tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-09-07 02:01:24 +02:00
Code Issues Projects Releases Wiki Activity
21,002 Commits 29 Branches 525 Tags 151 MiB
eaa69530be
Commit Graph

21002 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Serge Latyntcev
eaa69530be DOC CMS 3.x file migration section about versioned files 2020-04-14 10:53:21 +12:00
Stevie Mayhew
92acc764f7
Merge pull request #9327 from kinglozzer/9259-session-restart 
FIX: Session::restart() didn't correctly restart session (fixes #9259)
 2019-11-21 11:52:36 +13:00
Loz Calver
453945da14 FIX: Session::restart() didn't correctly restart session (fixes #9259) 2019-11-20 14:21:30 +00:00
Robbie Averill
bd658ca745
Merge pull request #9305 from tractorcow/pulls/4.3/action-title 
BUG FormAction title property cannot be set if useButtonTag is false
 2019-11-14 09:06:46 -08:00
Damian Mooyman
e76601e5c8
BUG FormAction title property cannot be set if useButtonTag is false 2019-10-29 17:21:45 +13:00
Serge Latyntsev
c7597ad265
Merge pull request #9293 from open-sausages/pulls/4.3/psr2-fix 
PSR2 linting fixes
 2019-10-18 15:52:06 +13:00
Serge Latyntcev
46b9530d88 PSR2 linting fixes 2019-10-18 15:31:39 +13:00
Serge Latyntsev
71f810516c
Merge pull request #9275 from open-sausages/pulls/4.3/obfuscated-email-names 
FIX DebugViewFrendlyErrorFormatter handle of admin_email
 2019-10-04 11:27:17 +13:00
Serge Latyntcev
7db524bd90 FIX DebugViewFrendlyErrorFormatter handle of admin_email 2019-10-04 10:26:54 +13:00
Serge Latyntcev
26a4fb38ba Added 4.3.6 changelog 2019-09-24 17:20:48 +12:00
Aaron Carlino
8ee5e621fd DOCS: Add docs for versioned files migration 2019-09-24 16:00:51 +12:00
Serge Latyntcev
5af205993d [CVE-2019-12617] Fix access escalation for CMS users with limited access through permission cache pollution 2019-09-24 16:00:51 +12:00
Serge Latyntcev
569237c0f4 [CVE-2019-12203] Session fixation in "change password" form 
A potential account hijacking may happen if an attacker has physical access to
victim's computer to perform session fixation. Also possible if the targeted application contains an XSS vulnerability.
Requires the victim to click the password reset link sent to their email.
If all the above happens, attackers may reset the password before the actual user does that.
 2019-09-24 16:00:51 +12:00
Aaron Carlino
99ab3c6421 DOCS: Add FileShortcodeProvider change to changelog 2019-09-24 16:00:51 +12:00
Guy Marriott
aa7c057422
FIX: Don't force-add view button to readonly GridField (fixes #… (#9254) 
FIX: Don't force-add view button to readonly GridField (fixes #9249)
 2019-09-23 10:31:25 -07:00
Guy Marriott
190b2f2842
FIX: run member CMS validator when editing via groups (fixes #9… (#9255) 
FIX: run member CMS validator when editing via groups (fixes #9184)
 2019-09-23 10:28:38 -07:00
Loz Calver
efdb9cc718 FIX: run member CMS validator when editing via groups (fixes #9184) 2019-09-23 16:59:58 +01:00
Loz Calver
d85ff3bc44 FIX: Don't force-add view button to readonly GridField (fixes #9249) 2019-09-23 16:52:47 +01:00
Guy Marriott
109ac3f75f
Allow non summary fields to be used as grid field export fields (#9248) 
Allow non summary fields to be used as grid field export fields
 2019-09-18 15:33:25 -07:00
Hayden Shaw
daf9d55ecb Allow non summary fields to be used as export fields 
Fixes regression in 3d989a6eae.
 2019-09-19 10:00:54 +12:00
Robbie Averill
066ce8e01c Merge branch '4.2' into 4.3 
# Conflicts:
 #	src/View/ThemeResourceLoader.php
 2019-09-13 18:10:37 -07:00
Andre Kiste
cf90cfdd2a
Merge pull request #9221 from open-sausages/pulls/4.3/recursive-writeComponent 
BUG Allow infinite loop when calling DataObject::writeComponent() recursively
 2019-09-12 17:18:08 +12:00
Maxime Rainville
591b88a9bc BUG Allow infinite loop when calling DataObject::writeComponent() recursively 2019-09-10 14:15:28 +12:00
Robbie Averill
41a766d135
Merge pull request #9085 from kinglozzer/9084-path-join-exception 
Catch Path::join() exceptions in findTemplate() (fixes #9084)
 2019-09-06 12:00:39 -07:00
Robbie Averill
aec5051a24
Merge pull request #9206 from creative-commoners/pulls/4.3/strip-bom-on-csv-import 
FIX Byte Order Marks (BOM) are now stripped when importing CSV files
 2019-09-03 09:55:38 -07:00
Robbie Averill
0b991cc039
Merge pull request #9198 from elabuwa/pulls/4.3/bug-fix-html-entities-breadcrumbs-in-group 
Bug : Add html_entity_decode to group parents
 2019-08-30 09:51:52 +12:00
Dileep Ratnayake
fe4eb5dd2a
Update src/Security/Group.php 
Co-Authored-By: Maxime Rainville <maxime@rainville.me>
 2019-08-29 15:44:41 +12:00
Robbie Averill
77ba8391c4 FIX Byte Order Marks (BOM) are now stripped when importing CSV files 2019-08-29 14:54:57 +12:00
Maxime Rainville
4cfce30842
Merge pull request #9204 from open-sausages/pulls/4.3/remove-dumb-place-holder-text 
BUG Remove placeholder text on new group form
 2019-08-29 09:05:38 +12:00
Maxime Rainville
73f43c6f42 BUG Remove placeholder text on new group form 2019-08-28 17:14:19 +12:00
Dileep Ratnayake
9b7075ed5d
Update Group.php 2019-08-27 16:22:00 +12:00
Dileep Ratnayake
a976a1688b
Update Group.php 
move to private method
 2019-08-27 16:21:08 +12:00
Dileep Ratnayake
40e5c4ec59
Update Group.php 
use of convert::raw2xml, rename $grp to $group
 2019-08-27 16:19:40 +12:00
Dileep Ratnayake
4f8240bd48
Update src/Security/Group.php 
Co-Authored-By: Andre Kiste <bergice@users.noreply.github.com>
 2019-08-27 12:19:03 +12:00
Dileep Ratnayake
f7a602137a
add html_entity_decode to breadcrumbs 2019-08-27 11:49:17 +12:00
Robbie Averill
d63e4b520c Merge branch '4.2' into 4.3 2019-08-14 09:30:41 +12:00
Robbie Averill
2e2c56249e
Merge pull request #9147 from webbuilders-group/sort-order-fix 
BUGFIX: Fixed issue where multiple relationship sort order columns would be lost in favor of only the last relationship column in the sort order
 2019-08-14 09:29:20 +12:00
Robbie Averill
05d5db43f3
Merge pull request #9173 from creative-commoners/pulls/4.3/column-content-for-print-csvs 
FIX Use content generated by DataColumns component for print and csv export
 2019-08-09 15:21:50 +12:00
Guy Marriott
3d989a6eae
FIX Use content generated by DataColumns component for print and csv export 2019-08-09 15:04:38 +12:00
Loz Calver
6f19cb3a83
Merge pull request #9152 from creative-commoners/pulls/4.3/session-exists-check 
FIX Prevent setting session value when no session exists yet
 2019-07-30 09:42:45 +01:00
Robbie Averill
5c794dfcdd FIX Prevent setting session value when no session exists yet 2019-07-29 17:16:01 +02:00
UndefinedOffset
c1ffc4edfb Added unit tests for multiple relationship sorting 2019-07-29 10:45:10 -03:00
UndefinedOffset
40cd66852e BUGFIX: Fixed issue where multiple relationship sort order columns would be lost in favor of only the last relationship column in the sort order 2019-07-26 11:54:10 -03:00
Robbie Averill
2d2b0b82f0 DOCS Fix incorrect rendering of note on list item 
[ci skip]
 2019-07-25 12:03:12 +02:00
Robbie Averill
c7b15eaef5 Merge branch '4.2' into 4.3 2019-07-19 10:45:29 +02:00
Garion Herman
9efe9e96eb
Merge pull request #9123 from open-sausages/pulls/4.3/increase-memory-limit-max 
FIX core memory limit test
 2019-07-12 17:08:42 +12:00
Serge Latyntcev
fcd7a1e63e FIX core memory limit test 2019-07-12 16:30:25 +12:00
Guy Marriott
b01dc580e1
FIX Protect against undefined index when using nullifyEmpty opt… (#9090) 
FIX Protect against undefined index when using nullifyEmpty option
 2019-06-27 11:19:42 +12:00
Robbie Averill
c76d3a5db1 FIX Protect against undefined index when using nullifyEmpty option 2019-06-26 09:26:36 +12:00
Loz Calver
b1551a687d Catch Path::join() exceptions in findTemplate() (fixes #9084) 2019-06-21 09:40:18 +01:00