The upgrade to the latest Dropzone.js brought in a new `timeout` configuration variable, which defaults to 30s. This removes the time limit and restores original functionality.
Fixes#4869
Tested #4867 but it broke the use of pressing TAB after entering a tag to lock it in. This seems to retain that functionality and yet still fix the issue
Replaces #4867
This is a complex issues where a "model not found" exception is getting thrown during the `pageAction` cycle, then getting suppressed by the fatal error handler:
try {
// RelationController throws error here
}
catch (Exception $ex) {
$this->controller->handleError($ex);
}
Fixes#4784
- Introduce varcharmax config item, this default eventually should be increased to 255, when MySQL 5.6 support is dropped
- Config item can be kept to retain legacy support
- Only apply to mysql driver, previously was impacting other drivers
- Source true config values, previously was sourcing hard coded "mysql" connection values
Adds an Artisan command "october:passwd" to change the password of a Backend User through CLI. This command may only be run through CLI - it will not work if called through a web handler.
Refs: #3521, #4835. Docs: 1f3bfc719e
This has been benchmarked and appears to have minimal impact on performance and solves unnecessary randomness and race conditions during the app's registration and boot cycle
Fixes#4826
This change should be revisited since it doesn't account for database-based templates which have no file path. Upon revisit, we might want to consider adding this logic in to the afterFetch() event with detection of file based mode, or even at the lower levels where the file is first extracted from the filesystem. TBA
This changes the event log to use a partial for the log message which double-encodes the data. When using formatted view in the log viewer widget, the HTML entites are allowed by decoding back a step. When in raw view, the HTML entities are kept double-encoded.
Fixes#4558.
Logic in ComponentPartial was rolled back and moved to the Controller. Since there are issues with throwing exceptions inside the component partial lookup logic (exceptions are conditionally suppressed), it seems like it would be better to bubble up the security logic to the controller level as a simple base dir security check, which is no longer concerned about any suppression logic. This looks to have logic parity with the previous solution
Refs #4652
This is one step closer to fixing the sorting issues when a scrollbar is present. It still doesn't quite fix the issue, still need to find a way to get the container dimensions to update
Refs https://github.com/rainlab/pages-plugin/issues/384
Refs 1d91c221b0
Similarly named repeater fields being used in viewBag variables were being assigned aliases which succeeded the `strpos` check on line 407. This will more clearly look for a child repeater form and index.
Fixes#4808
Adds a dismissable message to the CMS object code editor indicating that the PHP code section of a CMS object cannot be edited when `cms.enableSafeMode` is `true` (or when debugging is disabled if `null`).
Credit to @mjauvin.
This occurs due to a race condition in the rendering where the scrollbars enable and disable over and over because of a slow height calculation. Giving any height number appears to close the loop by never letting the height resolve to 0
Refs #4632
If the DataTable widget is loaded in a Popup, the .focus() call does not
seem to focus the target element correctly, which leads to the problem,
that the updateCellFromFocusedItem method fails to find the focused
item.
This commit passes the target item along since it is already known.
* Support additional file name and path characters in media manager
When working with abstract file names that may contain additional characters, such as quotes or ampersands, the media manager would throw an error. This PR adds two additional characters to the character whitelist.
* Add unicode filename to tests
When the value is null [id >= ''] an error is thrown, not being an integer, while [id >= null] will return nil results, curiously. Here we emulate infinity by using a large-ish number instead of null. In future if this becomes a problem we may need to resort to multiple condition definitions as a more verbose solution, for example:
- For when both are set (conditions: id >= ':min' and id <= ':max')
- For when min is set (conditionsMin: id >= ':min')
- For when max is set (conditionsMax: id >= ':max')
When ordering is applied externally, ie. by a relation config, the orderBy call in the List widget simply adds an additional field to the ordering clauses, which prevents lists in these scenarios from being re-ordered correctly. This changes the order clause so that the ordering is reset and only the specified column is ordered when the user sorts a column.
Developers can continue to use the `extendQuery` event to do specialised custom ordering if required.
Fixes#4439.
If including the asset extension is important, this can be done by listening to the `system.assets.beforeAddAsset(&$type, &$path, &$attributes)` event introduced in Build 460.
- Allow minimum or maximum to be unspecified, meaning you want everything up to maximum, or everything above minimum.
- Allow for zero values to work
- Tweak display of infinite values
Fixes#3982.
Still need to resolve an issue where if the slave filter has values set when the master filter updates, thus triggering a change of the available options to the slave, the original values are still set on the slave but not actually visible in the popup as options because they're no longer valid options. To fix this we'll need the ability to get the browser to refresh the slave filter's selected values (count icon basically since it already forces the options popup to refresh) when its masters update; while at the same rechecking the slave's scope values set on the server to ensure that they're all valid and there aren't values left over from the previous request that are no longer valid but are still being applied to the query.
Reverts f73d8e6d49. While there are other ways to achieve some of the same end results, this code existed in the code base for 8 months without issues and is included in the official docs. This means that there could be devs that are depending on this behavior. Additionally, while this may make the internal logic to the BackendController class more complex, it simplifies the developer experience by bringing the Backend\Classes\Controller base class more in line with the standard Laravel controller class.
This was a contentious change is generally a bad idea to blanket all requests with a dependant cookie. We will try something else.
Revert enableXsrfCookies setting. Fixes UX issue introduced where the token expires. This should be replaced by a CSRF policy that determines whether this is needed on the front end.
runInternal has been removed because we do not want to blanket our response logic over every single response, only the happy path. This is because it is impossible to remove. So it is better to take the inverted approach, where if you want the CMS' headers in your custom response, add them yourself. This becomes easy via the new makeResponse() method
For some reason it was decided to allow October controllers to support Laravel middleware, this has been reverted because it is a convoluted solution that doesn't respect the original architecture. There are other ways to handle middleware requirements
The original use case appeared to be to simply allow backend controllers to inject headers. This is something easily solvable whilst keeping the simple and original workflow
Ayumi
Ben Thomson
Flynsarmy
jacobdekeizer
Samuel Georges
Luke Towers
Szabó Gergő
Samuell
Marc Jauvin
Nick Khaetsky
Dan Harrin
Tobias Kündig
Philipp Lang
Blaž Oražem
Robin Bonnes
Larry Barker
Philipp Fehr
Luke Towers
empower-josh
Jim Cottrell
Marek Erben
Tomasz Strojny
Christophe Vuagniaux