Permalink
Commits on Feb 2, 2011
  1. BUGFIX Checking for existence of FormAction in Form->httpSubmission()…

    … to avoid bypassing $allowed_actions definitions in controllers containing this form
    
    BUGFIX Checking for $allowed_actions in Form class, through Form->httpSubmission() (from r115182)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@115188 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 20, 2010
  2. BUGFIX #6219 Director::direct() validation fails for doubly nested fi…

    …le fields (thanks ajshort!) (from r114921)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114922 467b73ca-7a2a-4603-9d3b-597d59a354a9
    halkyon committed with sminnee Dec 14, 2010
  3. MINOR Ensure php5-required.html template shows correct minimum and re…

    …commended PHP versions (thanks mattcleg!) (from r114915)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114916 467b73ca-7a2a-4603-9d3b-597d59a354a9
    halkyon committed with sminnee Dec 13, 2010
  4. ENHANCEMENT Allow setting secure session cookies when using SSL. Rece…

    …nt change r114567 made this impossible. (thanks simon_w!) (from r114900)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114901 467b73ca-7a2a-4603-9d3b-597d59a354a9
    halkyon committed with sminnee Dec 13, 2010
  5. BUGFIX Removed switch in MySQLDatabase->query() to directly echo quer…

    …ies with 'showqueries' parameter when request is called via ajax (from r114782)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114783 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 9, 2010
  6. BUGFIX Disallow web access to sapphire/silverstripe_version to avoid …

    …information leakage (from r114773)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114774 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 9, 2010
  7. BUGFIX Avoid potential referer leaking in Security->changepassword() …

    …form by storing Member->AutoLoginHash in session instead of 'h' GET parameter (from r114758)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114760 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 9, 2010
  8. MINOR Setting Content-Type to text/plain in various error responses f…

    …or RestfulServer (from r114750)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114751 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 9, 2010
  9. MINOR Reverting Member "AutoLoginHash", "RememberLoginToken" and "Sal…

    …t" to their original VARCHAR length to avoid problems with invalidated hashes due to shorter field length (from r114748)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114749 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 9, 2010
  10. MINOR Partially reverted r114744

    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114745 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 9, 2010
  11. MINOR Reduced VARCHAR length from 1024 to 40 bytes, which fits the sh…

    …a1 hashes created by RandomGenerator. 1024 bytes caused problems with index lengths on MySQL (from r114743)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114744 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 9, 2010
  12. MINOR Code formatting change in ConfirmedPasswordField::__construct()

    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114720 467b73ca-7a2a-4603-9d3b-597d59a354a9
    halkyon committed with sminnee Dec 8, 2010
  13. BUGFIX Fallback text for "Password" in ConfirmedPasswordField when no…

    … translation found
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114719 467b73ca-7a2a-4603-9d3b-597d59a354a9
    halkyon committed with sminnee Dec 8, 2010
  14. BUGFIX Populates the page with fake data in order to pass subsequent …

    …unit tests
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114683 467b73ca-7a2a-4603-9d3b-597d59a354a9
    Jean-Fabien Barrios committed with sminnee Dec 8, 2010
  15. BUGFIX Test if form is the right class (if a class decorates the cont…

    …ent controller, this test would break ie sphinx)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114654 467b73ca-7a2a-4603-9d3b-597d59a354a9
    Jean-Fabien Barrios committed with sminnee Dec 7, 2010
  16. ENHANCEMENT 'bypassStaticCache' cookie set in Versioned is limited to…

    … httpOnly flag (no access by JS) to improve clientside security (from r114568)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114572 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 6, 2010
  17. ENHANCEMENT Session::start() forces PHPSESSID cookies to be httpOnly …

    …(no access by JS) to improve clientside security (from r114567)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114571 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 6, 2010
  18. BUGFIX Escaping $locale values in Translatable->augmentSQL() in addit…

    …ion to the i18n::validate_locale() input validation (from r114515)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114516 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 5, 2010
  19. BUGFIX Limiting usage of mcrypt_create_iv() in RandomGenerator->gener…

    …ateEntropy() to *nix platforms to avoid fatal errors (specically in IIS) (from r114510)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114512 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 5, 2010
  20. BUGFIX Using RandomGenerator class in Member->logIn(), Member->autoLo…

    …gin() and Member->generateAutologinHash() for better randomization of tokens. Increased VARCHAR length of 'RememberLoginToken' and 'AutoLoginHash' fields to 1024 characters to support longer token strings. (from r114504)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114507 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 5, 2010
  21. BUGFIX Using RandomGenerator class in PasswordEncryptor->salt() (from…

    … r114503)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114506 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 5, 2010
  22. BUGFIX Using RandomGenerator class in SecurityToken->generate() for m…

    …ore random tokens
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114500 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 5, 2010
  23. ENHANCEMENT Added RandomGenerator for more secure CRSF tokens etc. (f…

    …rom r114497)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114499 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 5, 2010
  24. API CHANGE Using i18n::validate_locale() in various Translatable meth…

    …ods to ensure the locale exists (as defined through i18n::$allowed_locales) (from r114470)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114474 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 3, 2010
  25. BUGFIX Check for valid locale in i18n::set_locale()/set_default_local…

    …e()/include_locale_file()/include_by_locale() (as defined in i18n::$allowed_locales). Implicitly sanitizes the data for usage in controllers. (from r114469)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114473 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 3, 2010
  26. FIX: Revert last commit

    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114464 467b73ca-7a2a-4603-9d3b-597d59a354a9
    clarkepaul committed with sminnee Dec 2, 2010
  27. FIX: Revert last commit

    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114463 467b73ca-7a2a-4603-9d3b-597d59a354a9
    clarkepaul committed with sminnee Dec 2, 2010
  28. MINOR: Added exception handling if ClassName is null in search results

    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114454 467b73ca-7a2a-4603-9d3b-597d59a354a9
    clarkepaul committed with sminnee Dec 2, 2010
  29. BUGFIX Don't allow HTML formatting in RequestHandler->httpError() by …

    …sending "Content-Type: text/plain" response headers. (from r114444)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114445 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Dec 2, 2010
  30. MINOR Checking for class_exists() before SapphireTest::is_running_tes…

    …ts() to avoid including the whole testing framework, and triggering PHPUnit to run a performance-intensive directory traversal for coverage file blacklists (from r114332)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114334 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Nov 30, 2010
  31. BUGFIX Including template /lang folders in i18n::include_by_locale() …

    …(implementation started in r113919)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114208 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Nov 26, 2010
  32. ENHANCEMENT Added SS_HTTPResponse->setStatusDescription() as equivale…

    …nt to setStatusCode(). Added documentation.
    
    BUGFIX Strip newlines and carriage returns from SS_HTTPResponse->getStatusDescription() (fixes #6222, thanks mattclegg) (from r114082)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114083 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Nov 23, 2010
  33. BUGFIX Removed double quoting of $where parameter in Translatable::ge…

    …t_existing_content_languages() (fixes #6203, thanks cloph) (from r114080)
    
    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114081 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Nov 23, 2010
  34. MINOR Reverted r108515

    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114079 467b73ca-7a2a-4603-9d3b-597d59a354a9
    halkyon committed with sminnee Nov 23, 2010
  35. MINOR Documentation for Aggregate caching (from r114077)

    git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114078 467b73ca-7a2a-4603-9d3b-597d59a354a9
    chillu committed with sminnee Nov 23, 2010