Commit Graph

1532 Commits

Author SHA1 Message Date
Maxime Rainville
d459c51ada [CVE-2020-9309] Require MimeUploadValidator on userformis' File Upload field 2020-07-13 14:55:45 +12:00
Maxime Rainville
c0c46981de Update translations 2020-06-16 13:50:26 +12:00
Steve Boyd
03b32659ca
Update for 5.6 (#978) 2020-06-16 05:23:02 +12:00
Andre Kiste
88c6433f07
Merge pull request #976 from creative-commoners/pulls/5/fix-for-elemental-block
BUG Fix confirm upload form modal on Elemental block
2020-06-14 14:03:20 +12:00
Maxime Rainville
25978d3c58 Clean up tests 2020-06-12 00:55:12 +12:00
Maxime Rainville
df120133ab Move confirm folder logic to a dedicated controller 2020-06-11 19:53:46 +12:00
Maxime Rainville
dc5ce0000a BUG Fix confirm upload form modal on Elemental block 2020-06-11 15:17:13 +12:00
Andre Kiste
3b40be3b8f
NEW Add folder confirmation modal when adding a new EditableFileField to a userform. (#972) 2020-06-10 16:59:01 +12:00
Garion Herman
14ce51e517
NEW Improve Unrestricted Folder warning, bump core requirement to ^4.6 (#965) 2020-06-09 21:01:09 +12:00
Steve Boyd
447be1049e
Merge pull request #964 from creative-commoners/pulls/5/file-manager-icons
NEW DB column showing if file is userform upload
2020-05-28 14:46:11 +12:00
Steve Boyd
ed53709631 NEW DB column showing if file is userform upload
- UserFormUpload used by File::isTrackedFormUpload()
2020-05-28 13:14:34 +12:00
Steve Boyd
e54a825ea3 Merge branch '5.5' into 5 2020-05-27 13:41:51 +12:00
Steve Boyd
c3d990f70f
FIX Create image thumbnails for asset-admin for images uploaded through userforms (#969) 2020-05-27 12:26:14 +12:00
Maxime Rainville
f27045ba93
DOC Recommend installation of spamprotection (#966)
DOC Recommend installation of spamprotection
2020-05-27 08:55:37 +12:00
Maxime Rainville
09ea65edc7 Merge branch '5.5' into 5 2020-05-26 15:13:09 +12:00
Maxime Rainville
319fa4734c Merge branch '5.4' into 5.5 2020-05-26 15:11:46 +12:00
Maxime Rainville
133e897ad3 Merge branch '5.4' into 5 2020-05-26 15:06:14 +12:00
Maxime Rainville
1bbdb86c9a Merge branch '5.3' into 5.4 2020-05-26 15:04:51 +12:00
Maxime Rainville
8307b8bee9 Merge branch '5.2' into 5.3 2020-05-26 15:04:08 +12:00
Maxime Rainville
826025c68d Merge branch '5.1' into 5.2 2020-05-26 15:03:44 +12:00
Maxime Rainville
24c24ad7b8 Merge branch '5.0' into 5.1 2020-05-26 15:02:57 +12:00
Robbie Averill
26004d464a
Merge pull request #961 from dhensby/pulls/5.5/lint-fix
Linting fixes
2020-05-11 12:44:31 -07:00
Dan Hensby
e86cc8d872
Add lint and lint-clean scripts to composer 2020-05-05 16:33:28 +01:00
Dan Hensby
ede2d93363
Linting fixes 2020-05-05 16:30:57 +01:00
Dan Hensby
5a1da4c2c1
Merge pull request #958 from silverstripe-terraformers/bugfix/empty-anchor 2020-05-05 16:29:08 +01:00
Robbie Averill
45489fa312
Merge pull request #953 from silverstripe/dependabot/npm_and_yarn/jquery-3.5.0
Bump jquery from 3.4.1 to 3.5.0
2020-05-04 16:56:29 -07:00
Robbie Averill
208213372a
Merge pull request #955 from lerni/patch-1
update docs
2020-05-04 16:51:21 -07:00
Robbie Averill
dd95e23404
Merge pull request #957 from chrometoasters/pulls/fix-aria-describedby-missing-space
FIX Add missing space before aria-describedby attribute
2020-05-04 16:50:57 -07:00
Mojmir Fendek
6276e990c1 BUG: Better anchor fallback 2020-05-05 10:18:25 +12:00
Michal Kleiner
5d739c4db4
FIX Add missing space before aria-describedby attribute 2020-05-04 18:13:41 +12:00
Lukas
7adc42f6b8
update docs
fe5d183e69 missed one instance
2020-05-03 14:12:36 +02:00
dependabot[bot]
9543480ce8
Bump jquery from 3.4.1 to 3.5.0
Bumps [jquery](https://github.com/jquery/jquery) from 3.4.1 to 3.5.0.
- [Release notes](https://github.com/jquery/jquery/releases)
- [Commits](https://github.com/jquery/jquery/compare/3.4.1...3.5.0)

Signed-off-by: dependabot[bot] <support@github.com>
2020-04-30 01:47:25 +00:00
Serge Latyntcev
3349599a89 Merge tag '5.4.2' into 5.4
Release 5.4.2
2020-04-15 12:37:43 +12:00
Serge Latyntcev
23de5a85c2 [CVE-2020-9280] Task for shifting UserForm uploads into correct folders
A task helper for recovering UserForm uploads targeting incorrectly migrated folders (from Silverstripe CMS 3)
    If your project has not been migrated from Silverstripe CMS 3, you do not need this helper.
    Before running this task make sure you have repaired the migrated folders themselves.
    To do that you have to run the extra migration subtask (`migrate-folders`).

    This task is particularly looking at all UserForm file submissions and checks they are in the same
    folder where the particular version of its EditableFileField has been set up to upload it to.

    If it finds the file has been misplaced, it tries to move it to the correct folder, but only if
    the file has not had any manipulations since the uploading happened (the file Version=1).

    If an affected file has a draft, then only Live version will be moved, but the draft will be preserved as is.

    For more details see CVE-2020-9280
2020-04-15 12:19:23 +12:00
Serge Latyntcev
3bbad20442 [CVE-2020-9280] Task for shifting UserForm uploads into correct folders
A task helper for recovering UserForm uploads targeting incorrectly migrated folders (from Silverstripe CMS 3)
    If your project has not been migrated from Silverstripe CMS 3, you do not need this helper.
    Before running this task make sure you have repaired the migrated folders themselves.
    To do that you have to run the extra migration subtask (`migrate-folders`).

    This task is particularly looking at all UserForm file submissions and checks they are in the same
    folder where the particular version of its EditableFileField has been set up to upload it to.

    If it finds the file has been misplaced, it tries to move it to the correct folder, but only if
    the file has not had any manipulations since the uploading happened (the file Version=1).

    If an affected file has a draft, then only Live version will be moved, but the draft will be preserved as is.

    For more details see CVE-2020-9280
2020-04-14 15:58:23 +12:00
Garion Herman
c58565e6ce
Merge pull request #943 from creative-commoners/pulls/5.0/revert-default-value
Revert default value
2020-03-16 16:56:27 +13:00
Steve Boyd
1c73fd90ca Revert default value 2020-03-16 16:36:36 +13:00
Maxime Rainville
71a8cac9e5
BUG Remove bad default value for UserForm Content (#926)
* BUG Remove bad default value for UserForm Content

* BUG Update travis build to use Xenial
2020-03-09 15:35:58 +13:00
Ingo Schommer
f1ee7c8eab
Merge pull request #933 from creative-commoners/securing-the-docs
DOCS additional note to keeping uploaded files secure
2020-02-03 11:37:09 +13:00
Bryn Whyman
d1b3b1629e
DOCS fixing anchor syntax 2020-01-31 15:58:37 +13:00
brynwhyman
0106683d57 DOCS additional note to keeping uploaded files secure
Touching up the documentation for userforms to advise how uploaded files can be kept secure.

Related (but does not address) #927
2020-01-31 15:51:18 +13:00
Steve Boyd
52ca4c8de9 Merge branch '5.5' into 5 2020-01-29 12:20:36 +13:00
Steve Boyd
09b4f9c4a3
Merge pull request #931 from creative-commoners/pulls/5.5/jquery-update
Update jQuery to 3.4.1
2020-01-28 17:27:42 +13:00
Garion Herman
4e0f0e903d Update jQuery to 3.4.1 2020-01-24 10:06:59 +13:00
Steve Boyd
a47b25d0e1
Merge pull request #770 from JessChampion/feature/ConditionalRequiredFields
Feature/conditional required fields
2020-01-14 16:11:42 +13:00
Maxime Rainville
e2c05d5a55 Minor linting adjustment. 2020-01-14 12:28:04 +13:00
Maxime Rainville
39ee08cff9 Remove bool explicit type definition to please PHP 5.6 2020-01-13 12:25:47 +13:00
Maxime Rainville
d280c54860 Patch and reorganise some test 2020-01-13 12:15:34 +13:00
Maxime Rainville
8d0a5dd093 Add some missing comments 2020-01-13 12:14:11 +13:00
Maxime Rainville
793f437289 API Mark EditableFormField::EffectiveDisplayRules() for deprecation 2020-01-13 12:12:14 +13:00