silverstripe-framework/docs/en/04_Changelogs/3.5.0.md
2016-11-29 16:21:14 +13:00

17 KiB

3.5.0

Change Log

Security

  • 2016-11-11 4440b88 Form@httpSubmission will no longer load submitted data to disabled or readonly fields (Daniel Hensby) - See ss-2016-010
  • 2016-11-11 61e4055 Cast FormField values as Text to prevent readonly fields embeding rogue HTML (Daniel Hensby) - See ss-2016-010
  • 2016-10-27 17097a4 Properly escape backURL for template injection (Daniel Hensby) - See ss-2016-016
  • 2016-08-02 62a2421 value / title escaping in CheckboxSetField and OptionsetField (Damian Mooyman) - See ss-2016-015
  • 2016-08-02 12a6b35 value / title escaping in CheckboxSetField and OptionsetField (Damian Mooyman) - See ss-2016-015
  • 2016-08-02 049cdef value / title escaping in CheckboxSetField and OptionsetField (Damian Mooyman) - See ss-2016-015
  • 2016-07-25 b1f4497 Autologin cookies are ignored if autologin is disabled (Daniel Hensby) - See ss-2016-014
  • 2016-07-25 fa7f5af Autologin cookies are ignored if autologin is disabled (Daniel Hensby) - See ss-2016-014
  • 2016-07-25 1c7d5de Autologin cookies are ignored if autologin is disabled (Daniel Hensby) - See ss-2016-014
  • 2016-07-22 281b0de Uncasted member name (Daniel Hensby) - See ss-2016-013
  • 2016-07-22 83e3302 Uncasted member name (Daniel Hensby) - See ss-2016-013
  • 2016-07-22 6817c57 Uncasted member name (Daniel Hensby) - See ss-2016-013
  • 2016-07-15 298f615 Reset Member::Salt on password change (Daniel Hensby) - See ss-2016-008
  • 2016-07-15 f85dea2 Reset Member::Salt on password change (Daniel Hensby) - See ss-2016-008
  • 2016-07-15 dc47f7e Reset Member::Salt on password change (Daniel Hensby) - See ss-2016-008
  • 2016-07-14 6606d98 ChangePasswordForm does not check $member->canLogin before login (Daniel Hensby) - See ss-2016-011
  • 2016-07-14 6d41db7 ChangePasswordForm does not check $member->canLogin before login (Daniel Hensby) - See ss-2016-011
  • 2016-07-14 2b30ade ChangePasswordForm does not check $member->canLogin before login (Daniel Hensby) - See ss-2016-011
  • 2016-07-14 efa20d2 Missing ACL check on ReportAdmin (Daniel Hensby) - See ss-2016-012
  • 2016-07-14 cff2ea9 Missing ACL check on ReportAdmin (Daniel Hensby) - See ss-2016-012
  • 2016-07-14 ca526b0 Missing ACL check on ReportAdmin (Daniel Hensby) - See ss-2016-012
  • 2016-07-14 5f73d34 Missing ACL check on ReportAdmin (Daniel Hensby) - See ss-2016-012
  • 2016-05-03 3fa84cf Encode user supplied URL for embeding into page (Daniel Hensby) - See ss-2016-007

API Changes

  • 2016-11-15 f43a91a Add FormField::canSubmitValue() (Damian Mooyman)
  • 2016-11-07 ffd9938 ShortcodeParser getter and extension points (Jonathon Menz)
  • 2016-09-15 b87c668 support dblib (#5996) (Damian Mooyman)
  • 2016-09-05 c6457c5 Allow has_many fixtures to be declared with array format as well as many_many (#5944) (Damian Mooyman)
  • 2016-07-15 d08ab6a Allow X-Frame-Options to be configured (Damian Mooyman)
  • 2016-06-20 e810a99 Add optimistic_connect to SS_Database (Damian Mooyman)

Features and Enhancements

  • 2016-06-10 19b9413 Use injector for MemberLoginForm fields (Daniel Hensby)
  • 2016-05-15 c401d9d added hide_from_cms_tree and hide_from_hierarchy (John Milmine)
  • 2015-02-11 dae2295 Allow the paddedresize to take another hex value to specify a transparency on the padded color (Nick)

Bugfixes

  • 2016-11-24 a4760b8 Fixed issue where a shortcode's location would not get set to split when using the class leftAlone (UndefinedOffset)
  • 2016-11-23 03b4e6e Tests shouldnt set date or time format to null (Daniel Hensby)
  • 2016-11-09 ebae480 Fix regression in aggregate column lookup from #6199 (Damian Mooyman)
  • 2016-11-09 6bf36fb Correct return type for Member::currentUser() (Loz Calver)
  • 2016-11-04 dd9ade4 UploadField incorrectly setting max upload size (Daniel Hensby)
  • 2016-11-03 edfe514 Ensure that builds use the 3.4 dependencies. (Sam Minnee)
  • 2016-11-03 135a647 Ensure that builds use the 3.4 dependencies. (Sam Minnee)
  • 2016-11-01 c61d61d default_records are no longer inherited to child classes (Daniel Hensby)
  • 2016-10-30 747bd4c filterAny error message now refers to correct method name (Daniel Hensby)
  • 2016-10-22 bec5adf Versioned sort by ID (Jonathon Menz)
  • 2016-10-19 b0445f7 Ambiguous column SQL error (Jonathon Menz)
  • 2016-10-16 fe81607 Make simplexml_load_file work on shared php-fpm (Nicola Fontana)
  • 2016-10-11 7368dec Fix issue with SS_List as datasource for dropdown field (Damian Mooyman)
  • 2016-10-07 ae83b7b History controller now shows right comparison versions (Daniel Hensby)
  • 2016-10-04 797be6a Revert natural sort (Jonathon Menz)
  • 2016-10-04 6dde5ce Absolute alternate_base_url no longer breaks session cookies (Daniel Hensby)
  • 2016-10-03 98d95cd Sort order for duplicated child pages is now retained (Daniel Hensby)
  • 2016-09-29 ae4108b Content-Disposition header breaks in Firefox (#4087) (Anton Smith)
  • 2016-09-19 32d1856 Debug::caller() will now handle errors from outside function calls (#6029) (Daniel Hensby)
  • 2016-09-19 d2d770c Frontend UploadField wouldn't call ssdialog (Cristian Torres)
  • 2016-09-14 cd8904e ing button destroy bug (3Dgoo)
  • 2016-09-12 a14df0b Force line endings to LF on sake file (Daniel Hensby)
  • 2016-09-06 e7ecf6c Bad strpos call in HTTP::register_etag() (Daniel Hensby)
  • 2016-09-01 f2ed59e Empty dmyfields on DateField now validate as true (Daniel Hensby)
  • 2016-08-22 59be597 #1052 (Daniel Hensby)
  • 2016-08-22 4998b80 ArrayList sorting now caseinsensitive (Daniel Hensby)
  • 2016-08-15 95c640a Fix regression in FormField casting (Damian Mooyman)
  • 2016-08-15 5ad8157 Fix regression in FormField casting (Damian Mooyman)
  • 2016-08-15 a6a9cd7 Fix regression in FormField casting (Damian Mooyman)
  • 2016-08-11 d4114b3 include related fields on canFilter() check (Jonathon Menz)
  • 2016-08-09 63fc4db Fix extra border in page settings (Damian Mooyman)
  • 2016-08-07 86add3e Use create syntax for CMSMemberLoginForm remember me form (Daniel Hensby)
  • 2016-08-04 5fcdf8c don't look in node_modules (Michael Strong)
  • 2016-08-03 a84a1b7 es issue #32 (Access tab JS) (Colin Tucker)
  • 2016-07-28 56f0b72 ETag header now properly quoted (Daniel Hensby)
  • 2016-07-15 9282662 ing bad syntax from PR (Daniel Hensby)
  • 2016-07-15 3662240 Allow caching of false config values (Fixes #4755) (#4762) (Sam Minnée)
  • 2016-07-08 74c555e for #5784: Added ->setReplyTo(), deprecated ->replyTo() for API consistency. Revamping, fixing, and enhancing internal Email API documentation. Simplified code and brought up-to-date with latest standards. (Patrick Nelson)
  • 2016-07-05 9afd602 calling $record->write() breaks other 3rd party fields that write to an UnsavedRelationList. (Jake Bentvelzen)
  • 2016-07-04 637167f Fix missing icons (Damian Mooyman)
  • 2016-06-09 3bb32eb Tests need the DB (Daniel Hensby)
  • 2016-06-09 68c4040 No longer hardcoding admin links (Daniel Hensby)
  • 2016-06-03 429ce55 ViewableData::setFailover() didn't remove cached methods (Loz Calver)
  • 2016-06-01 8a58041 Remove default from address for error emails (Sam Minnee)
  • 2016-05-27 11aad47 invalid syntax in TinyMCE config (#5593) (Loz Calver)
  • 2016-05-19 b1df9dc check that we have a token and a UID before attempting a member auto login (Stevie Mayhew)