Commit Graph

8696 Commits

Author SHA1 Message Date
Ingo Schommer
eeef41e91f SECURITY Fixed remote code execution vuln in install.php due to inserting unescaped user data into mysite/_config.php. Not critical because install.php is required to be removed on a SilverStripe installation anyway (fixes #7205) 2012-05-16 14:59:42 +02:00
Ingo Schommer
8f2ede8fcf MINOR Fixed syntax errors from SQLQuery/DataQuery cleanup 2012-05-16 13:17:19 +02:00
Ingo Schommer
4da9e72eed Merge branch 'master' of github.com:silverstripe/sapphire 2012-05-16 13:09:42 +02:00
Sean Harvey
8407c76b82 Merge pull request #451 from chillu/security-docs
Improved security docs around DataList, SQLQuery
2012-05-16 03:48:50 -07:00
Ingo Schommer
dfa01c8ce1 Merge pull request #446 from adrexia/sapphire
---

MINOR: SCSS refactoring
1. Refactored some gridfield styles to enable reuse (created a mixin file to hold mixins that generate specific css objects/elements).
2. Made some scss comments use // so they wouldnt appear in generated css

ENHANCEMENT: Gridfield usability (fixes 7215)
1. Modified gridfield to use default colours
2. Added ability to show and hide the filter
3. Design changes to icons used
4. Gridfield template fixes: Took out broken mark-up from templates (spans were being inserted inside spans), and adjusted styles. Added extra class to template
5. Added "filter by ..." placeholder text to input fields

Conflicts:
	css/GridField.css
2012-05-16 12:29:13 +02:00
Ingo Schommer
3a11c690ed MINOR Updated security documentation (phpdoc and markdown) around new DataList and SQLQuery APIs, additional automatic escaping on some stricter inputs like column names 2012-05-16 11:59:22 +02:00
Ingo Schommer
6e99e187b4 MINOR Css coding conventions for CMS 2012-05-16 11:38:20 +02:00
Ingo Schommer
51eb70781b Merge pull request #450 from adrexia/file-upload-status
BUGFIX: Re-add status for successful upload
2012-05-16 00:42:00 -07:00
Ingo Schommer
c01cfddc66 Merge pull request #449 from adrexia/broken-pagination
BUGFIX: Fix pagination buttons
2012-05-16 00:35:28 -07:00
Naomi Guyer
b2fc117983 BUGFIX: Re-add status for successful upload 2012-05-16 18:10:12 +12:00
Naomi Guyer
7363d8bc47 BUGFIX: Fix pagination buttons
Disable ability to click on disabled pagination buttons
2012-05-16 17:39:00 +12:00
Naomi Guyer
6c8dbe1a56 BUGFIX: Fix where filter appears
Make filter only appear in GridFields that include the
GridFieldFilterHeader component
2012-05-16 16:50:11 +12:00
Sean Harvey
4e8b1538a2 Merge pull request #447 from ajoneil/blowfish-fix
BUGFIX: Fix checking for flawed blowfish encryption
2012-05-15 21:42:01 -07:00
Andrew O'Neil
becdd85421 BUGFIX: Fix checking for flawed blowfish encryption 2012-05-16 16:40:12 +12:00
Naomi Guyer
458171ff92 ENHANCEMENT: Gridfield usability (fixes 7215)
1. Modified gridfield to use default colours
2. Added ability to show and hide the filter
3. Design changes to icons used
4. Gridfield template fixes: Took out broken mark-up from templates
(spans were being inserted inside spans), and adjusted styles. Added
extra class to template
5. Added "filter by ..." placeholder text to input fields
2012-05-16 12:18:23 +12:00
Naomi Guyer
5a023f985d MINOR: SCSS refactoring
1. Refactored some gridfield styles to enable reuse (created a mixin
file to hold mixins that generate specific css objects/elements).
2. Made some scss comments use // so they wouldn't appear in generated
css
2012-05-16 12:18:00 +12:00
Ingo Schommer
f01ca808db MINOR More robust path concat in HtmlEditorField.js (means it doesn't break with translatable module enabled) 2012-05-16 00:10:08 +02:00
Sean Harvey
5010d95cfa Merge pull request #442 from halkyon/installer_check_finfo
BUGFIX Warn if finfo not available in the installer
2012-05-15 14:20:52 -07:00
Sean Harvey
e3a3f52e93 Merge pull request #441 from silverstripe-scienceninjas/mime-type-failover
MINOR Failover to configuration if the finfo module doesn't exists when getting file mime-type.
2012-05-15 14:20:36 -07:00
Ingo Schommer
4d97f75e15 MINOR Fixed form reset styles 2012-05-15 22:15:36 +02:00
Ingo Schommer
9326d9e60e BUGFIX Fixing SQLQuery->getFilter() usage of non-existent method (removed during refactoring of pull request), more accurate deprecation notice 2012-05-15 21:29:43 +02:00
Ingo Schommer
d57ede8f44 MINOR Fixed query param concatenation in LeftAndMain.js 2012-05-15 21:28:55 +02:00
Ingo Schommer
5ff282e20a MINOR Allow extending LeftAndMain->SiteTreeAsUL() (specifically used to add the language drop down for the 'translatable' module) 2012-05-15 21:28:38 +02:00
Ingo Schommer
8e39e7dfba MINOR Allow extension of LeftAndMain->Link() 2012-05-15 21:27:32 +02:00
Sean Harvey
b1104dac25 BUGFIX Don't try lazy loading fields when the record ID is set to something non-numeric, otherwise you'll get a SQL error. 2012-05-15 17:18:50 +12:00
Stig Lindqvist
7d9cf5b365 MINOR Use File::get_file_extension for fallback mime-type detection 2012-05-15 10:03:00 +12:00
Stig Lindqvist
ea8eb7bad4 MINOR: Changed the configuration values for mime-type detection 2012-05-15 10:02:06 +12:00
Ingo Schommer
0a6ec3d9c9 Merge pull request #443 from halkyon/sapphire
---
2012-05-14 15:33:48 +02:00
Ingo Schommer
ce3b2fc3af Merge pull request #440 from Zauberfisch/sapphire
---

fixed missing cancel icon in UploadField cancel button
2012-05-14 15:15:51 +02:00
Ingo Schommer
d42ea5a9d6 BUGFIX Encoding multibyte characters in custom X-Status HTTP headers used in CMS (headers don't allow multibyte data) 2012-05-14 15:13:49 +02:00
Ingo Schommer
45ae2465e8 Merge pull request #438 from ajshort/sapphire
---

These are some enhancements + tweaks I made as part of getting the advanced workflow module running in SS3:

* Added a readonly view button and action to GridField.
* Made LeftAndMain::getResponseNegotiator() public so CMS extensions can use it to generate responses.
* Fixed top tab background, made text more readable (http://i.imgur.com/yDmmY.png).
* Allow fields in the CMS to not be change tracked using ".no-change-track".
* Made all icons 16x16 (some were different sizes, being cut off), and allow them without .ui-state-default.
* Fixed ToggleCompositeField and tweaked field styling.
2012-05-14 14:25:16 +02:00
Sam Minnée
cd68e5ec66 Merge pull request #444 from silverstripe-scienceninjas/feature/entwine-enhancements
Feature/entwine enhancements
2012-05-13 22:43:53 -07:00
Hamish Friedlander
7f05add15e ENHANCEMENT: Make jQuery.Entwine inspector available in admin panels in dev mode 2012-05-14 16:34:18 +12:00
Hamish Friedlander
7b8e25467e MINOR: Update jquery.entwine to latest version. Brings speed improvements in onmatch, and an inspector. 2012-05-14 16:34:18 +12:00
Sean Harvey
9da92e04cf API CHANGE Renamed setContainerFieldSet() to setContainerFieldList() to match the FieldList API.
API CHANGE Renamed rootFieldSet() to rootFieldList() to match the FieldList API.
2012-05-14 15:16:44 +12:00
Sean Harvey
a53cca8932 MINOR Renaming getFieldSet with getFieldList in FormScaffolder 2012-05-14 15:03:22 +12:00
Sean Harvey
e095950a50 BUGFIX Installer checks: warn if finfo class not available, re-instating hash check, and remove duplicate iconv check. 2012-05-14 14:18:49 +12:00
Stig Lindqvist
c9bc485f34 MINOR Failover to configuration if the finfo module doesn't exists when getting file mime-type. 2012-05-14 10:04:35 +12:00
Sean Harvey
011e094541 Merge pull request #439 from simonwelsh/patch-1
BUGFIX: Director::protocol() was returning https when $_SERVER['HTTPS'] ...
2012-05-13 14:20:04 -07:00
Zauberfisch
dc649c1990 MINOR: removed wrong icon 2012-05-13 21:11:53 +02:00
Zauberfisch
ad78d9a3d1 MINOR: fixed missing cancel icon 2012-05-13 21:05:30 +02:00
Simon Welsh
3f3e34a109 BUGFIX: Director::protocol() was returning https when $_SERVER['HTTPS'] was an empty value. 2012-05-13 20:44:16 +12:00
Andrew Short
38075d880d MINOR: Tweaked the main tab styling to fix the background and make text more readable. 2012-05-12 18:49:56 +10:00
Andrew Short
d17c4d00ba MINOR: Made all icons consistently 16x16, and show them inside .ui-widget-content elements. 2012-05-12 18:49:56 +10:00
Andrew Short
4a5603b249 MINOR: Don't show a border below the last field. 2012-05-12 18:49:56 +10:00
Andrew Short
05cde92508 FEATURE: Implemented a view action for GridField, and a record viewing GridFieldConfig. 2012-05-12 18:49:56 +10:00
Andrew Short
dc1ccfe251 MINOR: Made the JS class used for gridfield detail actions apply to .action-detail rather than specific actions. 2012-05-12 18:49:56 +10:00
Andrew Short
1e174b3102 API CHANGE: Made LeftAndMain::getResponseNegotiator() public so extensions can use it. 2012-05-12 18:49:56 +10:00
Andrew Short
304c3cd5d3 ENHANCEMENT: Fields can be excluded from change tracking using a ".no-change-track" class. 2012-05-12 18:49:56 +10:00
Andrew Short
9e6273ce9a MINOR: Fixed deprecated method usage in ToggleCompositeField. 2012-05-12 18:48:44 +10:00