tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity
20,053 Commits 31 Branches 527 Tags
Commit Graph

939 Commits

Author SHA1 Message Date
Maxime Rainville
fd90cf6ceb [SS-2018-021] Fix potential SQL vulnerability in non-scalar value hyrdation 2019-02-12 20:44:17 +13:00
Robbie Averill
fecedc2d98 [SS-2018-020] Ensure that table names are escaped to prevent possible SQL injection 2018-12-11 20:56:40 +13:00
Robbie Averill
3f532466d1 Merge branch '4.0' into 4.1 2018-12-06 09:37:52 +00:00
Guy Marriott
6edcbe9086
Merge pull request #8592 from open-sausages/pulls/4.0/tree-multiselect-null 
FIX TreeMultiselectField passes value 'unchanged' as null to ORM
 2018-12-06 14:23:48 +13:00
Serge Latyntcev
9ce6d91b76 FIX / TreeMultiselectField::objectForKey handles list of IDs correctly 2018-11-22 12:11:18 +13:00
Robbie Averill
c6e3a398c7 Merge branch '4.0' into 4.1 2018-11-15 13:40:08 +02:00
Loz Calver
b5bae137bd FIX: Redirect loop with multiple confirmation tokens present (fixes #8607) 2018-11-15 10:59:42 +00:00
Serge Latyntcev
15aaf9db9f Fix a code style typo 2018-11-13 10:20:49 +13:00
Robbie Averill
df4d2bd838 Merge branch '4.0' into 4.1 
# Conflicts:
 #	lang/da.yml
 #	lang/eo.yml
 #	lang/fi.yml
 #	lang/it.yml
 #	lang/nl.yml
 #	lang/sv.yml
 2018-11-09 11:36:34 +02:00
Serge Latyntcev
4b4fbabed5 FIX TreeMultiselectField passes value 'unchanged' as null to ORM for 'ID' column key 2018-11-08 15:41:46 +13:00
Werner M. Krauß
3f321f935a Convert::memstring2bytes should return integer value 
bytes are by nature an integer

fixes #8572
 2018-11-07 17:01:36 +01:00
Loz Calver
11fe5b3adf Implement ConfirmationTokenChain to handle multiple tokens at once 2018-11-07 11:33:24 +13:00
Robbie Averill
9aabe0a0f7 [SS-2018-018] Ignore arguments in mysqli::real_connect backtrace calls 2018-11-07 11:33:24 +13:00
Loz Calver
8d7c2dafab [SS-2018-019] Add confirmation token to dev/build 2018-11-07 11:33:24 +13:00
Loz Calver
02ad0f44aa Implement ConfirmationTokenChain to handle multiple tokens at once 2018-11-07 11:32:55 +13:00
Robbie Averill
5425195238 [SS-2018-018] Ignore arguments in mysqli::real_connect backtrace calls 2018-11-07 11:32:55 +13:00
Loz Calver
af000bea9b [SS-2018-019] Add confirmation token to dev/build 2018-11-07 11:32:55 +13:00
Robbie Averill
6d2665d687 Merge branch '4.0' into 4.1 2018-11-06 11:04:28 +01:00
Werner M. Krauß
adafd73943 Convert::memstring2bytes should preserve -1 
fixes #8570
 2018-11-06 10:22:13 +01:00
Sam Minnée
e72fc9e3d0 FIX DataObject singleton creation (#8516) 
Ensure DataObject instances are aware they are singletons so functions like populateDefaults() can be skipped. (fixes #4878)

Correctly applies https://github.com/silverstripe/silverstripe-framework/pull/7850 to the 4.x line
This has already been fixed in 3.x
 2018-10-25 11:42:45 +13:00
Robbie Averill
b6ff21f72a Merge branch '4.0' into 4.1 2018-09-06 13:26:13 +02:00
Robbie Averill
b922c0d732 FIX Check scheme is truthy before setting it to the request 2018-09-03 08:59:37 +02:00
Maxime Rainville
dd3379e68f
Merge pull request #8075 from creative-commoners/pulls/4.0/remap-polymorphics 
FIX Polymorphic relationship class columns have obsolete class names remapped
 2018-08-28 17:03:39 +12:00
Robbie Averill
d651d0fbfc FIX Use base class (not remapping target class) when looking up whether object is versioned 2018-08-28 14:15:02 +12:00
Scott Hutchinson
4da5569232 FIX ensure createFromVariables takes correct params on CLIRequestBuilder 2018-08-27 16:12:52 +12:00
Robbie Averill
66c09afc9c Merge branch '4.0' into 4.1 2018-08-27 16:12:04 +12:00
Robbie Averill
3178fbf3bb
Merge pull request #8028 from andrewandante/pulls/4.0/unset_http_scheme_on_cli 
unset http scheme on CLIRequestBuilder
 2018-08-27 16:11:42 +12:00
Thomas Portelange
27ac001d5b FIX email rendering should not include requirements 
If no body is defined, the email is rendered according to a template. Clearing requirements prevent unnecessary styles/scripts to be included in the html (and that needs to be processed/stripped down the line).
 2018-08-23 14:01:27 +12:00
Robbie Averill
953153500d FIX Polymorphic relationship class columns have obsolete class names remapped 2018-08-15 10:40:51 +12:00
Loz Calver
106ca6643a
Merge pull request #8263 from dhensby/pulls/4.1/mask-backtrace 
FIX updateValidatePassword calls need to be masked from backtraces
 2018-07-16 10:30:22 +01:00
Robbie Averill
d122995652 FIX Duplicate config values for cascade_duplicates no longer duplicate their duplicates 
Previously you could define identical values for this config prop via a DataExtension and on the base
class, resulting in double duplication
 2018-07-16 12:04:56 +12:00
Daniel Hensby
8703839eb1
FIX updateValidatePassword calls need to be masked from backtraces 2018-07-15 01:06:45 +01:00
Daniel Hensby
ec9281ee02
Merge branch '4.0' into 4.1 2018-07-13 16:42:00 +01:00
Daniel Hensby
4acec33562
FIX Fixed bug in config merging priorities so that config values set by extensions are now least important instead of most important 2018-07-12 00:55:39 +01:00
Robbie Averill
725212a707 FIX Allow dispatcher in Embed to be configured with injector (#8192) 2018-06-20 11:37:35 +12:00
Maxime Rainville
3f80e2dc67 FIX Don't reload form session data using FormField::setSubmittedValue… (#8184) 2018-06-19 11:27:09 +12:00
Damian Mooyman
8181dc4fd2 ENHANCEMENT Ensure extensions are told the internal item request class for gridfield detail form (#8164) 
Fixes https://github.com/silverstripe/silverstripe-framework/issues/8136
 2018-06-15 17:58:53 +12:00
Damian Mooyman
b636587945
Respect semver and add tests 2018-06-15 11:04:12 +12:00
Damian Mooyman
310a259c5f
Add locale to Format 
Fix up some regressions
 2018-06-14 17:28:16 +12:00
Damian Mooyman
02ae2e7ed0
BUG Fix internal date formatting inheriting default locale 
Fixes #8097
 2018-06-13 13:32:11 +12:00
Damian Mooyman
c2123f772f
Merge remote-tracking branch 'origin/4.0' into 4.1 2018-06-13 11:24:12 +12:00
Robbie Averill
f256045020
Merge pull request #8158 from open-sausages/pulls/4.0/fix-cli-canonical-middleware 
BUG Prevent canonical URL causing a redirect on CLI unless explicitly enabled
 2018-06-12 10:53:37 +12:00
Daniel Hensby
ce58890baf
Merge branch '4.0' into 4.1 2018-06-11 09:27:42 +01:00
Robbie Averill
27e24a4728
Merge pull request #8142 from open-sausages/pulls/4.0/fix-injector-empty 
BUG Safely handle empty injector factory responses
 2018-06-11 15:20:24 +12:00
Damian Mooyman
2a51f34c3e
BUG Prevent canonical URL causing a redirect on CLI unless explicitly enabled 
Replaces #8157
 2018-06-11 13:54:27 +12:00
Damian Mooyman
546c6c3e22
Merge pull request #8125 from open-sausages/pulls/4/date-field-tweaks 
Remove legacy logic from DateField_Disabled
 2018-06-11 09:23:33 +12:00
Daniel Hensby
e260319823
Merge branch '4.0' into 4.1 2018-06-08 23:05:24 +01:00
Maxime Rainville
582c69d32f
BUG Fix issue with Disabled DateField always display (not set). 2018-06-08 13:51:22 +01:00
Daniel Hensby
e1450b5e82
Merge pull request #8147 from kinglozzer/mysql-pdo-attr 
FIX: Only set MYSQL_ATTR_INIT_COMMAND when using mysql driver (fixes #8103)
 2018-06-08 13:06:03 +01:00
Ingo Schommer
80c30c7b05
Merge pull request #8089 from creative-commoners/pulls/4.1/fix-maori-macron 
FIX Add macron to Māori language name
 2018-06-08 14:07:05 +12:00