Minnée
40e9515233
Merge pull request #4053 from tractorcow/pulls/3.1/fix-stringfield-exists
...
BUG Fix default casted (boolean)false evaluating to true in templates
2015-07-22 11:26:49 +12:00
Damian Mooyman
a556b4854a
BUG Fix of multiple i18nTextCollector issues: #3797 , #3798 , #3417
2015-07-09 10:45:08 +12:00
Hamish Friedlander
f5d6f20113
Merge pull request #4333 from sminnee/shortcode-fix
...
Allow shortcodes inside script tags. Fixes #4332 .
2015-06-25 14:51:03 +12:00
Sam Minnee
6d05c57881
Ensure that shortcodes inside script tags are parsed. Fixes #4332 .
...
The problem is that the marker images aren’t picked up by DOMDocument
if they are inserted into a <script> tag, due to the semantics of HTML.
This fix does an additional replacement after the marker images are
replaced in this way to pick up any leftover tags.
2015-06-22 11:29:12 +01:00
Daniel Hensby
aa3871d716
Merge pull request #4306 from gregsmirnov/pulls/3.1/fixed-datetimefield-setname-issue-4305
...
Issue #4305 : fixed DatetimeField::setName()
2015-06-18 22:10:13 +01:00
Gregory Smirnov
5b22e3afc5
Test TimeField value at 12:00 am
2015-06-18 18:53:44 +02:00
Gregory Smirnov
66b1dd9154
Issue 4305: fixed DatetimeField::setName()
2015-06-18 18:36:02 +02:00
Damian Mooyman
0653ba9630
Merge pull request #3979 from dhensby/pulls/test-nest
...
Nest and unnest Config and Controller for each test
2015-06-17 16:04:27 +12:00
Daniel Hensby
6169bf2760
FIX No longer caching has_one after ID change
2015-06-16 17:38:34 +01:00
Damian Mooyman
7ff131daa7
BUG Fix default casted (boolean)false evaluating to true in templates
2015-06-12 15:47:15 +12:00
Damian Mooyman
782c4cbf6f
API Enable single-column fulltext filter search as fallback
2015-06-12 15:36:03 +12:00
micmania1
40c5b8b675
FIX FulltextFilter did not work and was not usable
2015-06-12 15:31:45 +12:00
Loz Calver
28be51cab0
FIX: Config state leaking between unit tests
2015-06-11 16:37:26 +01:00
Daniel Hensby
3ee5b24898
Nest and unnest Config and Controller for each test and test suite
2015-06-11 16:37:25 +01:00
Daniel Hensby
c062670ba3
Removing unreachable test line
2015-06-09 16:01:33 +01:00
Damian Mooyman
b42ddd107c
Merge pull request #3499 from colymba/ie-multi-file-upload-fix
...
FIX #3458 iframe transport multi file upload FIX #3343 , FIX #3148
2015-06-09 13:22:10 +12:00
Ingo Schommer
dac1b5818b
Merge pull request #4217 from tractorcow/pulls/3.1/fix-directortest
...
BUG Fix DirectorTest failing when run with sake
2015-06-01 17:34:26 +12:00
Damian Mooyman
e733efa195
Merge pull request #4206 from gregsmirnov/pulls/localised-moneyfield-fix
...
BUG Fixed handling of numbers in certain locales
2015-05-29 09:21:43 +12:00
Damian Mooyman
50e33b8e5e
Merge remote-tracking branch 'origin/3.1.13' into 3.1
2015-05-28 19:08:12 +12:00
Damian Mooyman
0a8f328947
Fix merge / test regressions
2015-05-28 16:59:05 +12:00
Damian Mooyman
a978b891e1
BUG Fix handling of empty parameter token
2015-05-28 10:13:10 +12:00
Damian Mooyman
79cfa2bb64
Bug fix sqlquery select
2015-05-28 10:11:32 +12:00
Gregory Smirnov
94f6a13729
BUG Fixed setting LastEdited for DataObject with class ancestry
2015-05-22 11:32:59 +02:00
Damian Mooyman
e0710ae4e4
BUG Fix DirectorTest failing when run with sake
2015-05-22 14:48:35 +12:00
Gregory Smirnov
f9bdf61b6f
BUG Fixed handling of numbers in certain locales
2015-05-20 12:18:34 +01:00
Jonathon Menz
c6bcfea3e3
BUG: FieldList::changeFieldOrder() leftovers discarded
...
Logical error. Use of + operator means items from second array are only merged if the key does not already appear in the first array. The first array has numeric keys 0,1,2 etc. The second array is keyed by field name, but array_values() resets the keys to be numberic starting at 0. This means that some or all leftovers are discarded instead of appended.
2015-05-17 09:09:35 -07:00
Daniel Hensby
e94c2a944e
Test to prove having count issue
2015-05-07 21:26:11 +01:00
Loz Calver
1cca37c908
FIX: File::getFileType() was case sensitive ( fixes #3631 )
2015-05-04 15:10:16 +01:00
Damian Mooyman
8e24511266
BUG Fix users with all cms section access not able to edit files
...
Fixes #4078
2015-04-20 18:20:56 +12:00
Damian Mooyman
7f983c2bae
BUG Fix SS-2014-017
2015-03-20 18:27:30 +13:00
Damian Mooyman
80fc55decf
Merge branch 'xss-fix' into '3.1'
...
Xss fix
See merge request !3
2015-03-20 18:19:53 +13:00
Christopher Pitt
604c328712
Fixed XSS vulnerability relating to rewrite_hash
2015-03-20 18:17:51 +13:00
Damian Mooyman
b34c236b3c
BUG Fix joins on tables containing "select" being mistaken for sub-selects
...
Fix PHPDoc on SQLQuery::addFrom and SQLQuery::setFrom
Fixes #3965
2015-03-18 16:10:07 +13:00