Ingo Schommer
86339a551d
Clearer escaping in CMSMain
...
No direct security issue, but makes intent clearer
2013-09-24 21:37:26 +02:00
Ingo Schommer
e170f4c21b
FIX Escaping in "dependent pages" (SS-2013-009)
2013-09-24 21:37:26 +02:00
Ingo Schommer
79996a76fe
Clearer escaping in ReportAdmin
...
No direct security issue since report titles can't be set by the user
2013-09-24 21:37:26 +02:00
Ingo Schommer
29e502a63a
Hints for SiteTree.TreeTitle casting
...
Relates to SS-2013-009
2013-09-24 21:37:26 +02:00
Sean Harvey
27749fdb7a
AssetAdmin: PHP warning trying to add empty values into CompositeField
...
If the logged in user doesn't have permission to add a Folder record,
AssetAdmin::getEditForm() tries to enter an empty value into the
children of a ComposteField. This breaks SSViewer with a
call_user_func invalid args PHP warning.
Only include these buttons when they're available to the user.
2013-08-27 14:30:39 +12:00
Sam Minnée
d7d0cb45ae
Merge pull request #824 from hafriedlander/fix/archivedate
...
FIX ArchiveDate enforcement
2013-08-08 17:38:53 -07:00
Simon Welsh
b1664f86a4
FIX Check for stage and drafts in SiteTree::canView()
2013-08-09 10:45:09 +12:00
Hamish Friedlander
2fae9280e5
FIX ArchiveDate enforcement
2013-08-08 17:17:35 +12:00
Ingo Schommer
3f118ef08f
Translations: Switch to Transifex format
...
- Based on new (last) translation download from getlocalization.com
- Removed untranslated strings. Getlocalization started including those at some point
which is highly annoying, unnecessary and breaks the new transfix system,
since it'll mark all of the english strings as actual translations
- Avoid dots in entities. It confuses the Transifex YML parser
- Removed some locales unknown to Transifex which didn't have any translations anyway
- Removed "lolcat" locale, uses custom notation (en@lolcal)
which SilverStripe's i18n system can't handle
(needs mapping from SS naming to Zend naming)
- Renamed "Te Reo/Maori" locale from "mi_NZ" to "mi" (Transifex/CLDR notation)
- Namespaced all entities used in templates (deprecated usage)
- Converted dots to underscores where template filenames are used for namespaces,
since Transifex YML parsing handles them as separate YML keys otherwise
- Removed whitespace in entity names, SilverStripe i18n can't handle it
2013-08-04 12:28:07 +02:00
Simon Welsh
3a3e8f2faa
Adds LoginForm as an allowed action
...
Behaves as a form method defined on ContentController
2013-07-14 17:21:59 +12:00
Mike Parkhill
c7f14129ea
FIX #651 Broken redirection after creating new folder in assets
2013-06-13 14:58:09 +02:00
uniun
5c933b40e5
BUG SilverStripeNavigator shows wrong message.
...
The message was always 'Published Site'.
Also there were no 'active' class on links.
2013-03-18 15:57:20 +02:00
Ingo Schommer
0f8d7a0aa4
Removed CMSMain->CMSVersion(), using LeftAndMain instead
...
Implementation got more complex (see https://github.com/silverstripe/silverstripe-cms/pull/289 ),
including composer.lock file support. So trying to to duplicate too much.
2013-02-28 13:39:13 +01:00
Ingo Schommer
a0e965b7b4
Revert "FIX: updateCMSFields not accepting var by reference"
...
This reverts commit e56a78b160
2013-02-06 18:59:51 +01:00
Ingo Schommer
97fbfd3f12
FIX Respect escaping rules on readonly fields in CMS history view
...
Avoids showing unescaped HTML on fields which didn't allow it otherwise,
e.g. TextField. This also fixes problems with SiteTree->ExtraMeta
which got evaluated within the CMS. If this section contains any
JavaScript it gets executed and can disrupt CMS operation.
2013-02-04 17:16:15 +01:00
Michael Andrewartha
e56a78b160
FIX: updateCMSFields not accepting var by reference
...
updateCMSFields should be taking the fields var by reference.
@see https://github.com/silverstripe/sapphire/pull/1156
2013-02-04 12:55:29 +00:00
UndefinedOffset
119d8aa892
ENHANCEMENT: Do not display SilverStripeNavigator_CMSLink when in a LeftAndMain extension not just CMSMain extensions
2013-02-01 14:16:19 -04:00
Ingo Schommer
b25063b09c
Extracted ErrorPage default data to getter
...
Allows for less verbose overloading, while still keeping i18n capabilities
in place, which isn't possible with DataObject::$default_records
2013-01-30 13:07:11 +01:00
Ingo Schommer
416178b668
Reduced code duplication in ErrorPage (no functional changes)
2013-01-29 19:34:05 +01:00
Ingo Schommer
b15b98345f
Using new "Security.login_url" configuration value
2013-01-29 18:06:49 +01:00
unclecheese
cfc976bff8
MINOR: Grammar error
2013-01-17 14:31:35 -05:00
Ingo Schommer
cb96255e80
Removed direct sprintf() usage from _t() calls
...
Parameterized strings are easier to understand,
and more fail-proof, don't fatal out when not enough sprintf() args
2012-12-21 11:18:18 +01:00
Niklas Forsdahl
d42c0041d2
BUG: Fixed pagination functionality on root assets folder
...
Moving to another page in the GridField for the root assets folder in AssetAdmin
caused all files to be displayed. This was caused by the functionality that tries
to fix some edge cases for detail view kicked in and didn't filter the list properly.
Fixed by making the edge case detection a little more specific (i.e. checking if
a numeric ID was sent as a request variable).
2012-12-13 16:31:19 +02:00
Mateusz Uzdowski
c0751df54e
BUG Remove handwritten SQL and use the ORM.
...
The custom SQL does not take subsites into account and breaks the CMS
on certain pages - under some circumstances the custom count will return
1 or more, while the set will be in fact empty because of augmentation.
2012-12-05 10:27:12 +13:00
Tim Klein
59719a46cc
MINOR removed reference to non existent js
...
cms/javascript/SitetreeAccess.js is no longer with us :)
2012-11-19 16:15:57 +13:00
Ingo Schommer
65fe8e5ae3
Fixed line length
2012-11-19 01:18:01 +01:00
Kirk Mayo
d58b23d6fa
BUG AssetAdmin filter array indices ( fixes #8014 )
2012-11-19 00:51:12 +01:00
Simon Elvery
6a69a2f71a
BUGFIX Ensure required lang and css are loaded when using SiteTreeURLSegmentField
2012-11-08 12:53:43 +10:00
Sam Minnee
ef32310ef8
FIX: Allow 1024 chars for keywords, not a mere 255
2012-11-05 17:58:32 +13:00
Stig Lindqvist
fa348d6666
MINOR Code refactoring of CMSMain::SearchForm() extracted some methods.
2012-11-02 23:52:24 +01:00
Will Rossiter
b221f7ba7a
FIX Remove Metadata Label from RedirectorPage. ( Fixes #7959 )
2012-10-23 19:32:25 +13:00
Russell Michell
72543440cb
BUGFIX: Fixed SideReport for use with Postgres (using v8.4) which requires table/column-names to be quoted. MySQL seems OK with either/both
2012-10-19 16:04:32 +13:00
Sean Harvey
98197525c6
Remove use of backticks in BrokenLinksReport, always use ANSI quotes
2012-10-11 17:24:23 +13:00
Sam Minnée
de4f207534
Merge pull request #208 from halkyon/upload_assets_changes
...
Uploads go to "assets/assets" instead of root of assets
2012-10-10 13:24:06 -07:00
Ingo Schommer
a6d09988ed
Merge pull request #214 from silverstripe-droptables/ssexpress
...
Tweaks to CMS required for Translatable
2012-10-02 02:10:47 -07:00
Robert Curry
9cf5a6f47a
BUG: Remove the is_null check on augmentValidURLSegment
...
Object::extend already does a check for NULL before it adds the results
to the array of return values. This was required for Translatable as the
result from Translatable::augmentValidURLSegment was being ignored.
2012-10-02 11:29:10 +13:00
Roman
bde71c1b9c
Fixing permission issue with CMSSettingsController, where it won't show up for users with limited rights, even when they have the EDIT_SITECONFIG permission
2012-09-25 22:13:31 +02:00
Sean Harvey
345dbc8a4f
BUG Fixing broken links "admin/show", should be "admin/pages..."
2012-09-25 15:31:42 +12:00
Sean Harvey
118b28dea1
BUG setFolderName in CMSFileAddController should default to the root
...
setFolderName expects a folder name relative to the root. Specifying
ASSETS_DIR will create a duplicate folder called "assets", so the
file gets uploaded into "assets/assets". Specifying "/" means the
file will get uploaded into the root instead, which is correct.
2012-09-21 16:00:35 +12:00
Ingo Schommer
df44239060
Method visibility according to coding conventions
2012-09-20 10:41:50 +02:00
UndefinedOffset
a2d76c9305
BUG Remove page types from the "add new page here" menu if they appear in a hide_ancestor ( fixes #7712 )
2012-09-15 17:04:02 +12:00
Niklas Forsdahl
17db5baf19
BUG: Page type names not translated in pages overview search form
...
Fixed by using the singularname translation for the class as values in the page
types array used for the page types dropdown field.
2012-09-12 11:02:24 +02:00
Ingo Schommer
9b6ca79746
Fixed report title column localization
2012-09-12 11:02:24 +02:00
Ingo Schommer
9124d8ae1a
Fixed report title column localization
2012-09-11 12:49:27 +02:00
Damian Mooyman
02e95adb4c
BUG Consistently save SiteConfig, and refactor Translatable hooks
...
Squashed commit of the following:
commit a60eddfacc710d3047bd1d5107e5df0cc6dba93c
Merge: c847b55
2012-09-07 17:06:29 +02:00
Ingo Schommer
c847b55608
Merge pull request #195 from creamarketing/page-type-dropdown-translations
...
BUG: Page type names not translated in pages overview search form
2012-09-06 12:36:35 -07:00
Andrew O'Neil
f843dd56dc
BUGFIX: Fix site tree filter not showing parents of results more than a level deep in the hierachy
2012-09-05 14:35:48 +12:00
Niklas Forsdahl
2934423ebc
BUG: Page type names not translated in pages overview search form
...
Fixed by using the singularname translation for the class as values in the page
types array used for the page types dropdown field.
2012-09-04 09:00:04 +03:00
jean
53fdafb473
NEW 7839 Support for documents as a file type in Files and images
2012-09-04 11:26:09 +12:00
Hamish Friedlander
af2c890168
Merge pull request #190 from silverstripe-rebelalliance/open/5971
...
NEW Add warning if viewed SiteTree object class is obsolete
2012-09-02 14:12:23 -07:00
