Commit Graph

76 Commits

Author SHA1 Message Date
Robbie Averill
c620ff02f4 FIX LeftAndMain references to owner class, replace Member::currentUser usage 2017-08-30 12:04:43 +12:00
Robbie Averill
e129cafa94 NEW Add SubsiteState and initialisation middleware, replace Subsite::currentSubsiteID use 2017-08-30 11:47:11 +12:00
Robbie Averill
8d8ee14cc2 FIX Run SS standard PHP linter, separate SiteTree test mock classes 2017-08-29 17:43:28 +12:00
Garion Herman
af6f499cac Add non-blank default to ThemeFieldEmptyString translation. 2017-08-28 22:05:01 +12:00
Garion Herman
9a289a2e17 Merge branch 'master' into fix-ss-4-master 2017-08-28 21:52:32 +12:00
Robbie Averill
a13bf10184 Merge remote-tracking branch 'origin/1' 2017-08-02 16:39:32 +12:00
Robbie Averill
03e52101bb Revert "SS4 namespaces compatibility"
This reverts commit e8f5f58bb0.
2017-08-02 15:51:37 +12:00
Robbie Averill
a4f647c9ed Merge remote-tracking branch 'origin/1.3' into 1 2017-08-02 14:49:52 +12:00
Garion Herman
5ec1c94410 Bring session / validation calls in line with SS4b1 API, replace icon. 2017-07-25 14:25:58 +12:00
Robbie Averill
8bc9728104 Merge pull request #287 from timkung/hotfix/default-subsite-query
Adjusting query used in getSubsiteIDForDomain
2017-07-19 18:22:16 +12:00
Tim Kung
24ebd1c9f9 adjusting query used in getSubsiteIDForDomain to prevent new DB fields being added to the SQL call if they are not yet added to the DB 2017-07-19 17:57:23 +12:00
Garion Herman
c2484365cf Fix misc. Subsite docblocks, remove DataObject::get_by_id call. 2017-06-04 14:34:38 +12:00
Garion Herman
49fbfcb459 Adapt to Permission::reset, DataObject::duplicate API changes. 2017-06-04 14:33:04 +12:00
Werner M. Krauß
25754e1158 fixing code analysis: updating phpdoc 2017-06-01 15:32:45 +02:00
Werner M. Krauß
17010f39a3 fixing code analysis: removing unneeded else statements 2017-06-01 15:32:44 +02:00
Werner M. Krauß
abe1ac9fe6 fixing code analysis: replacing deprecated methods 2017-06-01 15:32:38 +02:00
Werner M. Krauß
e7ad086641 fixing code analysis: safely use single quotes 2017-06-01 15:32:30 +02:00
Werner M. Krauß
76852594a8 fixing code analysis: public method and case mismatch 2017-06-01 15:31:30 +02:00
Werner M. Krauß
997459caf3 Get some more tests working
Updating config and i18n calls
2017-05-30 20:50:22 +02:00
Tim Kung
5d3af16aaf - namespacing all classes
- moving all phpunit tests into tests/php
- moving all extensions from _config.php into config.yml and removing obsolete _config.php
- moving GridFieldSubsiteDetailForm_ItemRequest into own file

(cherry picked from commit ee02828)
2017-05-30 15:13:40 +02:00
Werner M. Krauß
9862cf5ea6 merge ss4 fixes by cheddam 2017-05-29 13:42:42 +02:00
Werner M. Krauß
c5f507b3f9 reformat code and tests 2017-05-24 15:26:28 +02:00
Werner M. Krauß
a49189ef58 fix removed i18n::get_common_locales() 2017-05-24 15:09:13 +02:00
Werner M. Krauß
a7ef6472ee db query fixes 2017-05-24 14:55:03 +02:00
Werner M. Krauß
b71e544820 adding table names config 2017-05-24 14:31:56 +02:00
Werner M. Krauß
e33a5b4cae upgrader: upgrade code 2017-05-24 13:36:04 +02:00
Werner M. Krauß
2c84e627db upgrader: namespacing classes 2017-05-24 12:32:05 +02:00
Darren Inwood
0fc3490219 Update SQL to remove ambiguity 2017-05-22 12:29:03 +12:00
Danae Miller-Clendon
8705a46b98 Conditionally add Theme dropdown (if there are any themese available) for #261. Replace field instantiatiors in getCMSFields() with ::create() to support injection.
Add empty string / lang entry to Theme dropdown
2017-04-24 15:41:31 +12:00
Loz Calver
e8f5f58bb0 SS4 namespaces compatibility 2016-09-23 09:34:23 +01:00
Damian Mooyman
a98958fdf9
BUG Fix issue with urlsegment being renamed in subsites 2016-05-23 15:29:01 +12:00
Damian Mooyman
7ee8bdbf72 Merge pull request #176 from jason-zz/patch-1
Update SubsiteDomain.php
2016-02-04 17:26:56 +13:00
ctx2002
598d45aca6 Subsite module does not picks up themes
This PR fixed unable to create subsite problm.
 I was unable to create a subsite, because of no themes been shown in Theme dropdown menu.

How to test:

1> Use composer to install a fresh copy of Silverstripe 3.2
2> Use composer to install subsite module.
3> Try to create a subsite. 
4> No themes loaded into Theme dropdown menu.

5> Apply this PR.
6> fresh page / or dev/build,  now, themes loaded into The dropdown menu.
2016-01-25 15:36:20 +13:00
Damian Mooyman
ce90c2124b API Add option to specify http / https on subsite domains 2015-11-24 18:03:49 +13:00
Damian Mooyman
a0ede56c0e Reformat for psr-2 2015-11-23 16:53:45 +13:00
Will Rossiter
b979b38694 FIX: #138 allow subsite summary fields to be customized 2015-10-21 09:09:10 +13:00
Jason
d99785d773 Update SubsiteDomain.php
Add $default_sort.
2014-12-17 10:44:43 +11:00
Sean Harvey
1477155653 Removing unused permission SUBSITE_ASSETS_CREATE_SUBSITE
This isn't used, according to the description it would limit the list
of subsites you can choose to apply a File/Folder to. However, this
dropdown is shown to the user based on whether they have access to
that subsite, so this unused permission code isn't needed.
2014-08-18 11:31:03 +12:00
Elliot Sawyer
205754854c Sanitise domain name field to prevent XSS attack on the CMS
PWC identified an issue with the subsites module that would allow someone with authenticated access to attack other CMS users, such as "stealing the session ID and hijacking an authenticated user's session".
I can't imagine a case where HTML would ever be allowed in the subdomain of a website, so it's a good practice to strip it out anyway.

Steps to reproduce the original issue:
1. Enter a subsite name and mark as the default site.
2. Add a new domain named <script>alert(2)</script> and mark it as primary
3. Switch to the new subsite.
4. Make a new Page. This will execute a javascript alert containing "2".

MINOR update documentation for onBeforeWrite()
MINOR add @property attributes into docblock
2014-07-16 15:43:05 +12:00
Mateusz Uzdowski
9cf7a1453f BUG Fixes to link rewriting when previewing subsites.
* JS error with href-less links.
* All forms get injected hidden fields, even though the loop attempts to
check for only the ones that submit locally.
* Also check for action-less forms.

Requires
https://github.com/silverstripe/silverstripe-framework/pull/3000 to be
merged for the Framework.
https://github.com/silverstripe-labs/silverstripe-testsession/pull/11
2014-04-02 13:39:01 +13:00
Matt Peel
fb5d791444 BUGFIX: permissions to check the ‘CMS_ACCESS_LeftAndMain’ global permission.
‘CMS_ACCESS_LeftAndMain’ is used by the PermissionCheckboxSetField to allow
applicable Members to access all CMS sections. There are then further
permissions to restrict the Members (e.g. ‘CMS_ACCESS_LeftAndMain’ will give you
access to the ‘Pages’ section, but you still need the ‘Edit any page’ permission
to actually edit anything).

This patch ensures that the subsites module follows those permissions, and
doesn’t unnecessarily deny permission to legitimate users.
2014-01-10 09:31:44 +13:00
Mateusz Uzdowski
a771e2239b Do not change the session-stored subsite, if session is not enabled.
This causes issues with Security::findAnAdmistrator which incorrectly
forces the current session-stored subsite to 0 - it uses
Subsite::currentSubsiteID before the session support is enabled, and
hence obtains wrong value.
2013-11-26 13:12:17 +13:00
Mateusz U
c04208ed79 Merge pull request #121 from stojg/pr/cleanup
Minor cleanup of subsite code
2013-11-25 16:10:55 -08:00
Stig Lindqvist
ff7328ea94 Adding docblocks to SubsiteDomain 2013-11-15 09:50:21 +13:00
Stig Lindqvist
b7f1c66de7 Make SubsiteDomain#getCMSFields extendable 2013-11-15 09:50:15 +13:00
Stig Lindqvist
859bde1257 Reorder methods and variables to follow the SS coding conventions
The coding conventions is mentioned here http://doc.silverstripe.org/framework/en/trunk/misc/coding-conventions#class-member-ordering
2013-11-11 12:09:27 +13:00
Stig Lindqvist
7bb36eae7b Adding docblocks and visibility keywords to methods 2013-11-11 11:56:02 +13:00
Stig Lindqvist
dc7a0560fb Removed Subsite::set_allowed_domains()
Removed documentation and code since the method has been throwing user error since 2010-03-01
2013-11-11 11:56:02 +13:00
Stig Lindqvist
cc0349026e Removed unused variable 2013-11-11 11:34:52 +13:00
Ingo Schommer
5ff3b691d7 More globalisation 2013-10-30 13:44:06 +01:00