Commit Graph

1107 Commits

Author SHA1 Message Date
Maxime Rainville
4ec1a682cf BUG Renable the ability to do dynamic assignment with DBField 2019-02-22 12:09:15 +13:00
Aaron Carlino
c44f06cdf1 [SS-2018-021] Patch SQL Injection vulnerability when arrays are assigned to DataObject Fields 2019-02-12 21:58:27 +13:00
Daniel Hensby
8359f3dc97
Merge branch '3.5' into 3.6 2018-04-18 13:14:07 +01:00
UndefinedOffset
36198c482e
Removed extra lookup of the list 2018-04-18 12:16:12 +01:00
UndefinedOffset
af3a9f3ec8
FIX: Duplicating many_many relationships looses the extra fields (fixes #7973) 2018-04-18 12:16:02 +01:00
Daniel Hensby
35f28a824a
Merge pull request #7922 from mooror/3.6 2018-03-12 13:18:23 +00:00
Benjamin Blake
6fb8d27ac5 Updated the DocBlock for ManyManyList's add() method 2018-03-11 14:49:17 -06:00
Damian Mooyman
96ec6e9181
Merge remote-tracking branch 'origin/3.5' into 3.6 2018-02-05 15:07:21 +13:00
Damian Mooyman
aca1e16b8e
Merge pull request #6211 from jason-zz/patch-3
BUG Fix : relObject() should return null if one of the node is null
2018-02-05 14:18:44 +13:00
Damian Mooyman
4da99efd5d
Merge remote-tracking branch 'origin/3.5' into 3.6 2018-01-31 16:03:42 +13:00
Dominik Beerbohm
416915b082 BUG tableName is blank in CompositeDBField->addToQuery
Added call to setTable() to ensure tableName is provided inside addToQuery method.
2018-01-26 14:58:46 +01:00
Damian Mooyman
e281c64fca
Merge remote-tracking branch 'silverstripe-security/3.5' into 3.6 2017-12-06 17:32:56 +13:00
Damian Mooyman
a8465900bd
Merge pull request #47 from silverstripe-security/patch/3.5/SS-2017-008
[SS-2017-008] FIX Make sure int params are successfull cast to int
2017-12-06 17:30:51 +13:00
Damian Mooyman
91cf85087b
Merge remote-tracking branch 'origin/3.5' into 3.6 2017-12-06 17:21:09 +13:00
Damian Mooyman
77b46672e2
Merge branch '3.5' into pulls/3.5/versioned-base-class 2017-12-06 11:37:46 +13:00
Daniel Hensby
2aa1d8f2c4
remove create_function usage 2017-12-05 14:20:13 +00:00
Daniel Hensby
84d7afb347
FIX Use baseDataClass for allVersions as with other methods 2017-12-05 13:02:20 +00:00
Daniel Hensby
badeb0cc8c
Merge branch '3.5' into 3.6 2017-11-25 16:17:36 +00:00
Daniel Hensby
0f2049d4d4
[SS-2017-008] Fix SQL injection in search engine 2017-11-21 14:45:36 +00:00
Ingo Schommer
d39e9b0bb0 Make DataDifferencer injectable
Requested by Steve Boyd
2017-11-20 15:47:35 +13:00
Daniel Hensby
ce3fd370fb
FIX ManyMany link table joined with LEFT JOIN 2017-11-16 12:11:16 +00:00
Daniel Hensby
4731d3c671
Merge branch '3.5' into 3.6 2017-11-14 12:00:53 +00:00
Daniel Hensby
264cec1239
FIX Dont use var_export for cache key generation as it fails on circular references 2017-10-09 10:13:39 +01:00
Daniel Hensby
29300c2c2d
Merge remote-tracking branch 'security/3.5.5' into HEAD 2017-09-28 15:48:29 +01:00
Dylan Wagstaff
ebe1de8d8b
Fix ArrayList sort error with old (supported) PHP
PHP 5.3 at least (the reported and tested against version) requires arguments to `call_user_func_array` to be passed by reference. There exists a note as a comment in the code, but was unfortunately overlooked in a previous commit to fix case sensitive sorting 4998b80445 (diff-6ba746c3d31fd6b4c4a99d7efe35eb21L442)

To solve this issue we simply first assign the constant to a variable, so we can then pass that by reference. This has no functional impact, however fixes an issue for users locked in to old PHP versions which we still list as supported (https://docs.silverstripe.org/en/3/getting_started/server_requirements/#web-server-software-requirements).
2017-09-28 15:29:54 +01:00
Daniel Hensby
7d90df38e5
Merge branch '3.5' into 3.6 2017-08-29 16:46:58 +01:00
Daniel Hensby
9d2503c3da Merge pull request #7274 from PapaBearNZ/patch-1
Fix Truncate Error Issue when using views in a Unittest.
2017-08-25 11:51:36 +01:00
Daniel Hensby
921f615e19
Merge branch '3.5' into 3.6 2017-08-17 14:14:31 +01:00
Daniel Hensby
eb80a5f9e8
FIX LastEdited no longer updated on skipped writes 2017-08-16 23:39:22 +01:00
James Pluck
b04a1ab41c Fix Truncate Error Issue when using views in a Unittest.
When using a view in a SilverStripe project, whenever the tear down scripts for the Unittests are run the following error occurs:

Couldn't run query:
TRUNCATE "ActivityPoints_view"
Table 'ss_tmpdb2391727.ActivityPoints_view' doesn't exist

This was due to the MySQLSchemaManager::tableList() function assuming that all records in the TABLES were actual tables containing data.

This small tweak fixes the issue by modifying the SQL to filter out views from the list before truncating.
2017-08-14 15:22:19 +12:00
Russell Michell
59b28f7d5b FIX: Fixes #7181 to config system for userland config of node display limits. 2017-08-07 10:55:38 +12:00
Daniel Hensby
90be7e806d
Merge branch '3.5' into 3.6 2017-07-19 15:40:01 +01:00
Daniel Hensby
7b6aad8a65 Revert "TreeDropDown performance boost." 2017-07-19 12:44:43 +01:00
Daniel Hensby
7e732da709
Merge branch '3.5' into 3.6 2017-07-18 12:00:04 +01:00
Roman Schmid
a6db16b229 Fix OS X issue with Convert::html2raw, HTMLText::FirstSentence, HTMLText::Summary and Text::FirstSentence.
Use unicode modifier for regular expressions that deal with whitespace.
Added unit-tests to ensure no invalud utf-8 gets generated by these methods.
2017-07-10 09:49:55 +02:00
Daniel Hensby
1e5592a3d9
Merge branch '3.5' into 3.6 2017-06-27 13:14:39 +01:00
Mojmir Fendek
5b6a39e71a TreeDropDown performance boost. 2017-06-19 15:10:23 +12:00
Loz Calver
2afe018dc7
FIX: Ensure HasManyList foreign ID filter includes table name (fixes #7023) 2017-06-15 12:06:30 +01:00
Marcz Hermo
1073eca2fa Bugfix: Complex (curly) syntax 2017-06-15 00:03:55 +12:00
Daniel Hensby
cda7e8dc39
Merge remote-tracking branch 'security/3.5.4' into 3.6.0 2017-05-29 01:29:05 +01:00
Daniel Hensby
24166700e8
Merge remote-tracking branch 'security/3.4.6' into 3.5.4 2017-05-29 01:02:35 +01:00
Daniel Hensby
16a74bc8a9
FIX DataDifferencer needs to expliclty cast HTMLText values 2017-05-29 00:10:32 +01:00
Robbie Averill
197bc53c49 FIX Add transparency percent argument to Image::generatePad to ensure transparency works from ::Pad 2017-05-16 21:20:21 +12:00
Daniel Hensby
793a020ce9
Merge branch '3.4' into 3.5 2017-05-08 11:31:33 +01:00
Gregory Smirnov
1d36f354e8 FIX Create Image_Cached with Injector. 2017-04-26 10:40:10 +02:00
Daniel Hensby
8e600bfb37
Merge branch '3.5' into 3 2017-04-18 16:45:20 +01:00
Loz Calver
40bf945322 NEW: PHP 7 compatibility
This patch introduces PHP 7 compatability without breaking semver by adding DBInt
and DBFloat classes, with Int/Float classes that are only loaded into PHP 5 environments
2017-04-05 11:00:04 +10:00
Daniel Hensby
51f98c973f
Merge branch '3.5' into 3 2017-04-03 22:57:58 +01:00
Loz Calver
b3d37880e9
FIX: many_many_extraFields breaks _SortColumn0 ordering (fixes #6730) 2017-03-27 09:16:13 +01:00
Damian Mooyman
66a9694011 Merge branch '3.5' into dblib-pdo 2017-03-20 11:49:02 +13:00