Commit Graph

1748 Commits

Author SHA1 Message Date
Serge Latyntcev
3bbad20442 [CVE-2020-9280] Task for shifting UserForm uploads into correct folders
A task helper for recovering UserForm uploads targeting incorrectly migrated folders (from Silverstripe CMS 3)
    If your project has not been migrated from Silverstripe CMS 3, you do not need this helper.
    Before running this task make sure you have repaired the migrated folders themselves.
    To do that you have to run the extra migration subtask (`migrate-folders`).

    This task is particularly looking at all UserForm file submissions and checks they are in the same
    folder where the particular version of its EditableFileField has been set up to upload it to.

    If it finds the file has been misplaced, it tries to move it to the correct folder, but only if
    the file has not had any manipulations since the uploading happened (the file Version=1).

    If an affected file has a draft, then only Live version will be moved, but the draft will be preserved as is.

    For more details see CVE-2020-9280
2020-04-14 15:58:23 +12:00
Garion Herman
c58565e6ce
Merge pull request #943 from creative-commoners/pulls/5.0/revert-default-value
Revert default value
2020-03-16 16:56:27 +13:00
Steve Boyd
1c73fd90ca Revert default value 2020-03-16 16:36:36 +13:00
Maxime Rainville
71a8cac9e5
BUG Remove bad default value for UserForm Content (#926)
* BUG Remove bad default value for UserForm Content

* BUG Update travis build to use Xenial
2020-03-09 15:35:58 +13:00
Ingo Schommer
f1ee7c8eab
Merge pull request #933 from creative-commoners/securing-the-docs
DOCS additional note to keeping uploaded files secure
2020-02-03 11:37:09 +13:00
Bryn Whyman
d1b3b1629e
DOCS fixing anchor syntax 2020-01-31 15:58:37 +13:00
brynwhyman
0106683d57 DOCS additional note to keeping uploaded files secure
Touching up the documentation for userforms to advise how uploaded files can be kept secure.

Related (but does not address) #927
2020-01-31 15:51:18 +13:00
Steve Boyd
52ca4c8de9 Merge branch '5.5' into 5 2020-01-29 12:20:36 +13:00
Steve Boyd
09b4f9c4a3
Merge pull request #931 from creative-commoners/pulls/5.5/jquery-update
Update jQuery to 3.4.1
2020-01-28 17:27:42 +13:00
Garion Herman
4e0f0e903d Update jQuery to 3.4.1 2020-01-24 10:06:59 +13:00
Steve Boyd
a47b25d0e1
Merge pull request #770 from JessChampion/feature/ConditionalRequiredFields
Feature/conditional required fields
2020-01-14 16:11:42 +13:00
Maxime Rainville
e2c05d5a55 Minor linting adjustment. 2020-01-14 12:28:04 +13:00
Maxime Rainville
39ee08cff9 Remove bool explicit type definition to please PHP 5.6 2020-01-13 12:25:47 +13:00
Maxime Rainville
d280c54860 Patch and reorganise some test 2020-01-13 12:15:34 +13:00
Maxime Rainville
8d0a5dd093 Add some missing comments 2020-01-13 12:14:11 +13:00
Maxime Rainville
793f437289 API Mark EditableFormField::EffectiveDisplayRules() for deprecation 2020-01-13 12:12:14 +13:00
Maxime Rainville
a0cedaeb38 Move conditionalFieldEnabled to EditableFormField as isDisplayed 2020-01-10 17:36:04 +13:00
Maxime Rainville
b53619477c Revert the return type for UserForm::getRequiredFields 2020-01-10 17:34:43 +13:00
Jess Champion
25bfc9eaf5 Required fields can have display rules. Hidden required fields are dynamically excluded from server and client side validation. 2020-01-10 10:41:59 +13:00
Aaron Carlino
5d2a2f03af
META: Add github action to build docs 2019-12-19 13:47:25 +13:00
Robbie Averill
557388b68e
Merge pull request #924 from silverstripe/dependabot/npm_and_yarn/npm-6.13.4
Bump npm from 6.13.0 to 6.13.4
2019-12-13 17:04:05 -08:00
dependabot[bot]
58fd29996d
Bump npm from 6.13.0 to 6.13.4
Bumps [npm](https://github.com/npm/cli) from 6.13.0 to 6.13.4.
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md)
- [Commits](https://github.com/npm/cli/compare/v6.13.0...v6.13.4)

Signed-off-by: dependabot[bot] <support@github.com>
2019-12-13 18:35:19 +00:00
Maxime Rainville
d43279f44d
Merge pull request #923 from open-sausages/pulls/docs-warning-submission-storage
DOCS Data protection and privacy note
2019-12-06 16:55:24 +13:00
Ingo Schommer
b4bd6e7968 DOCS Data protection and privacy note 2019-12-06 09:52:04 +13:00
Ingo Schommer
c195fb20e6 DOCS Removed outdated maintainer info
Will can still contribute, but I think it's inaccurate to call him the "maintainer" at the moment.
It's more of a fluid concept, don't think declaring maintainers is useful to anyone here
2019-12-06 09:41:59 +13:00
Garion Herman
0c4ca29cc4 Bump root version in Travis config 2019-11-15 17:31:21 +13:00
Garion Herman
e31378f822 Merge branch '5.5' into 5 2019-11-15 17:28:55 +13:00
Garion Herman
cc2526aac4 Update Composer / Travis configuration for Userforms 5.5 release 2019-11-15 17:22:21 +13:00
Andre Kiste
2d6687be25
Merge pull request #916 from open-sausages/pulls/5/upgrade-dependency
Upgrade dependencies
2019-11-12 11:41:36 +13:00
Maxime Rainville
b92143a776 Upgrade dependencies 2019-11-12 07:32:26 +13:00
Dylan Wagstaff
1b193b5ce4
Merge pull request #907 from ichaber/fix/906_validation_result
Fix missing ValidationResult class
2019-10-08 09:14:28 +13:00
Charlie Bergthaler
dfeb922818
FIX Add missing import statement for SilverStripe\ORM\ValidationResult in UserDefinedFormController and EditableFileField. 2019-10-07 21:56:22 +13:00
Dylan Wagstaff
a01692153c
Merge pull request #904 from Valandur/feature/fix-submittedform-cancreate
fix(submitted-form): canCreate not checking parent
2019-09-09 14:08:28 +12:00
Dylan Wagstaff
76c3576de6 Update travis yaml 'dist:' version 2019-09-09 14:00:51 +12:00
Marco (Valandur)
0348e5dd15 fix(submitted-form): Pass member to parent calls 2019-09-06 15:37:13 +02:00
Marco (Valandur)
696fa1d05e fix(submitted-form): canCreate not checking parent 2019-09-05 12:12:26 +02:00
Guy Marriott
75bec8ceb2
Enable better button functionality (#897)
Enable better button functionality

Co-authored-by: Bram de Leeuw <bram-de-leeuw@hotmail.com>
Co-authored-by: Bram de Leeuw <bram@xd.nl>
2019-07-16 14:09:54 +12:00
Bram de Leeuw
8703ace32a validate that a classname had been set 2019-07-15 11:15:30 +02:00
Bram de Leeuw
e80795b52d
Add a comment for clarity 2019-07-12 10:48:59 +02:00
Remy Vaartjes
d489271197 Disable add action in Submissions detail form 2019-07-08 14:49:00 +02:00
Remy Vaartjes
f682e74f44 Enable 4.4 better button functionality 2019-07-08 14:26:58 +02:00
Robbie Averill
1386f1b80f Merge branch '5.4' 2019-06-27 14:16:02 +12:00
Robbie Averill
0c59065d32 Merge branch '5.3' into 5.4 2019-06-27 14:13:52 +12:00
Robbie Averill
3c1197c0a6 Merge branch '5.2' into 5.3 2019-06-27 14:13:41 +12:00
Robbie Averill
551ef4fa56 Merge branch '5.1' into 5.2 2019-06-27 14:13:29 +12:00
Robbie Averill
4fb27d3138 Merge branch '5.0' into 5.1 2019-06-27 14:12:57 +12:00
Robbie Averill
0114ea4275 Remove SilverStripe 4.0-4.2 from Travis builds 2019-06-27 14:12:46 +12:00
Robbie Averill
25be471ea3
Merge pull request #895 from adrhumphreys/feature/onsubmitevent
Form submission now triggers an event
2019-06-13 09:38:07 +12:00
Adrian Humphreys
701460505e Form submission now triggers an event 2019-06-13 08:59:13 +12:00
Guy Marriott
d7c76ecf80
FIX Preview email link now handles cases where it's loaded in the browser, requested via AJAX and used in a trait or a page context (#887)
FIX Preview email link now handles cases where it's loaded in the browser, requested via AJAX and used in a trait or a page context
2019-05-27 20:01:56 +12:00