Damian Mooyman
8c0ced311f
Merge pull request #6998 from AntonyThorpe/StrictFormMethodCheck
...
Updated Form.php & 04_Form_Security.md - strictFormMethodCheck to true
2017-06-06 23:06:11 +12:00
Antony Thorpe
6348f2e3e8
Updated Form.php & 04_Form_Security.md
...
Changed the `strictFormMethodCheck` protected property from false to true to step out on the front foot with this security setting. In the documentation under the title [Cross-Site Request Forgery](https://github.com/silverstripe/silverstripe-framework/blob/master/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md#cross-site-request-forgery-csrf ) it states, "it is also recommended to limit form submissions to the intended HTTP verb (mostly GET or POST) through [api:Form::setStrictFormMethodCheck()]." The same advice is noted in [Form Security](c2292a4cc1/docs/en/02_Developer_Guides/03_Forms/04_Form_Security.md (strict-form-submission)
).
Why not make this the default behaviour? Is there a scenario where this would cause a problem? Have manually tested in the CMS (alpha7) and is working fine.
Note: Original commit that establised the API Form::setStrictFormMethodCheck is 14c59be8
.
2017-06-06 21:10:49 +12:00
Christopher Joe
d12c986dd5
Fixes printing from crashing
2017-06-06 13:31:37 +12:00
Damian Mooyman
e7d87add9f
API Remove legacy HTMLEditor classes
2017-05-30 11:01:28 +12:00
Damian Mooyman
0cd40ca6e5
BUG Fix minor accessors of legacy ->class property
2017-05-25 11:55:12 +12:00
Damian Mooyman
d15b9ee0b0
Response to feedback
2017-05-23 13:50:35 +12:00
Damian Mooyman
fba8e2c245
API Remove Object class
...
API DataObjectSchema::manyManyComponent() return array is now associative array
2017-05-23 13:50:35 +12:00
Damian Mooyman
7bc8172bc1
Merge pull request #6937 from caffeineinc/2930-checkboxfield-invalid-html
...
CheckboxField creates invalid HTML when required #2939
2017-05-22 13:44:58 +12:00
Simon Gow
cdc03602ed
CheckboxField creates invalid HTML when required #2939
...
- Updated CheckboxField, CheckboxSetField, DropdownField, OptionsetField
to validate with HTML5 attributes & aria-required.
https://www.w3.org/TR/wai-aria/states_and_properties#aria-required
2017-05-22 12:15:28 +12:00
Damian Mooyman
2aa3b5d5fa
Merge pull request #6934 from robbieaverill/pulls/4.0/consistent-instance-method
...
API Consistent use of inst() naming across framework
2017-05-22 11:57:20 +12:00
Damian Mooyman
80bff0d099
Merge pull request #6932 from mikenz/pulls/4.0/treedropdownfield-orphaned
...
Bugfix: Parent treedropdownfield for an orphaned page is broken
2017-05-22 10:53:33 +12:00
Robbie Averill
f2cbe86f03
Remove CustomMethods::createMethod and create_function implementations, replace with closures
2017-05-19 15:56:44 +12:00
Robbie Averill
ad43a82923
API Consistent use of inst() naming across framework
2017-05-19 14:38:06 +12:00
Mike Cochrane
31578d4771
Bugfix: Parent treedropdownfield for an orphaned page is broken
2017-05-19 12:15:36 +12:00
Ingo Schommer
adbf9d9f71
Process actions on Form subclasses
...
Regression introduced through https://github.com/silverstripe/silverstripe-framework/issues/6362 .
Quote from the RFC:
```
Thus the order of action precedence becomes
action callback
action on the Form
action on the FormRequestHandler
action on any parent controller (if given)
```
2017-05-18 22:47:39 +12:00
Damian Mooyman
8ed675d29b
Merge pull request #4542 from patricknelson/issue-4417-validator-remove-validation-master
...
FIX for #4417 : Ensuring ->removeValidation() is defined on instances of Validator. Setup new API for enabling/disabling validation. Documentation and better type handling.
2017-05-18 09:27:48 +12:00
Christopher Joe
0534a5ec0c
Fix TreeDowndropField copying
2017-05-17 16:52:21 +12:00
Christopher Joe
287ad35f0d
Fix change API to hasEmptyDefault() to be inline with SingleSelectField
2017-05-17 10:13:54 +12:00
Christopher Joe
3927e7e248
Fix added cache key for TreeDropdownField cache
2017-05-17 10:13:54 +12:00
Christopher Joe
6869e450a0
Enhancement added customisable emptyTitle and a showRootOption property in TreeDropdownField
2017-05-17 10:13:54 +12:00
Patrick Nelson
5fa3c85280
FIX for #4417 : Ensuring ->removeValidation() is defined on instances of Validator. Setup new API for enabling/disabling validation. Documentation and better type handling.
2017-05-16 12:58:00 +01:00
Saophalkun Ponlu
1ec7c4e523
Fix lint error
2017-05-16 11:53:23 +12:00
Saophalkun Ponlu
a975b88661
Pass autofocus flag to front-end
2017-05-16 11:53:23 +12:00
Daniel Hensby
e741af9127
Merge branch 'pull/6905'
2017-05-12 12:21:02 +01:00
Ralph Slooten
43a122cc36
Fix for meta closing tags
...
Prevent html errors when FormField::create_tag('meta') is called from $MetaTags() so
```
<meta name="generator" content="SilverStripe - http://silverstripe.org "></meta>
```
becomes
```
<meta name="generator" content="SilverStripe - http://silverstripe.org " />
```
Add all void elements to list
2017-05-12 08:49:15 +12:00
Christopher Joe
edcb220e4a
Enhancement add EmailLink form factory server-side
2017-05-11 09:57:55 +12:00
Christopher Joe
c58dc97d39
Fix optional $id param because of how methodSchema passes a parameter
2017-05-11 09:57:55 +12:00
Christopher Joe
2ee0d99806
Enhancement switch FormFactories to use RequestHandler instead of Controller
2017-05-11 09:57:55 +12:00
Christopher Joe
403f4db14d
Fix change titles to return schema values in schema
...
Enhancement Add EditorExternalLink call for toolbar
2017-05-11 09:57:55 +12:00
Aaron Carlino
4af71b9ed7
Pulls/4/remove reliance on admin dir ( #6876 )
...
* Stop relying on external constants
* Revise getTinyMCEPath method to throw exception when no path can be computed
* Throw exception on no gzip, better admin module check
2017-05-10 13:18:44 +12:00
Saophalkun Ponlu
fd51f35bc2
Update tests
2017-05-09 16:52:32 +12:00
Saophalkun Ponlu
97dac7028c
De-couple schema type and type attribute
2017-05-09 16:50:33 +12:00
Sam Minnée
33119a1f36
Merge branch 'master' into pulls/4.0/remove-deprecated-methods
2017-05-09 15:31:53 +12:00
Ingo Schommer
1d438d3fb5
API Remove deprecated FormAction::createTag()
2017-05-09 11:38:35 +12:00
Ingo Schommer
bbf15ab9f1
Allow type override in FormAction
2017-05-09 11:16:41 +12:00
Ingo Schommer
0d9b383631
API Removed legacy form fields ( fixes #6099 )
2017-05-09 11:16:41 +12:00
Aaron Carlino
afd1575267
ENHANCEMENT GridField passes in context for canCreate
2017-05-09 09:15:09 +12:00
Aaron Carlino
c99ed2d262
Reorganise i18n keys
2017-05-08 23:34:39 +12:00
Uncle Cheese
d51c4891e2
New namespaced i18n keys
2017-04-28 14:59:42 +12:00
Uncle Cheese
494cbd1875
Ran upgrader for lang files
2017-04-28 14:59:42 +12:00
Ingo Schommer
22f232ed4d
Mark up <time> in validation errors
...
Allow better localisation of values in JS
2017-04-27 21:44:52 +12:00
Ingo Schommer
cbe534c675
Fixed component capitalisation
2017-04-27 15:36:18 +12:00
Ingo Schommer
94b49e3e28
Removed unused field
2017-04-27 15:36:11 +12:00
Ingo Schommer
60706c8efd
Store $value in ISO and server timezone consistently, fix min/max timezone handling
2017-04-27 14:59:11 +12:00
Ingo Schommer
628fd216ad
PHPDoc fixes
2017-04-27 11:56:23 +12:00
Ingo Schommer
f01a20d5c4
Only used normalised ISO on HTML5
2017-04-27 11:56:18 +12:00
Ingo Schommer
de8abe1167
API rename
2017-04-27 11:53:43 +12:00
Ingo Schommer
b852a76334
Consistent schema keys
2017-04-27 11:47:04 +12:00
Ingo Schommer
14b3468eee
Removed setting format in getter
...
That’s already handled in getFormatter()
2017-04-27 11:09:59 +12:00
Ingo Schommer
655b047d80
Removed superfluous methods
2017-04-27 11:09:43 +12:00
Ingo Schommer
d3afa0c3b5
Remove array check since setSubmittedValue() no longer supports it
2017-04-27 10:59:44 +12:00
Ingo Schommer
958736502a
Removed “T” str_replace, more comments
2017-04-27 10:32:22 +12:00
Ingo Schommer
1ec2abe75f
Fixed timezone and normalised ISO handling
...
A few observations:
- ISO says “T” is optional (https://en.wikipedia.org/wiki/ISO_8601#cite_note-21 ),
- WHATWG says in the HTML5 spec that it’s optional (https://html.spec.whatwg.org/multipage/infrastructure.html#local-dates-and-times )
- W3C says it’s reqiured in 1997 (https://www.w3.org/TR/NOTE-datetime ), but then later says it’s optional in its HTML5 spec (https://www.w3.org/TR/html5/infrastructure.html#floating-dates-and-times ).
- Chrome doesn’t parse values with whitespace separators (requires "T")
- DataObject DBDatetime values and database columns use whitespace separators (and will have many devs relying on this format)
- MySQL only supports whitespace separators (https://dev.mysql.com/doc/refman/5.7/en/datetime.html )
- SQLite can parse both ways (https://sqlite.org/lang_datefunc.html )
So the goal here is to retain ORM/database compatibility with 3.x (whitespace separator),
while exposing "T" separators to the browser in HTML5 mode.
Regarding timezones, this fixes a regression where setValue() would not actually
apply the timezone (last $value assignment is ineffective now that sub fields are removed).
2017-04-26 22:55:29 +12:00
Ingo Schommer
e97783b057
Better second handling
2017-04-26 22:45:08 +12:00
Ingo Schommer
d2132e85db
More specific localisations
2017-04-26 22:45:07 +12:00
Saophalkun Ponlu
dba1f61f13
Fix tests related to date time
2017-04-26 22:45:07 +12:00
Saophalkun Ponlu
9d7eef7cf3
Fix datetime field validation for the refactor
2017-04-26 22:45:07 +12:00
Saophalkun Ponlu
4a70662940
Pass html5 flag to front-end
2017-04-26 22:45:07 +12:00
Saophalkun Ponlu
9f8fe88eea
Refactor DateTimeField not to use DateField and TimeField
2017-04-26 22:45:07 +12:00
Saophalkun Ponlu
81a21f68cd
Add 'lang' attribute to front-end date field schema
2017-04-26 22:45:06 +12:00
Damian Mooyman
0791b387b8
API Update serialisation of JSON tree data
...
Update TreeDropdownField schema
2017-04-26 17:30:10 +12:00
Saophalkun Ponlu
68041f4265
Wrap selection group input in label
2017-04-26 13:54:06 +12:00
Damian Mooyman
136b67f597
API Major refactor of Hierarchy into MarkedSet
2017-04-13 16:27:13 +12:00
Damian Mooyman
f38ae1d837
Cleanup phpdocs on DatetimeField
2017-04-13 14:00:30 +12:00
Damian Mooyman
e61257c27b
API Update embed/embed to 3.0
...
API Better shortcode generation for embed shortcodes
2017-04-04 10:20:08 +12:00
Christopher Joe
2c5e482de0
Add LabelField component definition
2017-04-04 10:20:08 +12:00
Ingo Schommer
e3fbd1dcac
Fixed coding conventions
2017-04-03 20:54:25 +12:00
Ingo Schommer
3b94d14e42
MERGE
2017-04-03 12:11:21 +12:00
Ingo Schommer
326aa37ea4
API HTML5 date/time fields, remove member prefs ( fixes #6626 )
2017-03-31 15:21:47 +13:00
Ingo Schommer
ac6d4f3038
Move DateField->placeholders to subclass
...
It’s only used there
2017-03-31 14:15:21 +13:00
Damian Mooyman
a07a9bffc4
API Add FormRequestHandler::forTemplate() for backwards compatibility
2017-03-13 12:51:37 +13:00
Damian Mooyman
0c41a97a8b
API Refactor Form request handling into FormRequestHandler
...
API Add HasRequestHandler interface
API Refactor Link() and url handling behaviour from Controller into RequestHandler
API RequestHandler classes now must define url_segment to have a default Link()
API Clean up redirectBack()
2017-03-10 15:04:33 +13:00
Christopher Joe
50deb17763
API remove UploadField, AssetField and associated files
...
Fixes #6481
2017-03-09 10:16:46 +13:00
Damian Mooyman
3362e15a29
API Upgrade code to use updated config
2017-02-27 16:54:01 +13:00
Damian Mooyman
1d49c4afe9
API Remove non-asset-admin TinyMCE media dialog
...
API Split ssplugin into ssmedia and sslink plugins
2017-02-27 10:38:23 +13:00
Damian Mooyman
bab52e2403
Tweak dropdownfield
2017-02-27 10:38:23 +13:00
Christopher Joe
98ecaf9bd0
Change UploadField to TreeDropdownField for modal fields
...
Change UploadField to abstract placeholder FileHandleField for non-modal fields
2017-02-27 10:38:23 +13:00
Daniel Hensby
7156da6279
Merge branch '3'
2017-02-20 22:19:33 +00:00
Ingo Schommer
b7bed18192
Mark setShowCalendar() as experimental
2017-02-16 10:55:07 +13:00
Ingo Schommer
80723c077b
Reinstated separated DateField functionality
2017-02-16 09:06:14 +13:00
Damian Mooyman
014f0d23ed
API Create SeparatedDateField
...
API Restrict allowed values parsed via DBDate::setValue
API Remove NumericField_Readonly
API Remove DBTime::Nice12 / Nice24
2017-02-15 11:07:58 +13:00
Damian Mooyman
029a8b9586
API Substitute Zend_Currency with NumberFormatter based solution
...
API Substitute Zend_Locale with Locale / NumberFormatter
API Substitute Zend_Date with IntlDateFormatter
API Added DBTIme::Nice12, FormatFromSettings
API Added Short() method to DBDate / DBTime / DBDatetime
API Add Date::getTimestamp()
API Added setSubmittedValue api for FormField
API Add second arg to base FormField::setValue()
API Major refactor of i18n into component data parts
API Implement Resettable interface to reset objects between tests
ENHANCEMENT Changed DBField::create_field return type to `static` to support better type hinting
ENHANCEMENT i18nTextCollector supports __CLASS__
2017-02-09 15:28:59 +13:00
Colin Tucker
34398b0faa
Cast SmallFieldHolder to HTMLFragment - fixes #6568
2017-01-27 09:16:58 +11:00
Damian Mooyman
8a07c56bdf
API Replace i18n message localisation with symfony/translation
...
API Implement enhanced pluralisation
Remove Zend_Translate and all Zend dependencies from i18n
Deprecated $context from i18n::_t()
Warn on missing default string for i18n::_t()
2017-01-25 17:08:12 +13:00
Lee Bradley
6000e3ba16
GridFieldAddExistingAutocompleter: Make Search Response HTTPResponse
...
Also adds the 'text/json' Content-Type header
2017-01-17 10:03:07 +00:00
Robbie Averill
ce38f1f1fd
API Enhancement: Allow "removeComponentsByType" to remove multiple component"s"
2017-01-13 23:30:30 +13:00
Daniel Hensby
747c0770e7
Merge pull request #6446 from robbieaverill/feature/controllers-without-underscores
...
API Allow controller discovery without underscores (PSR-2 compliance)
2017-01-11 15:27:56 +00:00
Damian Mooyman
b52a963ed7
ENHANCEMENT Remove jquery-ui button() api from default HTML editor dialog
2017-01-11 17:04:20 +13:00
Damian Mooyman
6b5efb91fd
Merge pull request #6434 from open-sausages/features/4.0/ui-button-refresh
...
Refresh CMS UI buttons to new flat style and bootstrap classes
2017-01-11 14:22:25 +13:00
Damian Mooyman
d9034f5bfc
Remove redundant CMSSecurity.js dist file
...
Cleanup GridFieldFilterHeader / GridFieldSortableHeader
2017-01-11 12:00:01 +13:00
Robbie Averill
c620063608
DOCS Update docs to reference PageController
without an underscore, implement some PSR-2
2017-01-11 09:59:28 +13:00
Daniel Hensby
a996e20e79
Merge pull request #6450 from mikenz/page-to-sitetree
...
ENHANCEMENT: Use SiteTree instead of Page class in more places
2017-01-10 16:02:15 +00:00
Daniel Hensby
f3b6bb1470
Merge branch '3'
2017-01-10 14:31:07 +00:00
Damian Mooyman
b62f9b60a0
BUG Fix broken member / group import
...
BUG GridFieldImportButton no longer only works on ModelAdmin
2017-01-10 17:57:54 +13:00
Christopher Joe
8118448a9c
Fix PHP linting issues
2017-01-10 11:34:50 +13:00
Will Rossiter
56c2363909
Implement feedback fixes
...
Enhancement Fix ModelAdmin import form not POSTing to correct form
2017-01-10 11:05:58 +13:00
Paul Clarke
e893fc4c51
Enhancement improve secondary action colours
...
Enhancement add accessibility info to page number
Enhancement new font icons added, improve trash icon and increase icon size of close
Enhancement improve title of gridfield search trigger
Enhancement add title to button to open gridfield search and improve gridfield search styles
API Shortcode fails if no parent
API JQuery-UI classes removed
Enhancement centre actions tabs within dropup in more-actions
Enhancement fix IE input height issue and fix for safari of icons in buttons with hidden text (e.g. pagination)
Enhancement only show external link on hover
2017-01-10 10:55:34 +13:00
Will Rossiter
ddc9a9c6d6
Enhancement Fix up buttons within gridfield search
...
Enhancement Fix up batch actions button
2017-01-10 10:53:10 +13:00
Paul Clarke
7b90ee137d
Enhancement resize icon to sit inline and increase size of search icon and Upload icon
...
Enhancement remove float from buttons as already aligned inline
Enhancement Align buttons in toolbar more consistently
API remove ui overrides
API ss-ui-button no longer exists so styles where not seen, removed nesting
2017-01-10 10:51:07 +13:00
Will Rossiter
cb6ec11f1b
Enhancement Implement import CSV icon and tidy up import forms
...
Enhancement Tidy up permission icons to new icon library
WIP The modal is a short term workaround until the UI is all react based but we wanted to do some cleanup prior to 4 release
API Remove ssui.button
Enhancement Update buttons to new flat bootstrap style
2017-01-10 10:49:15 +13:00
Paul Clarke
178bd480eb
API Changes required for asset search behaviour
2017-01-09 14:55:20 +13:00
Mike Cochrane
0cf477d36e
Use SiteTree instead of Page class in more places
2017-01-03 20:37:17 +13:00
Daniel Hensby
664c0eafbe
Merge branch '3'
2016-12-28 14:30:54 +00:00
Daniel Hensby
ba39e552a2
Merge branch '3'
2016-12-15 12:20:29 +00:00
Damian Mooyman
6e589aac75
API Updates to Form, ValidationResponse, ValidationException
...
API Implement form schema "errors" handling
2016-12-09 14:24:11 +13:00
Sam Minnee
6650561dac
Don't use session and FormSchema to manage server-side React validation responses
2016-12-09 10:27:23 +13:00
Damian Mooyman
6b06fd9f2d
API Add buttonTooltop to PopoverField and fix critical positioning issue
2016-12-07 13:06:35 +13:00
Daniel Hensby
c6d43b477e
Merge branch '3'
2016-11-29 13:27:49 +00:00
Damian Mooyman
bc19b2a491
PSR2 cleanup
2016-11-29 16:18:48 +13:00
Damian Mooyman
d4abfea4eb
Rename Uploadable -> UploadReceiver and FileUploadable -> FileUploadReceiver
2016-11-29 16:16:16 +13:00
Damian Mooyman
7cba50e3a5
API Refactor UploadField, FileField and AssetField into traits Uploadable and FileUploadable
2016-11-29 16:15:59 +13:00
Damian Mooyman
1b1e921e3d
PSR2: Whitespace-only changes
2016-11-29 12:31:16 +13:00
Damian Mooyman
6e8304ff2f
API Namespace framework tests
2016-11-23 19:25:12 +13:00
Christopher Joe
875811fdfd
API Create loading state for schema
...
API Create stateOverride state for schema
Enhancement Moved crumbs property to rely on redux state
Enhancement Updated file app icon names
API Added InsertMediaModal functionality to HtmlEditorField
API Removed dependency on schema ID that is returned from server
API Added afterMessages property for FormBuilder to display content after the alert message
2016-11-22 16:58:00 +13:00
Daniel Hensby
bcc21c2403
Merge branch '3'
2016-11-10 01:09:35 +00:00
Christopher Joe
8a7ea044ac
Added validator class to decouple validation library from FormBuilder
...
Added required rule priority logic and fix styling of error messages
2016-11-03 10:39:53 +13:00
Christopher Joe
0901de2995
BUG Fix php schema generation
2016-11-03 10:26:39 +13:00
Damian Mooyman
1142757c21
API Add 'validation' to form schema
2016-11-03 10:07:24 +13:00
Damian Mooyman
38fdafb474
Fix tinymce breaking in non-typical install location
2016-11-01 17:40:59 +13:00
Sam Minnee
7a10c194bd
NEW: Move code files into src/ folder.
...
This updates framework to be more in keeping with PHP conventions.
2016-11-01 13:37:24 +13:00