Mateusz Uzdowski
22095dae6c
API Hash autologin tokens before storing in the database.
...
Backported from 3.0, cc423c38fb
.
2012-11-09 12:03:55 +01:00
Ingo Schommer
59680b52e2
Added composer.json
2012-11-01 16:30:14 +01:00
Ingo Schommer
9e595db7f3
Changelogs
2012-10-30 17:00:41 +01:00
Ingo Schommer
6a06965b37
Merge pull request #881 from simonwelsh/2.4-5.4-fixes
...
Minor PHP5.4 fixes
2012-10-16 06:02:12 -07:00
Simon Welsh
4ff8cff262
Minor PHP5.4 fixes
...
Explictly excludes E_STRICT from live error level and handle arrays in a backtrace
output, rather than trying to convert to string.
2012-10-16 23:37:30 +13:00
Ingo Schommer
392543bde3
BUGFIX Don't' set 'Referer' header in FunctionalTest->get()/post() if its explicitly passed to the method
2012-10-16 10:17:10 +02:00
Ingo Schommer
46064f8f88
SECURITY More solid relative/site URL checks (related to "BackURL" redirection)
...
Return true for Director::is_absolute_url() checks if they're prefixed with two or more slashes (as browsers interpret this as a valid URL)
More solid URL checks in Director::is_site_url(), using a conservative parse_url() hostname comparison rather than Director::makeRelative(), which is not designed for security purposes
2012-10-16 10:17:07 +02:00
Ingo Schommer
2034927d31
Merge pull request #850 from willmorgan/patch-2
...
Fixed grammatical error for Form.FIELDISREQUIRED
2012-10-05 10:28:07 -07:00
Will Morgan
1c7b7d0ab5
Fixed grammatical error for Form.FIELDISREQUIRED
2012-10-05 18:04:38 +02:00
Ingo Schommer
201fb485a9
Merge pull request #797 from stozze/2.4-bugfix
...
BUGFIX Fix to prevent unintended results from getComponentsQuery(...)
2012-09-17 17:04:13 -07:00
stozze
8ec6312f3f
BUG Fix to prevent unintended results from getComponentsQuery(...)
...
Wrapped $filter inside parentheses to prevent unintended results if $filter contains "OR".
2012-09-14 18:25:29 +03:00
Ingo Schommer
33b9b18a4c
Merge pull request #722 from sonet/2.4
...
MINOR fixed array to string conversion to avoid PHP 5.4 warnings
2012-08-16 11:23:14 -07:00
Adam Skrzypulec
766987105d
MINOR fixed array to string conversion to avoid PHP 5.4 warnings
2012-08-15 11:40:40 -05:00
Will Rossiter
f6c69d5241
Update widget documentation ( fixes #706 )
2012-08-08 21:21:58 +12:00
Ingo Schommer
b211c38010
MINOR Manually testing exceptions in SSViewerCacheBlockTest to avoid PHPUnit 3.6 warnings
2012-05-14 17:25:10 +02:00
Andrew O'Neil
9bf3ae9a19
SECURITY: Ensure javascript content type is sent in form responses. If content type is html, and the javascript contains script tags within the content, this content will be executed.
2012-05-03 17:08:08 +02:00
Ingo Schommer
c1d2cd1293
MINOR Corrected Geoip entries for ex-Yugoslavia ... better late than never
2012-03-30 09:51:21 +02:00
Ingo Schommer
44b9d0560b
MINOR Backported bootstrap.php changes from master and cstom TeamCity configuration (required to run tests through phpunit binary)
2012-03-14 14:17:28 +01:00
Sam Minnee
921bf9a439
ENHANCEMENT: Ensure that forceSSL and protocol detection respects the X-Forwarded-Protocol header.
2012-02-03 09:39:10 +13:00
Ingo Schommer
bf4476a3be
API CHANGE silverstripe_version file now contains the plain version number, rather than an SVN path
2012-02-01 18:54:59 +01:00
Sam Minnee
af22d0743a
MINOR: On PHPUnit 3.6, show the output of tests.
2012-02-01 11:01:49 +13:00
Sam Minnee
5956ad82fc
MINOR: Amended PHPUnit execution to work with PHPUnit 3.6
2012-02-01 11:00:58 +13:00
Ingo Schommer
0085876495
BUGFIX Casting return values on text helper methods in StringField, Text, Varchar
2012-01-31 16:28:47 +01:00
Ingo Schommer
252e187015
SECURITY Escape links for SilverStripeNavigatorItem
2012-01-31 15:55:30 +01:00
Ingo Schommer
5fe7091dff
SECURITY Sanitize messages passed to generated JS calls in FormResponse::status_message(), e.g. to avoid XSS on 'Successfully published <page title>' messages
2012-01-31 15:54:59 +01:00
Sam Minnée
84f47f5c86
Merge pull request #63 from simonwelsh/patch-4
...
Documentation fix
2011-11-02 13:34:40 -07:00
Ingo Schommer
96bee47ab8
MINO Switching 'rewriteHashlinks' sanitization from Convert::raw2att() to strip_tags() to make the resulting PHP more portable when mode is set to 'php'
2011-10-18 10:54:30 +02:00
Ingo Schommer
16c32359c6
BUGFIX Escaping base URLs for anchor links rewritten by SSViewer::process() with the 'rewriteHashlinks' option enabled (which is a framework default, and necessary because of the use of a <base> tag). Also added escaping for base URLs rendered through the 'php' variation of 'rewriteHashlinks'
2011-10-18 10:18:29 +02:00
Ingo Schommer
6d6fdd24d9
ENHANCEMENT Added SSViewer::getOption() as a logical counterpart to SSViewer::setOption()
2011-10-17 18:00:30 +02:00
Sean Harvey
ad13f80f57
ENHANCEMENT Updated Windows installation documentation on using PHP Manager which takes out most of the PHP configuration effort.
2011-09-28 16:05:45 +13:00
Sean Harvey
7805e3e6d9
BUGFIX i18n::include_by_locale() assumes a themes directory always exists and causes error if that's not the case. Some projects don't require any themes, like pure applications.
2011-09-28 15:27:51 +13:00
simonwelsh
d0af084bb5
Fixes tag syntax (should end with %>, not >%)
2011-09-24 10:55:42 +12:00
Ingo Schommer
83ad8d48a9
ENHANCEMENT Added File.ShowInSearch flag to mirror the existing SiteTree.ShowInSearch flag - e.g. useful to limit visibility of user-uploaded files. Enforced in MySQLDatabase->searchEngine().
2011-09-15 16:13:02 +02:00
Ingo Schommer
73cca09960
BUGFIX Consistently using Convert::raw2sql() instead of DB::getConn()->addslashes() or PHP's deprecated addslashes() for database escaping
2011-09-15 14:43:34 +02:00
Will Rossiter
01b08a57c0
MINOR: removed incorrect getter/setter statements.
2011-09-07 13:09:03 +12:00
Sam Minnée
cc59effef6
Merge pull request #48 from simonwelsh/2.4
...
PHP5.4 Support
2011-08-25 03:11:24 -07:00
simonwelsh
0f91fb865b
Changes error reporting level to explicitly exclude E_DREPRECATED and E_STRICT, rather than xor.
2011-08-26 16:12:57 +12:00
simonwelsh
9ffa903d50
Adds missing semicolon for PHP5.4 support.
2011-08-26 16:11:06 +12:00
Will Rossiter
d42c115594
Merge pull request #46 from simonwelsh/patch-1
...
MINOR: removed references to Language Chooser which is only supported in 2.2.
2011-08-23 01:46:10 -07:00
simonwelsh
8342f6b20e
Removed references to Language Chooser Widget until it can be updated to work with the new translation model.
2011-08-24 16:42:56 +12:00
Sam Minnée
e126506ca2
Merge pull request #45 from madamimadam/2.4
...
Removed profanity
2011-08-22 01:46:58 -07:00
Adam Rice
d8c6bdac59
Removed profanity
...
Not only is profanity unprofessional but it can also be blocked by
corporate web filters (which is somewhat embarrassing when clients call
to ask why it is in their site)
2011-08-22 18:33:25 +10:00
Will Rossiter
0ef416112b
MINOR: fixed syntax error in FormAction example.
2011-08-20 05:10:03 +12:00
Ingo Schommer
217a689c6b
Merge pull request #36 from lku/cz_translations
...
MINOR Cz translations
2011-08-14 04:31:28 -07:00
Will Rossiter
62ed1386a3
MINOR: documentation fixes from comments provided by the community. See below for a list of fixes:
...
* fixed typo in Email documentation.
* updated link for tutorial code to be relative now that bug #6408 is fixed
* removed 2.3 related docs from 2.4 docs folder
* fixed typo with Orientation documentation
* updated old task url for images/flush
2011-08-11 13:55:27 +12:00
devel
46090cf094
fix language namespace
2011-06-09 15:48:05 +02:00
devel
5f3dde56f7
Add some CZ translations
2011-06-09 15:44:49 +02:00
Ingo Schommer
9d344a07d3
ENHANCEMENT Allowing filtered arguments on specific functions like mysql_connect() in SS_Backtrace
2011-05-30 18:06:41 +12:00
Ingo Schommer
1704e42d51
MINOR Return empty string from SQLQuery->sql() if SELECT is the default value, and no FROM is set (moved logic from DB-specific implementations)
2011-05-20 08:42:31 +12:00
Sean Harvey
01f5b3d212
BUGFIX Fixed MigrateSiteTreeLinkingTask not working correctly when CLRF newlines being used
2011-03-22 16:44:39 +13:00