Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Feb 2, 2011
  1. @halkyon @sminnee

    BUGFIX #6291 Remove rollback action from CMSMain allowed_actions and …

    halkyon authored sminnee committed
    …rely on form action_rollback instead which is safer (from r115440)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@115919 467b73ca-7a2a-4603-9d3b-597d59a354a9
  2. @chillu @sminnee

    BUGFIX Checking for existence of FormAction in Form->httpSubmission()…

    chillu authored sminnee committed
    … to avoid bypassing $allowed_actions definitions in controllers containing this form
    
    BUGFIX Checking for $allowed_actions in Form class, through Form->httpSubmission() (from r115182)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@115191 467b73ca-7a2a-4603-9d3b-597d59a354a9
  3. @chillu @sminnee

    BUGFIX Disallow web access to sapphire/silverstripe_version to avoid …

    chillu authored sminnee committed
    …information leakage (from r114773)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@114776 467b73ca-7a2a-4603-9d3b-597d59a354a9
  4. @chillu @sminnee

    BUGFIX Avoid potential referer leaking in Security->changepassword() …

    chillu authored sminnee committed
    …form by storing Member->AutoLoginHash in session instead of 'h' GET parameter (from r114758)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@114763 467b73ca-7a2a-4603-9d3b-597d59a354a9
  5. @chillu @sminnee

    BUGFIX: Fixed CSRF warning in image form after selecting a folder. (f…

    chillu authored sminnee committed
    …rom r80237)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@114741 467b73ca-7a2a-4603-9d3b-597d59a354a9
  6. @chillu @sminnee

    BUGFIX Escaping $locale values in Translatable->augmentSQL() in addit…

    chillu authored sminnee committed
    …ion to the i18n::validate_locale() input validation (from r114515) (from r114516)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@114517 467b73ca-7a2a-4603-9d3b-597d59a354a9
  7. @chillu @sminnee

    BUGFIX Limiting usage of mcrypt_create_iv() in RandomGenerator->gener…

    chillu authored sminnee committed
    …ateEntropy() to *nix platforms to avoid fatal errors (specically in IIS) (from r114510) (from r114512)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@114513 467b73ca-7a2a-4603-9d3b-597d59a354a9
  8. @chillu @sminnee

    BUGFIX Using RandomGenerator class in Member->logIn(), Member->autoLo…

    chillu authored sminnee committed
    …gin() and Member->generateAutologinHash() for better randomization of tokens. Increased VARCHAR length of 'RememberLoginToken' and 'AutoLoginHash' fields to 1024 characters to support longer token strings. (from r114504) (from r114507)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@114509 467b73ca-7a2a-4603-9d3b-597d59a354a9
  9. @chillu @sminnee

    BUGFIX Using RandomGenerator class in SecurityToken->generate() for m…

    chillu authored sminnee committed
    …ore random tokens (from r114500)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@114502 467b73ca-7a2a-4603-9d3b-597d59a354a9
  10. @chillu @sminnee

    ENHANCEMENT Added RandomGenerator for more secure CRSF tokens etc. (f…

    chillu authored sminnee committed
    …rom r114497) (from r114499)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@114501 467b73ca-7a2a-4603-9d3b-597d59a354a9
  11. @fb3rasp @sminnee

    BUGFIX Removing quotes from test data in RestfulServiceTest, it gives…

    fb3rasp authored sminnee committed
    … different results depending on magic_quotes_gpc setting on PHP configuration (merged from r80132).
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@114266 467b73ca-7a2a-4603-9d3b-597d59a354a9
  12. @chillu @sminnee

    API CHANGE Using Controller::join_links() to construct links in Compl…

    chillu authored sminnee committed
    …exTableField and TableListField (partially merged from r88495, r96775)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113321 467b73ca-7a2a-4603-9d3b-597d59a354a9
  13. @chillu @sminnee

    BUGFIX: Fixed Controller::join_links() handling of fragment identifie…

    chillu authored sminnee committed
    …rs (merged from r104580)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113319 467b73ca-7a2a-4603-9d3b-597d59a354a9
  14. @chillu @sminnee

    MINOR Using SecurityToken in ViewableData->getSecurityID() (from r113…

    chillu authored sminnee committed
    …274)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113312 467b73ca-7a2a-4603-9d3b-597d59a354a9
  15. @chillu @sminnee

    ENHANCEMENT Added Form->enableSecurityToken() as a counterpart to the…

    chillu authored sminnee committed
    … existing disableSecurityToken() (from r113284)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113305 467b73ca-7a2a-4603-9d3b-597d59a354a9
  16. @chillu @sminnee

    MINOR Reverted commented out code (regression from r113293)

    chillu authored sminnee committed
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113303 467b73ca-7a2a-4603-9d3b-597d59a354a9
  17. @chillu @sminnee

    BUGFIX Clear static marking caches on Hierarchy->flushCache() (from r…

    chillu authored sminnee committed
    …113277)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113302 467b73ca-7a2a-4603-9d3b-597d59a354a9
  18. @chillu @sminnee

    BUGFIX Fixed ComplexTableField and TableListField GET actions against…

    chillu authored sminnee committed
    … CSRF attacks (with Form_SecurityToken->checkRequest()) (from r113276)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113301 467b73ca-7a2a-4603-9d3b-597d59a354a9
  19. @chillu @sminnee

    MINOR Fixed HTTPRequest class usage (regression from r113293)

    chillu authored sminnee committed
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113298 467b73ca-7a2a-4603-9d3b-597d59a354a9
  20. @chillu @sminnee

    API CHANGE Added security token to TableListField->Link() in order to…

    chillu authored sminnee committed
    … include it in all URL actions automatically. This ensures that field actions bypassing Form->httpSubmission() still get CSRF protection (from r113275)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113297 467b73ca-7a2a-4603-9d3b-597d59a354a9
  21. @chillu @sminnee

    BUGFIX Using current controller for MemberTableField constructor in G…

    chillu authored sminnee committed
    …roup->getCMSFields() instead of passing in a wrong instance (Group) (from r113273)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113294 467b73ca-7a2a-4603-9d3b-597d59a354a9
  22. @chillu @sminnee

    ENHANCEMENT Added SecurityToken to wrap CSRF protection via "Security…

    chillu authored sminnee committed
    …ID" request parameter (from r113272)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113293 467b73ca-7a2a-4603-9d3b-597d59a354a9
  23. @chillu @sminnee

    BUGFIX Add PHPUnit includes to SapphireTest class (can be loaded outs…

    chillu authored sminnee committed
    …ide of TestRunner for static calls, in which case the PHPUnit autoloaders/includes aren't in place yet) (merged from r113156)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@113158 467b73ca-7a2a-4603-9d3b-597d59a354a9
  24. @chillu @sminnee

    BUGFIX Using mock controller in RestfulServiceTest to avoid problems …

    chillu authored sminnee committed
    …with missing require() calls for PHPUnit/Framework.php (performed in recently merged PHPUnitWrapper::init() which is never called for "nested" true HTTP calls within unit tests). Mostly merged from branches/2.4.
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@111837 467b73ca-7a2a-4603-9d3b-597d59a354a9
  25. @chillu @sminnee

    BUGFIX Renamed PHPUnit wrappers not to use underscores in classnames,…

    chillu authored sminnee committed
    … as this confuses ManifestBuilder prior to the 2.4 release
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@111836 467b73ca-7a2a-4603-9d3b-597d59a354a9
  26. @chillu @sminnee

    MINOR: added phpdoc to the new PHPUnitWrapper classes.

    chillu authored sminnee committed
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@111835 467b73ca-7a2a-4603-9d3b-597d59a354a9
  27. @chillu @sminnee

    ENHANCEMENT: refactored runTests, using the new phpunit wrapper classes.

    chillu authored sminnee committed
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@111834 467b73ca-7a2a-4603-9d3b-597d59a354a9
  28. @chillu @sminnee

    API-CHANGE: remove include which is not required.

    chillu authored sminnee committed
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@111833 467b73ca-7a2a-4603-9d3b-597d59a354a9
  29. @chillu @sminnee

    ENHANCEMENT: Created a phpunit wrapper class to ensure that Sapphire'…

    chillu authored sminnee committed
    …s test framework is capable of running unit tests, coverage report and retrieve clover-statistics for PHPUnit 3.4 and PHPUnit 3.5
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@111832 467b73ca-7a2a-4603-9d3b-597d59a354a9
  30. @chillu @sminnee

    ENHACENEMENT: Change behaviour of the MenufestBuilder to use spl_auto…

    chillu authored sminnee committed
    …load_register instead of traditional __autoload.
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@111831 467b73ca-7a2a-4603-9d3b-597d59a354a9
  31. @chillu @sminnee

    API CHANGE Don't reflect changes in File and Folder property setters …

    chillu authored sminnee committed
    …on filesystem before write() is called, to ensure that validate() applies in all cases. This fixes a problem where File->setName() would circumvent restrictions in File::$allowed_extensions (fixes #5693)
    
    API CHANGE Removed File->resetFilename(), use File->updateFilesystem() to update the filesystem, and File->getRelativePath() to just update the "Filename" property without any filesystem changes (emulating the old $renamePhysicalFile method argument in resetFilename())
    API CHANGE Removed File->autosetFilename(), please set the "Filename" property via File->getRelativePath()
    MINOR Added unit tests to FileTest and FolderTest (some of them copied from FileTest, to test Folder behaviour separately)
    ENHANCEMENT Added File::$allowed_extensions (backport from 2.4 to enable File->validate() security fix)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@108062 467b73ca-7a2a-4603-9d3b-597d59a354a9
  32. @chillu @sminnee

    BUGFIX: Don't allow direct access to PHP files in sapphire module, ex…

    chillu authored sminnee committed
    …cept for main.php and static-main.php (from r108023)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@108043 467b73ca-7a2a-4603-9d3b-597d59a354a9
  33. @chillu @sminnee

    MINOR Added querystring option to Makefile (from r103884)

    chillu authored sminnee committed
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@103897 467b73ca-7a2a-4603-9d3b-597d59a354a9
  34. @chillu @sminnee

    ENHANCEMENT Allowing TestRunner? to skip certain tests through the ?S…

    chillu authored sminnee committed
    …kipTests?=... GET paramete (merged from branches/2.3-nzct) (from r80646)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@103684 467b73ca-7a2a-4603-9d3b-597d59a354a9
  35. @chillu @sminnee

    MINOR: Fixed FileTest execution if the assets/ directory doesn't exis…

    chillu authored sminnee committed
    …t. (from r88353) (from r98086)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@103521 467b73ca-7a2a-4603-9d3b-597d59a354a9
Something went wrong with that request. Please try again.