Skip to content

Loading…

Misc minor fixes #1078

Closed
wants to merge 17 commits into from

7 participants

@sminnee
SilverStripe Ltd. member

In this PR are a number of improvements that I made; I grouped them because I don't think any of them should be too controversial, rather than because they were topically linked.

@wilr wilr commented on an outdated diff
forms/Form.php
@@ -250,7 +250,7 @@ public function httpSubmission($request) {
// Protection against CSRF attacks
$token = $this->getSecurityToken();
if(!$token->checkRequest($request)) {
- $this->httpError(400, "Sorry, your session has timed out.");
+ $this->httpError(400, "There seems to have been a technical problem. Please click the back button, refresh your browser (or press the F5 key) and try again.");
@wilr SilverStripe Ltd. member
wilr added a note

Would be good to have this configurable.

It also shouldn't mention F5. Some browsers don't support it and some keyboards use it as a meta key.

@drzax
drzax added a note

It should also probably use _t()?

@sminnee SilverStripe Ltd. member
sminnee added a note

I'll put it in _t() and assume that's configurable enough.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@wilr wilr commented on an outdated diff
dev/TestSession.php
@@ -137,6 +141,10 @@ public function lastResponse() {
return $this->lastResponse;
}
+ function lastUrl() {
@wilr SilverStripe Ltd. member
wilr added a note

Do we have a php code sniffer test to look for function visibility yet?

@sminnee SilverStripe Ltd. member
sminnee added a note

No, but I'll fix it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@simonwelsh simonwelsh commented on an outdated diff
email/Email.php
@@ -427,9 +433,14 @@ public function sendPlain($messageID = null) {
}
}
+ if(self::$send_all_emails_from) {
+ if($from) $subject .= " [from $from]";
+ $from = self::$send_all_emails_from;
+ }

Should use the Config API.

@sminnee SilverStripe Ltd. member
sminnee added a note

Good call.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@simonwelsh simonwelsh commented on an outdated diff
model/fieldtypes/HTMLText.php
@@ -137,7 +137,7 @@ public function forTemplate() {
}
public function exists() {
- return parent::exists() && $this->value != '<p></p>';
+ return parent::exists() && (!preg_match('/^(<[^>]+>[\\s]*){1,2}$/', $this->value) || preg_match('/^[\\s]*<img[^>]*>[\\s]*$/i', $this->value));

This will cause two img tags to say they don't exist, as well as things like a single iframe/embed tag to not exist.

@sminnee SilverStripe Ltd. member
sminnee added a note

Hrm, okay. I'll get a better test suite in place.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
mateusz and others added some commits
@mateusz mateusz BUGFIX: for date manipulation use the SS_Datetime::now, otherwise it …
…does not respect the mock date.
899e10c
@sminnee sminnee NEW: Allow configuration of send_all_emails_to, ccs_all_emails_to, an…
…d bcc_all_emails_to via the config system.
b9ec873
@sminnee sminnee NEW: Added Email::send_all_emails_from() setting. b38beea
@sminnee sminnee API CHANGE: Added Security::set_login_url() so that you can define an…
… alternative log-in page if you have made one yourself.
39fc751
@cbarberis cbarberis FIX: Fixed operation of inlined images in Mailer, when no inlined ima…
…ges actually attached.
dddcc43
@sminnee sminnee FIX: Set up the test mailer before loading the fixture, in case fixtu…
…re-creation causes emails to be generated.
c9cdd07
@sminnee sminnee BUGFIX: Improved detection of empty HTMLText fields. a37c8a7
@sminnee sminnee BUGFIX: Better error message when 401 response is corrupted. bad6437
@sminnee sminnee BUGFIX: Updated SilverStripe error handler so that log_errors still w…
…orks.
1ac8023
@sminnee sminnee MINOR: Fixed a glitch that causes warnings in cli-script execution. d86fd14
@sminnee sminnee BUGFIX: Prevent notice-level error in Session code when non-array is …
…turned into an array.
5b6e78d
@sminnee sminnee FIX: Removed notice-level error after forms w/ required fields are ma…
…de readonly.
dc934f7
Jean-Fabien FIX: Added error message fields to default search form e9f92a0
@sminnee sminnee MINOR: Don't throw redirection warning if redirection to the same place. 366cfa3
@sminnee sminnee MINOR: Minor fixes to FunctionalTest 778f355
@sminnee sminnee BUGFIX: Made CSRF-error wording friendlier. 88368d0
@sminnee sminnee NEW: Allow hashes to be passed as ArrayList items; the will be turned…
… into ArrayData objects.
b28fbbe
@sminnee
SilverStripe Ltd. member

OK thanks for the feedback wilr simonwelsh and drzax. I've addressed your concerns and pushed a new rebased branch.

@chillu
SilverStripe Ltd. member

There's all kinds of other places this needs to be fixed up, search for "Security/login".

@chillu
SilverStripe Ltd. member

This has since been added by 04c8124 (two lines above) - please remove this commit.

@chillu
SilverStripe Ltd. member

Apart from the two minor issues above, looks good to me.

@chillu
SilverStripe Ltd. member

I've fixed a test breakage in SecurityTest cased by not unsetting the "send_all_emails_to" prop, and fixed the hardcoded occurrences of "Security/login" (apart from one in LeftAndMain.Ping.js). Necessitated a cms commit: silverstripe/silverstripe-cms@b15b983

Rebased onto 3.0, and merged in with 6cb1570

@chillu chillu closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jan 9, 2013
  1. @mateusz @sminnee

    BUGFIX: for date manipulation use the SS_Datetime::now, otherwise it …

    mateusz committed with sminnee
    …does not respect the mock date.
  2. @sminnee

    NEW: Allow configuration of send_all_emails_to, ccs_all_emails_to, an…

    sminnee committed
    …d bcc_all_emails_to via the config system.
  3. @sminnee
  4. @sminnee

    API CHANGE: Added Security::set_login_url() so that you can define an…

    sminnee committed
    … alternative log-in page if you have made one yourself.
  5. @cbarberis @sminnee
  6. @sminnee

    FIX: Set up the test mailer before loading the fixture, in case fixtu…

    sminnee committed
    …re-creation causes emails to be generated.
  7. @sminnee
  8. @sminnee
  9. @sminnee
  10. @sminnee
  11. @sminnee
  12. @sminnee
  13. @sminnee

    FIX: Added error message fields to default search form

    Jean-Fabien committed with sminnee
  14. @sminnee
  15. @sminnee
  16. @sminnee
  17. @sminnee
View
6 conf/ConfigureFromEnv.php
@@ -41,6 +41,7 @@
*
* Email:
* - SS_SEND_ALL_EMAILS_TO: If you set this define, all emails will be redirected to this address.
+ * - SS_SEND_ALL_EMAILS_FROM: If you set this define, all emails will be send from this address.
*
* @package framework
* @subpackage core
@@ -105,7 +106,10 @@
}
if(defined('SS_SEND_ALL_EMAILS_TO')) {
- Email::send_all_emails_to(SS_SEND_ALL_EMAILS_TO);
+ Config::inst()->update("Email","send_all_emails_to", SS_SEND_ALL_EMAILS_TO);
+}
+if(defined('SS_SEND_ALL_EMAILS_FROM')) {
+ Config::inst()->update("Email","send_all_emails_from", SS_SEND_ALL_EMAILS_FROM);
}
if(defined('SS_DEFAULT_ADMIN_USERNAME')) {
View
2 control/Controller.php
@@ -454,7 +454,7 @@ public function popCurrent() {
public function redirect($url, $code=302) {
if(!$this->response) $this->response = new SS_HTTPResponse();
- if($this->response->getHeader('Location')) {
+ if($this->response->getHeader('Location') && $this->response->getHeader('Location') != $url) {
user_error("Already directed to " . $this->response->getHeader('Location')
. "; now trying to direct to $url", E_USER_WARNING);
return;
View
3 control/Director.php
@@ -725,6 +725,9 @@ public static function forceSSL($patterns = null) {
$matched = false;
if($patterns) {
+ // Calling from the command-line?
+ if(!isset($_SERVER['REQUEST_URI'])) return;
+
// protect portions of the site based on the pattern
$relativeURL = self::makeRelative(Director::absoluteURL($_SERVER['REQUEST_URI']));
foreach($patterns as $pattern) {
View
8 control/HTTPResponse.php
@@ -220,11 +220,17 @@ public function output() {
<meta http-equiv=\"refresh\" content=\"1; url=$url\" />
<script type=\"text/javascript\">setTimeout('window.location.href = \"$url\"', 50);</script>";
} else {
- if(!headers_sent()) {
+ $line = $file = null;
+ if(!headers_sent($file, $line)) {
header($_SERVER['SERVER_PROTOCOL'] . " $this->statusCode " . $this->getStatusDescription());
foreach($this->headers as $header => $value) {
header("$header: $value", true, $this->statusCode);
}
+ } else {
+ // It's critical that these status codes are sent; we need to report a failure if not.
+ if($this->statusCode >= 300) {
+ user_error("Couldn't set response type to $this->statusCode because of output on line $line of $file", E_USER_WARNING);
+ }
}
// Only show error pages or generic "friendly" errors if the status code signifies
View
2 control/Session.php
@@ -415,7 +415,7 @@ public function inst_save() {
protected function recursivelyApply($data, &$dest) {
foreach($data as $k => $v) {
if(is_array($v)) {
- if(!isset($dest[$k])) $dest[$k] = array();
+ if(!isset($dest[$k]) || !is_array($dest[$k])) $dest[$k] = array();
$this->recursivelyApply($v, $dest[$k]);
} else {
$dest[$k] = $v;
View
36 dev/Debug.php
@@ -213,6 +213,7 @@ public static function loadErrorHandlers() {
public static function noticeHandler($errno, $errstr, $errfile, $errline, $errcontext) {
if(error_reporting() == 0) return;
+ ini_set('display_errors', 0);
// Send out the error details to the logger for writing
SS_Log::log(
@@ -227,7 +228,9 @@ public static function noticeHandler($errno, $errstr, $errfile, $errline, $errco
);
if(Director::isDev()) {
- self::showError($errno, $errstr, $errfile, $errline, $errcontext, "Notice");
+ return self::showError($errno, $errstr, $errfile, $errline, $errcontext, "Notice");
+ } else {
+ return false;
}
}
@@ -242,8 +245,10 @@ public static function noticeHandler($errno, $errstr, $errfile, $errline, $errco
*/
public static function warningHandler($errno, $errstr, $errfile, $errline, $errcontext) {
if(error_reporting() == 0) return;
+ ini_set('display_errors', 0);
+
if(self::$send_warnings_to) {
- self::emailError(self::$send_warnings_to, $errno, $errstr, $errfile, $errline, $errcontext, "Warning");
+ return self::emailError(self::$send_warnings_to, $errno, $errstr, $errfile, $errline, $errcontext, "Warning");
}
// Send out the error details to the logger for writing
@@ -263,8 +268,10 @@ public static function warningHandler($errno, $errstr, $errfile, $errline, $errc
}
if(Director::isDev()) {
- self::showError($errno, $errstr, $errfile, $errline, $errcontext, "Warning");
- }
+ return self::showError($errno, $errstr, $errfile, $errline, $errcontext, "Warning");
+ } else {
+ return false;
+ }
}
/**
@@ -279,6 +286,8 @@ public static function warningHandler($errno, $errstr, $errfile, $errline, $errc
* @param unknown_type $errcontext
*/
public static function fatalHandler($errno, $errstr, $errfile, $errline, $errcontext) {
+ ini_set('display_errors', 0);
+
if(self::$send_errors_to) {
self::emailError(self::$send_errors_to, $errno, $errstr, $errfile, $errline, $errcontext, "Error");
}
@@ -300,11 +309,10 @@ public static function fatalHandler($errno, $errstr, $errfile, $errline, $errcon
}
if(Director::isDev() || Director::is_cli()) {
- self::showError($errno, $errstr, $errfile, $errline, $errcontext, "Error");
+ return self::showError($errno, $errstr, $errfile, $errline, $errcontext, "Error");
} else {
- self::friendlyError();
+ return self::friendlyError();
}
- exit(1);
}
/**
@@ -363,6 +371,7 @@ class_exists('Translatable') ? Translatable::get_current_locale() : null
$renderer->writeFooter();
}
}
+ return false;
}
/**
@@ -652,7 +661,7 @@ public static function require_developer_login() {
$_SESSION['Security']['Message']['type'] = 'warning';
$_SESSION['BackURL'] = $_SERVER['REQUEST_URI'];
header($_SERVER['SERVER_PROTOCOL'] . " 302 Found");
- header("Location: " . Director::baseURL() . "Security/login");
+ header("Location: " . Director::baseURL() . Security::login_url());
die();
}
}
@@ -679,7 +688,7 @@ function exceptionHandler($exception) {
$file = $exception->getFile();
$line = $exception->getLine();
$context = $exception->getTrace();
- Debug::fatalHandler($errno, $message, $file, $line, $context);
+ return Debug::fatalHandler($errno, $message, $file, $line, $context);
}
/**
@@ -698,21 +707,18 @@ function errorHandler($errno, $errstr, $errfile, $errline) {
case E_ERROR:
case E_CORE_ERROR:
case E_USER_ERROR:
- Debug::fatalHandler($errno, $errstr, $errfile, $errline, null);
- break;
+ return Debug::fatalHandler($errno, $errstr, $errfile, $errline, null);
case E_WARNING:
case E_CORE_WARNING:
case E_USER_WARNING:
- Debug::warningHandler($errno, $errstr, $errfile, $errline, null);
- break;
+ return Debug::warningHandler($errno, $errstr, $errfile, $errline, null);
case E_NOTICE:
case E_USER_NOTICE:
case E_DEPRECATED:
case E_USER_DEPRECATED:
case E_STRICT:
- Debug::noticeHandler($errno, $errstr, $errfile, $errline, null);
- break;
+ return Debug::noticeHandler($errno, $errstr, $errfile, $errline, null);
}
}
View
13 dev/SapphireTest.php
@@ -205,7 +205,14 @@ public function setUp() {
$className = get_class($this);
$fixtureFile = eval("return {$className}::\$fixture_file;");
+
$prefix = defined('SS_DATABASE_PREFIX') ? SS_DATABASE_PREFIX : 'ss_';
+
+ // Set up email
+ $this->originalMailer = Email::mailer();
+ $this->mailer = new TestMailer();
+ Email::set_mailer($this->mailer);
+ Email::send_all_emails_to(null);
// Todo: this could be a special test model
$this->model = DataModel::inst();
@@ -259,12 +266,6 @@ public function setUp() {
$this->logInWithPermission("ADMIN");
}
- // Set up email
- $this->originalMailer = Email::mailer();
- $this->mailer = new TestMailer();
- Email::set_mailer($this->mailer);
- Email::send_all_emails_to(null);
-
// Preserve memory settings
$this->originalMemoryLimit = ini_get('memory_limit');
View
17 dev/TestSession.php
@@ -96,8 +96,12 @@ public function submitForm($formID, $button = null, $data = array()) {
$form->setField(new SimpleByName($k), $v);
}
- if($button) $submission = $form->submitButton(new SimpleByName($button));
- else $submission = $form->submit();
+ if($button) {
+ $submission = $form->submitButton(new SimpleByName($button));
+ if(!$submission) throw new Exception("Can't find button '$button' to submit as part of test.");
+ } else {
+ $submission = $form->submit();
+ }
$url = Director::makeRelative($form->getAction()->asString());
@@ -138,6 +142,15 @@ public function lastResponse() {
}
/**
+ * Return the fake HTTP_REFERER; set each time get() or post() is called.
+ *
+ * @return string
+ */
+ public function lastUrl() {
+ return $this->lastUrl;
+ }
+
+ /**
* Get the most recent response's content
*/
public function lastContent() {
View
97 email/Email.php
@@ -125,16 +125,54 @@ public static function mailer() {
static $admin_email_address = '';
/**
+ * Send every email generated by the Email class to the given address.
+ *
+ * It will also add " [addressed to (email), cc to (email), bcc to (email)]" to the end of the subject line
+ *
+ * To set this, set Email.send_all_emails_to in your yml config file.
+ * It can also be set in _ss_environment.php with SS_SEND_ALL_EMAILS_TO.
+ *
* @param string $send_all_emails_to Email-Address
*/
protected static $send_all_emails_to = null;
+
+ /**
+ * Send every email generated by the Email class *from* the given address.
+ * It will also add " [, from to (email)]" to the end of the subject line
+ *
+ * To set this, set Email.send_all_emails_from in your yml config file.
+ * It can also be set in _ss_environment.php with SS_SEND_ALL_EMAILS_FROM.
+ *
+ * @param string $send_all_emails_from Email-Address
+ */
+ protected static $send_all_emails_from = null;
/**
+ * BCC every email generated by the Email class to the given address.
+ * It won't affect the original delivery in the same way that send_all_emails_to does. It just adds a BCC header
+ * with the given email address. Note that you can only call this once - subsequent calls will overwrite the
+ * configuration variable.
+ *
+ * This can be used when you have a system that relies heavily on email and you want someone to be checking all
+ * correspondence.
+ *
+ * To set this, set Email.bcc_all_emails_to in your yml config file.
+ *
* @param string $bcc_all_emails_to Email-Address
*/
protected static $bcc_all_emails_to = null;
/**
+ * CC every email generated by the Email class to the given address.
+ * It won't affect the original delivery in the same way that send_all_emails_to does. It just adds a CC header
+ * with the given email address. Note that you can only call this once - subsequent calls will overwrite the
+ * configuration variable.
+ *
+ * This can be used when you have a system that relies heavily on email and you want someone to be checking all
+ * correspondence.
+ *
+ * To set this, set Email.cc_all_emails_to in your yml config file.
+ *
* @param string $cc_all_emails_to Email-Address
*/
protected static $cc_all_emails_to = null;
@@ -399,37 +437,45 @@ public function sendPlain($messageID = null) {
if(project()) $headers['X-SilverStripeSite'] = project();
$to = $this->to;
+ $from = $this->from;
$subject = $this->subject;
- if(self::$send_all_emails_to) {
+ if($sendAllTo = $this->config()->send_all_emails_to) {
$subject .= " [addressed to $to";
- $to = self::$send_all_emails_to;
+ $to = $sendAllTo;
if($this->cc) $subject .= ", cc to $this->cc";
if($this->bcc) $subject .= ", bcc to $this->bcc";
$subject .= ']';
+ unset($headers['Cc']);
+ unset($headers['Bcc']);
} else {
if($this->cc) $headers['Cc'] = $this->cc;
if($this->bcc) $headers['Bcc'] = $this->bcc;
}
- if(self::$cc_all_emails_to) {
+ if($ccAllTo = $this->config()->cc_all_emails_to) {
if(!empty($headers['Cc']) && trim($headers['Cc'])) {
- $headers['Cc'] .= ', ' . self::$cc_all_emails_to;
+ $headers['Cc'] .= ', ' . $ccAllTo;
} else {
- $headers['Cc'] = self::$cc_all_emails_to;
+ $headers['Cc'] = $ccAllTo;
}
}
- if(self::$bcc_all_emails_to) {
+ if($bccAllTo = $this->config()->bcc_all_emails_to) {
if(!empty($headers['Bcc']) && trim($headers['Bcc'])) {
- $headers['Bcc'] .= ', ' . self::$bcc_all_emails_to;
+ $headers['Bcc'] .= ', ' . $bccAllTo;
} else {
- $headers['Bcc'] = self::$bcc_all_emails_to;
+ $headers['Bcc'] = $bccAllTo;
}
}
+ if($sendAllfrom = $this->config()->send_all_emails_from) {
+ if($from) $subject .= " [from $from]";
+ $from = $sendAllfrom;
+ }
+
Requirements::restore();
- return self::mailer()->sendPlain($to, $this->from, $subject, $this->body, $this->attachments, $headers);
+ return self::mailer()->sendPlain($to, $from, $subject, $this->body, $this->attachments, $headers);
}
/**
@@ -459,40 +505,49 @@ public function send($messageID = null) {
if(project()) $headers['X-SilverStripeSite'] = project();
+
$to = $this->to;
+ $from = $this->from;
$subject = $this->subject;
- if(self::$send_all_emails_to) {
+ if($sendAllTo = $this->config()->send_all_emails_to) {
$subject .= " [addressed to $to";
- $to = self::$send_all_emails_to;
+ $to = $sendAllTo;
if($this->cc) $subject .= ", cc to $this->cc";
if($this->bcc) $subject .= ", bcc to $this->bcc";
$subject .= ']';
unset($headers['Cc']);
unset($headers['Bcc']);
+
} else {
if($this->cc) $headers['Cc'] = $this->cc;
if($this->bcc) $headers['Bcc'] = $this->bcc;
}
- if(self::$cc_all_emails_to) {
+
+ if($ccAllTo = $this->config()->cc_all_emails_to) {
if(!empty($headers['Cc']) && trim($headers['Cc'])) {
- $headers['Cc'] .= ', ' . self::$cc_all_emails_to;
+ $headers['Cc'] .= ', ' . $ccAllTo;
} else {
- $headers['Cc'] = self::$cc_all_emails_to;
+ $headers['Cc'] = $ccAllTo;
}
}
-
- if(self::$bcc_all_emails_to) {
+
+ if($bccAllTo = $this->config()->bcc_all_emails_to) {
if(!empty($headers['Bcc']) && trim($headers['Bcc'])) {
- $headers['Bcc'] .= ', ' . self::$bcc_all_emails_to;
+ $headers['Bcc'] .= ', ' . $bccAllTo;
} else {
- $headers['Bcc'] = self::$bcc_all_emails_to;
+ $headers['Bcc'] = $bccAllTo;
}
}
-
+
+ if($sendAllfrom = $this->config()->send_all_emails_from) {
+ if($from) $subject .= " [from $from]";
+ $from = $sendAllfrom;
+ }
+
Requirements::restore();
- return self::mailer()->sendHTML($to, $this->from, $subject, $this->body, $this->attachments, $headers,
+ return self::mailer()->sendHTML($to, $from, $subject, $this->body, $this->attachments, $headers,
$this->plaintext_body);
}
@@ -526,7 +581,7 @@ public static function getAdminEmail() {
public static function send_all_emails_to($emailAddress) {
self::$send_all_emails_to = $emailAddress;
}
-
+
/**
* CC every email generated by the Email class to the given address.
* It won't affect the original delivery in the same way that send_all_emails_to does. It just adds a CC header
View
15 email/Mailer.php
@@ -289,7 +289,7 @@ function encodeMultipart($parts, $contentType, $headers = false) {
*/
function wrapImagesInline($htmlContent) {
global $_INLINED_IMAGES;
- $_INLINED_IMAGES = null;
+ $_INLINED_IMAGES = array();
$replacedContent = imageRewriter($htmlContent, 'wrapImagesInline_rewriter($URL)');
@@ -301,8 +301,8 @@ function wrapImagesInline($htmlContent) {
// Make all the image parts
global $_INLINED_IMAGES;
- foreach($_INLINED_IMAGES as $url => $cid) {
- $multiparts[] = encodeFileForEmail($url, false, "inline", "Content-ID: <$cid>\n");
+ if($_INLINED_IMAGES) foreach($_INLINED_IMAGES as $url => $cid) {
+ $multiparts[] = encodeFileForEmail(BASE_PATH . '/' . $url, false, "inline", "Content-ID: <$cid>\n");
}
// Merge together in a multipart
@@ -310,10 +310,10 @@ function wrapImagesInline($htmlContent) {
return processHeaders($headers, $body);
}
function wrapImagesInline_rewriter($url) {
- $url = relativiseURL($url);
+ $url = Director::makeRelative($url);
global $_INLINED_IMAGES;
- if(!$_INLINED_IMAGES[$url]) {
+ if(!isset($_INLINED_IMAGES[$url])) {
$identifier = "automatedmessage." . rand(1000,1000000000) . "@silverstripe.com";
$_INLINED_IMAGES[$url] = $identifier;
}
@@ -382,6 +382,7 @@ function encodeFileForEmail($file, $destFileName = false, $disposition = NULL, $
$file = array('filename' => $file);
$fh = fopen($file['filename'], "rb");
if ($fh) {
+ $file['contents'] = "";
while(!feof($fh)) $file['contents'] .= fread($fh, 10000);
fclose($fh);
}
@@ -391,12 +392,12 @@ function encodeFileForEmail($file, $destFileName = false, $disposition = NULL, $
if(!$destFileName) $base = basename($file['filename']);
else $base = $destFileName;
- $mimeType = $file['mimetype'] ? $file['mimetype'] : HTTP::get_mime_type($file['filename']);
+ $mimeType = !empty($file['mimetype']) ? $file['mimetype'] : HTTP::get_mime_type($file['filename']);
if(!$mimeType) $mimeType = "application/unknown";
if (empty($disposition)) $disposition = isset($file['contentLocation']) ? 'inline' : 'attachment';
// Encode for emailing
- if (substr($file['mimetype'], 0, 4) != 'text') {
+ if (substr($mimeType, 0, 4) != 'text') {
$encoding = "base64";
$file['contents'] = chunk_split(base64_encode($file['contents']));
} else {
View
4 forms/Form.php
@@ -250,7 +250,9 @@ public function httpSubmission($request) {
// Protection against CSRF attacks
$token = $this->getSecurityToken();
if(!$token->checkRequest($request)) {
- $this->httpError(400, "Sorry, your session has timed out.");
+ $this->httpError(400, _t("Form.CSRF_FAILED_MESSAGE",
+ "There seems to have been a technical problem. Please click the back button,"
+ . " refresh your browser, and try again."));
}
// Determine the action button clicked
View
2 forms/RequiredFields.php
@@ -35,7 +35,7 @@ public function useLabels($flag) {
* Clears all the validation from this object.
*/
public function removeValidation(){
- $this->required = null;
+ $this->required = array();
}
/**
View
3 model/ArrayList.php
@@ -55,6 +55,9 @@ public function exists() {
* @return ArrayIterator
*/
public function getIterator() {
+ foreach($this->items as $i => $item) {
+ if(is_array($item)) $this->items[$i] = new ArrayData($item);
+ }
return new ArrayIterator($this->items);
}
View
6 model/fieldtypes/Date.php
@@ -302,7 +302,7 @@ public function requireField() {
* @return boolean
*/
public function InPast() {
- return strtotime($this->value) < time();
+ return strtotime($this->value) < SS_Datetime::now()->Format('U');
}
/**
@@ -310,7 +310,7 @@ public function InPast() {
* @return boolean
*/
public function InFuture() {
- return strtotime($this->value) > time();
+ return strtotime($this->value) > SS_Datetime::now()->Format('U');
}
/**
@@ -318,7 +318,7 @@ public function InFuture() {
* @return boolean
*/
public function IsToday() {
- return (date('Y-m-d', strtotime($this->value)) == date('Y-m-d', time()));
+ return (date('Y-m-d', strtotime($this->value)) == SS_Datetime::now()->Format('Y-m-d'));
}
/**
View
15 model/fieldtypes/HTMLText.php
@@ -136,8 +136,21 @@ public function forTemplate() {
return ShortcodeParser::get_active()->parse($this->value);
}
+ /**
+ * Returns true if the field has meaningful content.
+ * Excludes null content like <h1></h1>, <p></p> ,etc
+ *
+ * @return boolean
+ */
public function exists() {
- return parent::exists() && $this->value != '<p></p>';
+ // If it's blank, it's blank
+ if(!parent::exists()) return false;
+ // If it's got a content tag
+ if(preg_match('/<(img|embed|object|iframe)[^>]*>/i', $this->value)) return true;
+ // If it's just one or two tags on its own (and not the above) it's empty. This might be <p></p> or <h1></h1> or whatever.
+ if(preg_match('/^[\\s]*(<[^>]+>[\\s]*){1,2}$/', $this->value)) return false;
+ // Otherwise its content is genuine content
+ return true;
}
public function scaffoldFormField($title = null, $params = null) {
View
19 security/Security.php
@@ -242,7 +242,7 @@ public static function permissionFailure($controller = null, $messageSet = null)
// Audit logging hook
$controller->extend('permissionDenied', $member);
- $controller->redirect("Security/login?BackURL=" . urlencode($_SERVER['REQUEST_URI']));
+ $controller->redirect(self::login_url() . "?BackURL=" . urlencode($_SERVER['REQUEST_URI']));
}
return;
}
@@ -927,8 +927,25 @@ public static function default_login_dest() {
public static function set_ignore_disallowed_actions($flag) {
self::$ignore_disallowed_actions = $flag;
}
+
public static function ignore_disallowed_actions() {
return self::$ignore_disallowed_actions;
}
+ protected static $login_url = "Security/login";
+
+ /**
+ * Set a custom log-in URL if you have built your own log-in page.
+ */
+ public static function set_login_url($loginUrl) {
+ self::$login_url = $loginUrl;
+ }
+ /**
+ * Get the URL of the log-in page.
+ * Defaults to Security/login but can be re-set with {@link set_login_url()}
+ */
+ public static function login_url() {
+ return self::$login_url;
+ }
+
}
View
5 templates/SearchForm.ss
@@ -1,4 +1,9 @@
<form $FormAttributes>
+ <% if Message %>
+ <p id="{$FormName}_error" class="message $MessageType">$Message</p>
+ <% else %>
+ <p id="{$FormName}_error" class="message $MessageType" style="display: none"></p>
+ <% end_if %>
<fieldset>
<% loop Fields %>
$FieldHolder
View
34 tests/model/HTMLTextTest.php
@@ -139,4 +139,38 @@ public function testATT() {
$data = DBField::create_field('HTMLText', '"this is a test"');
$this->assertEquals($data->ATT(), '&quot;this is a test&quot;');
}
+
+ function testExists() {
+ $h = new HTMLText;
+ $h->setValue("");
+ $this->assertFalse($h->exists());
+ $h->setValue("<p></p>");
+ $this->assertFalse($h->exists());
+ $h->setValue("<p> </p>");
+ $this->assertFalse($h->exists());
+ $h->setValue("<h2/>");
+ $this->assertFalse($h->exists());
+ $h->setValue("<h2></h2>");
+ $this->assertFalse($h->exists());
+
+ $h->setValue("something");
+ $this->assertTrue($h->exists());
+ $h->setValue("<img src=\"dummy.png\">");
+ $this->assertTrue($h->exists());
+ $h->setValue("<img src=\"dummy.png\"><img src=\"dummy.png\">");
+ $this->assertTrue($h->exists());
+ $h->setValue("<p><img src=\"dummy.png\"></p>");
+ $this->assertTrue($h->exists());
+
+ $h->setValue("<iframe src=\"http://www.google.com\"></iframe>");
+ $this->assertTrue($h->exists());
+ $h->setValue("<embed src=\"test.swf\">");
+ $this->assertTrue($h->exists());
+ $h->setValue("<object width=\"400\" height=\"400\" data=\"test.swf\"></object>");
+ $this->assertTrue($h->exists());
+
+
+ $h->setValue("<p>test</p>");
+ $this->assertTrue($h->exists());
+ }
}
Something went wrong with that request. Please try again.