tonyair/silverstripe-subsites
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-subsites synced 2024-10-22 11:05:55 +02:00
Code Issues Projects Releases Wiki Activity
589 Commits 30 Branches 84 Tags 5.2 MiB
20c6cbc851
Commit Graph

589 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Damian Mooyman
20c6cbc851 Merge pull request #178 from dnadesign/ImageTrackingFix 
redoing bugfix
 2016-02-04 17:05:29 +13:00
Damian Mooyman
18f248fadd Merge pull request #225 from mandrew/1.0 
Moved user docs into userguide folder to display on userhelp site
 2015-12-21 14:52:59 +13:00
Mike Andrewartha
257d71d946 moved user content into userhelp folder, removed user manual, added index file, updated readme links 2015-12-21 11:16:45 +13:00
Damian Mooyman
e9678221fc Merge pull request #209 from chillu/pulls/subsites-dropdown 
BUG Subsites selection on SubsitesVirtualPage (fixes #45 and #47)
 2015-11-13 18:52:23 +13:00
Ingo Schommer
cf534aad31 BUG Subsites selection on SubsitesVirtualPage (fixes #45 and #47) 2015-11-13 17:31:44 +13:00
Damian Mooyman
3bcaa48d67 Update translations 2015-08-20 12:47:37 +12:00
Sean Harvey
d701afcb61 Merge pull request #183 from tractorcow/pulls/1.0/update-test-permissions 
Fix subsites to use correct permissions
 2015-03-23 14:58:11 +13:00
Damian Mooyman
2595d655cb Fix subsites to use correct permissions 
See http://www.silverstripe.org/software/download/security-releases/ss-2015-008-sitetree-creation-permission-vulnerability
 2015-03-23 14:35:52 +13:00
Damian Mooyman
73e0202dec Merge pull request #180 from micmania1/fix-unnecessary-redirect 
FIX: Removed unnecessary redirect.
 2015-02-24 14:52:11 +13:00
micmania1
3ca2861c2d FIX: Removed unnecessary redirect. This is early enough in the script that the correct subsite will be used from hereon. 2015-02-17 01:13:56 +00:00
John Milmine
94edb694b7 redoing bugfix 7b11e979fa removed by cac77703 2015-02-12 08:14:49 +13:00
Damian Mooyman
ebebff248f Merge pull request #172 from dnadesign/redirect_fix_between_CMS_sections 
redirect_fix_between_CMS_sections
 2015-02-09 09:44:43 +13:00
John Milmine
91591a3752 redirect_fix_between_CMS_sections 
previously if you were editing settings and you changed subsites ti would revert you to /admin, now it stays within your current controller
 2014-11-24 15:32:05 +13:00
James Cocker
498d6e0619 Fixes #135: LeftAndMain switching between subsites 
When trying to switch to a different subsite from a page's editing view, it wouldn't switch. This was partly due to a $record always existing due to the homepage fallback on currentPageID : https://github.com/silverstripe/silverstripe-cms/blob/3.1/code/controllers/CMSMain.php#L816

So as currentPage() couldn't actually be used to test for the existance of a current page, I've added in a check for isset($this->owner->urlParams['ID']).

I've also moved the check for $_GET['SubsiteID’] which indicated a forced subsite switch (eg. via the dropdown switcher) above the check for a current page, as it should take precedence, and it wasn't being run when both conditions matched causing the subsite not to change.

Tested changing subsites from /admin/pages, from page edit view, from a page edit URL, and from other CMS sections such as Files and Security, and all seems to be working perfectly now.
 2014-11-24 15:25:53 +13:00
Damian Mooyman
bf747f98be Update translations 2014-11-19 12:09:52 +13:00
Sean Harvey
62f47628e3 Merge pull request #158 from tractorcow/pulls/0.5/compat 
Fix composer and travis to framework 3.1
 2014-08-27 09:23:21 +12:00
Damian Mooyman
71e3b9db2d Fix composer and travis to framework 3.1 2014-08-27 09:14:52 +12:00
Sean Harvey
4203a707bc Fixing travis for 3.1 builds 2014-08-27 09:06:16 +12:00
Sean Harvey
ffe6c34565 Merge pull request #156 from wecodenl/master 
Bugfix for urls with %27 in the url
 2014-08-23 11:57:43 +12:00
Juul Hobert
2e32eab6ae Bugfix for urls with %28 in the url 2014-08-22 13:21:18 +02:00
Damian Mooyman
25c0341715 Updated translations 2014-08-21 14:48:48 +12:00
Damian Mooyman
b19e86e402 Update translations 2014-08-21 14:16:12 +12:00
Sean Harvey
f27ba9094b Updating translations 2014-08-20 09:05:37 +12:00
Sean Harvey
e5ea8ebc35 Merge pull request #155 from shoaibali/master 
Removed hard coding of HTTP protocol
 2014-08-19 09:16:48 +12:00
Shoaib Ali
1f2cb4380d Removed hard coding of HTTP protocol 2014-08-18 21:03:52 +12:00
Damian Mooyman
a3b2be734f Merge pull request #154 from halkyon/irrelevant_permission_removal 
Removing unused permission SUBSITE_ASSETS_CREATE_SUBSITE
 2014-08-18 11:50:43 +12:00
Sean Harvey
1477155653 Removing unused permission SUBSITE_ASSETS_CREATE_SUBSITE 
This isn't used, according to the description it would limit the list
of subsites you can choose to apply a File/Folder to. However, this
dropdown is shown to the user based on whether they have access to
that subsite, so this unused permission code isn't needed.
 2014-08-18 11:31:03 +12:00
Mateusz Uzdowski
07257ddc79 Fix minor styling issue with a list. 2014-08-15 13:29:03 +12:00
Damian Mooyman
71b5842f79 Merge pull request #153 from silverstripe-rebelalliance/plat100 
NEW: Adding more user documentation with a FAQ
 2014-08-14 17:08:26 +12:00
Kirk Mayo
8fe6c045fa NEW: Adding more user documentation with a FAQ 2014-08-14 15:37:48 +12:00
Sean Harvey
ccf125a4d6 Merge pull request #151 from stojg/pull/prevent-xss-attacks 
Security: XSS can be injected in the group edit view
 2014-08-01 10:51:38 +12:00
Stig Lindqvist
bd5bd877fd Security: XSS can be injected in the group edit view 2014-08-01 10:48:44 +12:00
Damian Mooyman
f75c501e0d Merge pull request #150 from silverstripe-elliot/docs/setup 
PLAT-63 update documentation for disallowed page types
 2014-07-23 15:33:44 +12:00
Elliot Sawyer
1ac46b60b0 PLAT-63 update documentation for disallowed page types 2014-07-23 15:29:36 +12:00
Mateusz U
4b54951e9e Merge pull request #149 from silverstripe-elliot/SubDomain-XSS 
Sanitise domain name field
 2014-07-16 16:18:22 +12:00
Elliot Sawyer
205754854c Sanitise domain name field to prevent XSS attack on the CMS 
PWC identified an issue with the subsites module that would allow someone with authenticated access to attack other CMS users, such as "stealing the session ID and hijacking an authenticated user's session".
I can't imagine a case where HTML would ever be allowed in the subdomain of a website, so it's a good practice to strip it out anyway.

Steps to reproduce the original issue:
1. Enter a subsite name and mark as the default site.
2. Add a new domain named <script>alert(2)</script> and mark it as primary
3. Switch to the new subsite.
4. Make a new Page. This will execute a javascript alert containing "2".

MINOR update documentation for onBeforeWrite()
MINOR add @property attributes into docblock
 2014-07-16 15:43:05 +12:00
Damian Mooyman
72a457aebb Merge pull request #105 from mateusz/loadfragment-in-use 
Use the new loadFragment API.
 2014-07-10 11:48:41 +12:00
Mateusz Uzdowski
66d1e68b85 Use the new loadFragment API. 
Only to be merged after the
https://github.com/silverstripe/silverstripe-framework/pull/2352 is
available, and only after Subsites 1.0.0 has been released.
 2014-07-09 09:29:40 +12:00
Damian Mooyman
028aa11800 Merge pull request #144 from purplespider/patch-1 
Fixes #139: Broken URL Segment CMS Links
 2014-06-16 08:39:43 +12:00
James Cocker
38e4bc196d Fixes #139 - Broken URL Segment CMS Links 
Fixes issue #139 using normann's solution that seems to work perfectly with both long and short links.
 2014-06-04 13:12:28 +01:00
TeamCity
2a6c913cd8 Updated master strings 2014-05-22 23:05:04 +12:00
Damian Mooyman
0f78671293 Updated translation masters 2014-05-20 14:50:24 +12:00
Mateusz U
a651ee2bed Merge pull request #136 from mateusz/fix-link-rewrite 
BUG Fixes to link rewriting when previewing subsites.
 2014-04-02 13:51:12 +13:00
Mateusz Uzdowski
9cf7a1453f BUG Fixes to link rewriting when previewing subsites. 
* JS error with href-less links.
* All forms get injected hidden fields, even though the loop attempts to
check for only the ones that submit locally.
* Also check for action-less forms.

Requires
https://github.com/silverstripe/silverstripe-framework/pull/3000 to be
merged for the Framework.
https://github.com/silverstripe-labs/silverstripe-testsession/pull/11
 2014-04-02 13:39:01 +13:00
TeamCity
83d52806d7 Updated master strings 2014-02-10 23:07:00 +13:00
Mateusz Uzdowski
ae38074202 Add new lang strings, convert to JS. 2014-01-24 14:37:01 +13:00
Mateusz Uzdowski
3f7a760dbf Pull language strings from Transifex. 2014-01-23 10:51:05 +13:00
Mateusz Uzdowski
6d8f852cd4 Update language strings. 2014-01-22 16:41:45 +13:00
Mateusz U
ef30571e6f Merge pull request #133 from mateusz/docs-security 
Make sure the security implication of subsites is clear in docs.
 2014-01-21 15:34:00 -08:00
Mateusz Uzdowski
213356d6bc Make sure the security implication of subsites is clear in docs. 2014-01-22 12:27:53 +13:00