Versions:

2.4.5 (2011-02-02)

Overview

  • Enhancement: File->canEdit() and File->canCreate() now use extendedCan()
  • Enhancement: Installer check for magic_quotes_gpc (PHP option) and issues a warning if enabled
  • Bugfix: CMSMain->rollback() fails because of CSRF protection
  • Bugfix: Valid file uploads with uppercase extensions blocked from being web accessible
  • Bugfix: Page comments saving onto wrong page
  • Bugfix: Incorrect call to weekday function in Date class
  • Bugfix: SilverStripeNavigator error in case where page is not published, viewing archived site

Changelog

Features and Enhancements

  • [rev:115416] Changed canEdit and canCreate extend to extendedCan
  • [rev:115265] Installer now checks for magic_quotes_gpc being turned off. This option turned on can cause issues with serialized data in cookies when unserializing (from r115264)

Bugfixes

  • [rev:115816] #6321 Whitelisted file extensions with uppercase extensions blocked by case sensitive FilesMatch directive in assets/.htaccess (does not affect IIS 7.x which uses web.config)
  • [rev:115720] transaction function names fixed
  • [rev:115460] DateField wrong datepicker-%s.js path (fixes #6296, thanks martijn)
  • [rev:115443] Incorrect call to weekday function in Date class (thanks webbower!)
  • [rev:115442] Checking for existence of draft and live records in SilverStripeNavigatorItem_ArchiveLink->getHTML() (from r115130)
  • [rev:115440] #6291 Remove rollback action from CMSMain allowed_actions and rely on form action_rollback instead which is safer
  • [rev:115437] Fixed edge case bug where SilverStripeNavigatorItem would fail if a page was not published, and the navigator archive link was generated
  • [rev:115399] #6304 PageCommentInterface::PostCommentForm() loads inappropriate data from cookie, including wrong values for ParentID
  • [rev:115379] #6299 TableListField::Link() includes $action value twice (thanks ajshort!)
  • [rev:115314] #6287 open_basedir restriction breaks RandomGenerator when trying to read dev/urandom
  • [rev:115313] Allowing CMSMain->rollback() outside of form contexts, temporariliy disabling CSRF protection. Necessary in order to get rollback actions working from admin/getversion (regression from 2.4.4 release, see #6291)

Minor changes

  • [rev:115854] #6397 CoreTest should use test specific paths, otherwise conflicts can occur in certain environments
  • [rev:115461] Fixed en_US spelling (fixes #6316, thanks sonetseo)

Other

  • [rev:115723] Reverted to revision 101592