Jamie McClelland [Wed, 20 Feb 2019 17:59:34 +0000 (12:59 -0500)]
escape alphanumeric/checkbox custom data
Seamus Lee [Mon, 22 Apr 2019 07:45:52 +0000 (17:45 +1000)]
Fix security/core#51 by paramatising the Event Type part of the wuere clause
Seamus Lee [Wed, 24 Apr 2019 20:03:57 +0000 (06:03 +1000)]
Resolve security/core#53 by updating tcpdf to latest version of 6.2.x
Tim Otten [Tue, 23 Apr 2019 23:00:35 +0000 (16:00 -0700)]
(security/core#50) Update jQuery to address prototype pollution
Coleman Watts [Tue, 26 Mar 2019 22:16:18 +0000 (18:16 -0400)]
Don't expose condition to api.getoptions
Tim Otten [Tue, 5 Mar 2019 00:05:06 +0000 (16:05 -0800)]
Harden against serialization vulnerabilities (#46)
Seamus Lee [Tue, 14 May 2019 23:28:23 +0000 (09:28 +1000)]
Merge pull request #14246 from seamuslee001/5.14-release-notes
5.13.3 Release Notes
Tim Otten [Tue, 14 May 2019 10:54:21 +0000 (11:54 +0100)]
contributor-key.yml, 5.13.13.md - Fix typo in credit
I saw a typo and asked Patrick for preferred text.
Tim Otten [Sat, 11 May 2019 08:04:52 +0000 (09:04 +0100)]
Update 5.13.3.md
Tim Otten [Sat, 11 May 2019 08:03:11 +0000 (09:03 +0100)]
Update 5.13.3.md
Seamus Lee [Sat, 11 May 2019 01:59:59 +0000 (11:59 +1000)]
Update release notes
Seamus Lee [Fri, 10 May 2019 22:42:58 +0000 (08:42 +1000)]
Add in Release notes for 5.13.3 Drop
Eileen McNaughton [Sat, 11 May 2019 23:48:34 +0000 (11:48 +1200)]
Merge pull request #14236 from seamuslee001/activity_test
Fix Failing Activity Test
Seamus Lee [Sat, 11 May 2019 07:25:11 +0000 (17:25 +1000)]
Fix Failing Activity Test
Seamus Lee [Sat, 11 May 2019 06:40:48 +0000 (16:40 +1000)]
Merge pull request #14223 from eileenmcnaughton/5.14
dev/core#942 fix failure to render names for some activities
eileenmcnaugton [Fri, 10 May 2019 04:13:11 +0000 (16:13 +1200)]
dev/core#942 fix failure to render names for some activities
Overview
----------------------------------------
Set limit for activity_contact retrieval to 0, allowing to retrieve more than 25 activity contacts when rendering the first 25 activities on the activity contact tab
Before
----------------------------------------
![before](https://user-images.githubusercontent.com/336308/
57439801-
e42a0580-729a-11e9-80a1-
45df93d0c5eb.jpg)
After
----------------------------------------
![after](https://user-images.githubusercontent.com/336308/
57439960-
39fead80-729b-11e9-9701-
acd79ff73497.jpg)
Technical Details
----------------------------------------
This moves the logic for retrieving the target contacts back into the getActivities function. We are stil not wanting to bypass the ACLs so still using the
api but strictly limiting the number of contacts we retrieve (at the cost of extra queries, but cheap ones).
Some tests added on the Bulk Mail activity.
Comments
----------------------------------------
Eileen McNaughton [Sat, 11 May 2019 01:33:52 +0000 (13:33 +1200)]
Merge pull request #14233 from seamuslee001/participant_count_search_fix
dev/core#956 Fix hard breakage in find participants form when you do a filter on o…
Seamus Lee [Fri, 10 May 2019 23:31:19 +0000 (09:31 +1000)]
Merge pull request #14220 from pradpnayak/core/issues/923
core/issues/923, Fixed notice error when creating/editing profile
Seamus Lee [Fri, 10 May 2019 23:24:47 +0000 (09:24 +1000)]
dev/core#956 Fix hard breakage in find participants form when you do a filter on one event and n participant statues
Eileen McNaughton [Fri, 10 May 2019 09:05:17 +0000 (21:05 +1200)]
Merge pull request #14214 from jitendrapurohit/activity-input
Add select2 to input field of datepicker
Eileen McNaughton [Fri, 10 May 2019 09:02:30 +0000 (21:02 +1200)]
Merge pull request #14221 from seamuslee001/activty_wrapper_date_picker_template
Add in Wrapper template around DatePickerRange template to have bette…
Seamus Lee [Fri, 10 May 2019 00:16:19 +0000 (10:16 +1000)]
Add in Wrapper template around DatePickerRange template to have better layout of Activity Search Form
Allow for colspan and class to be set when adding in wrapper
Update the wrapper to be only one td and not all and fix activity template appropriately
Eileen McNaughton [Thu, 9 May 2019 23:52:24 +0000 (11:52 +1200)]
Merge pull request #14219 from colemanw/hover
dev/core#950 Remove deprecated :hover jQuery selector
Coleman Watts [Thu, 9 May 2019 21:50:53 +0000 (17:50 -0400)]
Remove deprecated :hover jQuery selector
Pradeep Nayak [Thu, 9 May 2019 21:35:00 +0000 (22:35 +0100)]
core/issues/923, Fixed notice error when creating/editing profile
Jitendra Purohit [Wed, 8 May 2019 04:40:18 +0000 (10:10 +0530)]
Add select2 to input field of datepicker
Seamus Lee [Tue, 7 May 2019 01:35:15 +0000 (11:35 +1000)]
Merge pull request #14210 from seamuslee001/5_13_2_release_notes
Add 5.13.2 release notes
Tim Otten [Mon, 6 May 2019 23:32:12 +0000 (16:32 -0700)]
Update 5.13.2.md
Seamus Lee [Mon, 6 May 2019 22:35:55 +0000 (08:35 +1000)]
Update Release notes for dev/core#940
Include Dave D for review purposes
Tim Otten [Mon, 6 May 2019 19:31:11 +0000 (12:31 -0700)]
Add 5.13.2 release notes
Seamus Lee [Mon, 6 May 2019 23:34:42 +0000 (09:34 +1000)]
Merge pull request #14208 from seamuslee001/dev_core_940_5_14
(dev/core#940) Fix regression involving Email Processor filing and ".unknown" attachments
Seamus Lee [Mon, 6 May 2019 22:29:50 +0000 (08:29 +1000)]
Fix Regression in Email Processor filing all emails as .unknown attachments
Seamus Lee [Mon, 6 May 2019 20:36:27 +0000 (06:36 +1000)]
Merge pull request #14204 from totten/5.14-act-sort
(dev/core#934; followup) Fix escaping on new query code
Tim Otten [Mon, 6 May 2019 19:34:37 +0000 (12:34 -0700)]
(dev/core#934; followup) Fix escaping on new query code
This updates a line which was added in the past day (#14194) to ensure that
the data is escaped.
Seamus Lee [Sun, 5 May 2019 02:38:19 +0000 (12:38 +1000)]
Merge pull request #14194 from eileenmcnaughton/activity_sort
dev/core#934 Fix regression on sorting activity tab by 'Added by'
eileen [Fri, 3 May 2019 02:37:14 +0000 (14:37 +1200)]
dev/core#934 Fix regression on sorting activity tab by 'Added by'
Eileen McNaughton [Fri, 3 May 2019 05:29:19 +0000 (17:29 +1200)]
Merge pull request #14193 from seamuslee001/5.14
On PHP 7.2 we cannot start session until it has been configured by Dr…
mark burdett [Tue, 16 Apr 2019 23:29:43 +0000 (16:29 -0700)]
On PHP 7.2 we cannot start session until it has been configured by Drupal.
Seamus Lee [Fri, 3 May 2019 00:55:29 +0000 (10:55 +1000)]
Merge pull request #14191 from seamuslee001/5_13_release_notes
Add in release notes for 5.13.1 drop
Seamus Lee [Thu, 2 May 2019 23:16:12 +0000 (09:16 +1000)]
Merge pull request #14135 from colemanw/menubarVars
Hook to alter menubar css variables & fix breakpoint in WP
Tim Otten [Thu, 2 May 2019 22:48:16 +0000 (15:48 -0700)]
Update 5.13.1.md
Seamus Lee [Thu, 2 May 2019 22:08:02 +0000 (08:08 +1000)]
Merge pull request #14189 from MegaphoneJon/wordpress-26-5.14
wordpress#26 - fix REST
Seamus Lee [Thu, 2 May 2019 21:30:39 +0000 (07:30 +1000)]
Add in release notes for 5.13.1 drop
Jon Goldberg [Thu, 2 May 2019 20:00:19 +0000 (16:00 -0400)]
wordpress#26 - fix REST
Seamus Lee [Thu, 2 May 2019 21:09:40 +0000 (07:09 +1000)]
Merge pull request #14188 from seamuslee001/dev_core_931_5_14
Resolve dev/core#931 by not doing translation on the query if field e…
Seamus Lee [Thu, 2 May 2019 20:22:41 +0000 (06:22 +1000)]
Resolve dev/core#931 by not doing translation on the query if field exists during the upgrade process
CiviCRM [Thu, 2 May 2019 04:35:35 +0000 (04:35 +0000)]
Set version to 5.14.beta1
Seamus Lee [Thu, 2 May 2019 02:29:36 +0000 (12:29 +1000)]
Merge pull request #14176 from civicrm/5.13
5.13
Tim Otten [Thu, 2 May 2019 02:23:55 +0000 (19:23 -0700)]
Merge pull request #14056 from agh1/5.13.0-releasenotes
5.13.0 release notes
Tim Otten [Wed, 1 May 2019 23:50:50 +0000 (16:50 -0700)]
Update 5.13.0.md
Eileen McNaughton [Wed, 1 May 2019 23:27:10 +0000 (11:27 +1200)]
Merge pull request #14173 from mlutfy/cart-payment-cid
Event Cart: pass the contactID to fix payment on Stripe
Eileen McNaughton [Wed, 1 May 2019 23:26:27 +0000 (11:26 +1200)]
Merge pull request #14170 from mlutfy/cart-emails
Event Cart: fix sending of email receipts
Eileen McNaughton [Wed, 1 May 2019 23:25:51 +0000 (11:25 +1200)]
Merge pull request #14175 from mlutfy/cart-cc-icons
Event Cart: add support for the Credit Card type icons
Eileen McNaughton [Wed, 1 May 2019 23:25:31 +0000 (11:25 +1200)]
Merge pull request #14174 from mlutfy/cart-allow-same-participant
Event Cart: honor the allow_same_participant_emails setting
Mathieu Lutfy [Wed, 1 May 2019 15:08:06 +0000 (11:08 -0400)]
Event Cart: pass the contactID to fix payment on Stripe
Andrew Hunt [Wed, 1 May 2019 21:23:38 +0000 (17:23 -0400)]
5.13.0 release notes: late changes
Alice Frumin [Thu, 25 Apr 2019 20:12:08 +0000 (16:12 -0400)]
uppercase if work is continued or begun
Alice Frumin [Thu, 25 Apr 2019 20:06:12 +0000 (16:06 -0400)]
moving gitlab issues to the end
Alice Frumin [Tue, 16 Apr 2019 17:21:09 +0000 (13:21 -0400)]
5.13.0 release notes: bulk of edits
Andrew Hunt [Mon, 15 Apr 2019 21:01:28 +0000 (17:01 -0400)]
5.13.0 release notes: added boilerplate
Andrew Hunt [Mon, 15 Apr 2019 19:21:33 +0000 (15:21 -0400)]
5.13.0 release notes: raw from script
Mathieu Lutfy [Wed, 1 May 2019 15:33:37 +0000 (11:33 -0400)]
Event Cart: add support for the Credit Card type icons
Mathieu Lutfy [Wed, 1 May 2019 15:13:28 +0000 (11:13 -0400)]
Event Cart: honor the allow_same_participant_emails setting
Matthew Wire [Wed, 1 May 2019 12:05:26 +0000 (13:05 +0100)]
Merge pull request #14169 from mlutfy/cart-i18n
Event Cart: fix start_date formatting in line items during checkout
Matthew Wire [Wed, 1 May 2019 11:26:04 +0000 (12:26 +0100)]
Merge pull request #14168 from eileenmcnaughton/enotice
dev/core#918 enotice fix part 2 #14165
Mathieu Lutfy [Wed, 1 May 2019 10:32:52 +0000 (06:32 -0400)]
Event Cart: fix sending of email receipts
Mathieu Lutfy [Wed, 1 May 2019 10:25:00 +0000 (06:25 -0400)]
Event Cart: fix start_date formatting in line items during checkout
eileen [Wed, 1 May 2019 08:34:34 +0000 (20:34 +1200)]
dev/core#918 enotice fix part 2 #14165
Seamus Lee [Wed, 1 May 2019 00:33:41 +0000 (10:33 +1000)]
Merge pull request #14166 from civicrm/5.13
5.13
Seamus Lee [Wed, 1 May 2019 00:25:06 +0000 (10:25 +1000)]
Merge pull request #14163 from seamuslee001/flexmailer_26
(flexmailer#29) civicrm/mailing/view - Use Mailing.preview API. Fix compatibility with Flexmailer.
Eileen McNaughton [Tue, 30 Apr 2019 23:59:47 +0000 (11:59 +1200)]
Merge pull request #13887 from eileenmcnaughton/group_entity
dev/core#818 Partial conversion of Group form to be an EntityForm
Eileen McNaughton [Tue, 30 Apr 2019 23:41:42 +0000 (11:41 +1200)]
Merge pull request #14164 from eileenmcnaughton/in_fix
Fix deprecation handling [intra-rc-follow up] on #13999]
Seamus Lee [Tue, 30 Apr 2019 23:11:56 +0000 (09:11 +1000)]
Return MailingID rather than ['id'] as id may not always be supplied
Tim Otten [Tue, 30 Apr 2019 22:50:21 +0000 (15:50 -0700)]
(flexmailer#29) civicrm/mailing/view - Generate content via Mailing.preview API
A root cause of flexmailer#29 is that the flexmailer has to override
multiple parts of CiviMail. Case in point: it overrides the
`civicrm/mailing/view` and forces it to generate content via
`Mailing.preview` API. This is unfortunate because flexmailer's variant is
missing other features (regarding permissioning and contact IDs).
This revision makes it unnecessary for flexmailer to override
`civicrm/mailing/view`.
colemanw [Tue, 30 Apr 2019 22:44:11 +0000 (18:44 -0400)]
Merge pull request #14165 from eileenmcnaughton/enotice
dev/core#918 Enotice fix
colemanw [Tue, 30 Apr 2019 22:43:54 +0000 (18:43 -0400)]
Merge pull request #14161 from eileenmcnaughton/really
Convert dedupe select to select 2 and remove not-used var
Tim Otten [Tue, 30 Apr 2019 22:42:20 +0000 (15:42 -0700)]
(flexmailer#29) Mailing.preview API - Fix array access warning. Make unit-test pass.
Tim Otten [Tue, 30 Apr 2019 22:40:46 +0000 (15:40 -0700)]
(flexmailer#29) Mailing.preview API - Add unit-test for call without contact ID
eileen [Tue, 30 Apr 2019 21:57:21 +0000 (09:57 +1200)]
Enotice fix
The check is looking for status at the wrong level in the array
Seamus Lee [Tue, 30 Apr 2019 20:57:32 +0000 (06:57 +1000)]
flexmailer#26 Fix Flexmailer handling of annonmous user access to view Mailings by porting handling of annon situation to api
eileen [Tue, 30 Apr 2019 21:33:26 +0000 (09:33 +1200)]
Fix deprecation handling
Turns out we were one of the sites naughtily using the BAO directly who needed this handling
to work - but because we passed a number in quote it didn't - this fixes
Seamus Lee [Tue, 30 Apr 2019 21:26:22 +0000 (07:26 +1000)]
Merge pull request #14157 from eileenmcnaughton/ref_dedupe
[REF] function extraction in dedupe code
Seamus Lee [Tue, 30 Apr 2019 11:06:39 +0000 (21:06 +1000)]
Merge pull request #14162 from civicrm/5.13
5.13
Yashodha Chaku [Tue, 30 Apr 2019 06:21:27 +0000 (11:51 +0530)]
Merge pull request #14064 from JMAConsulting/core-338
dev/core#338: Batch update membership type
Tim Otten [Tue, 30 Apr 2019 05:50:32 +0000 (22:50 -0700)]
Merge pull request #14156 from totten/5.13-mail-tokens
CiviMail - Restore support for preview of "mailing"/"action" tokens via TokenProcessor/Flexmailer
eileen [Tue, 30 Apr 2019 05:01:11 +0000 (17:01 +1200)]
Convert dedupe select to select 2 and remove not-used var
Tim Otten [Tue, 30 Apr 2019 04:26:15 +0000 (21:26 -0700)]
CRM_Mailing_TokensTest - Update spec to match expected behavior
The preceding commits revised the behavior of `{mailing.*}` and `{action.*}`
when previewed via `TokenProcessor` (so that they match the preview
logic in other cases).
This simply changes the spec to match.
Eileen McNaughton [Tue, 30 Apr 2019 02:55:22 +0000 (14:55 +1200)]
Merge pull request #14159 from civicrm/5.13
5.13 to master
Eileen McNaughton [Tue, 30 Apr 2019 02:54:23 +0000 (14:54 +1200)]
Merge pull request #14155 from seamuslee001/php_7_2_bin_cli_class
dev/core#907 Fix Deprecation notice for PHP7.2 in bin/cli.class.php
eileen [Tue, 30 Apr 2019 00:38:15 +0000 (12:38 +1200)]
[REF] function extraction in dedupe code
Tim Otten [Mon, 29 Apr 2019 23:59:35 +0000 (16:59 -0700)]
CiviMail - Restore support for previewing mailing-tokens via TokenProcessor/Flexmailer
See preceding commit for general description - this simply applies the same
concept for another set of tokens.
Tim Otten [Mon, 29 Apr 2019 20:35:48 +0000 (13:35 -0700)]
CiviMail - Restore support for previewing action-tokens via TokenProcessor/Flexmailer
Overview
--------
When using `TokenProcessor` to generate a mailing (e.g. as with Flexmailer/Mosaico), the action-tokens (e.g.
`{action.optOutUrl}`) are generated via `CRM_Mailing_ActionTokens`. To properly generate them,
`CRM_Mailing_ActionTokens` relies on certain information (e.g. mailing/job ID). However, that information is no
longer available when performing a "Preview" -- leading to misbehavior in previews. This patch allows Flexmailer to
restore parity for previewing those tokens.
Before (Pre-5.6)
----------------
* When a user begins composing a mailing, CiviMail creates a draft mailing with a concrete ID (e.g. `mailing #123`).
* To preview the mailing, the UI calls `Mailing.preview` API with the ID of the mailing.
* Flexmailer/Mosaico generates the preview by calling `TokenProcessor` and therefore `CRM_Mailing_ActionTokens`.
* `CRM_Mailing_ActionTokens` has strictness checks. These pass because the ID is available.
Before (5.6-5.12)
----------------
As a performance enhancement, CiviCRM 5.6 (PR #12509; [dev/mail#20](https://lab.civicrm.org/dev/mail/issues/20)) revised
the signature for `Mailing.preview` API to allow previews *without* having a specific mailing record/job/ID. Consequently:
* When a user begins composing a mailing, CiviMail creates a draft mailing with a concrete ID (e.g. `mailing #123`).
* To preview the mailing, the UI calls `Mailing.preview` API ~~with~~ **without** the ID of the mailing.
* Flexmailer/Mosaico generates the preview by calling `TokenProcessor` and therefore `CRM_Mailing_ActionTokens`.
* `CRM_Mailing_ActionTokens` has strictness checks. These ~~pass~~ **fail** because the ID is ~~available~~ **unavailable**.
After
----------------
* When a user begins composing a mailing, CiviMail creates a draft mailing with a concrete ID (e.g. `mailing #123`).
* To preview the mailing, the UI calls `Mailing.preview` API ~~with~~ **without** the ID of the mailing.
* Flexmailer/Mosaico generates the preview by calling `TokenProcessor` and therefore `CRM_Mailing_ActionTokens`.
* `CRM_Mailing_ActionTokens` has ~~strictness~~ **less strict** checks. These **pass** because the `context[schema]` hints that
a mailing ID *will be available* when needed.
Eileen McNaughton [Mon, 29 Apr 2019 22:21:12 +0000 (10:21 +1200)]
Merge pull request #13844 from mattwire/corepaymentmore_essay
Update docblock for doPayment function
Seamus Lee [Mon, 29 Apr 2019 21:52:49 +0000 (07:52 +1000)]
dev/core#907 Fix Deprecation notice for PHP7.2 in bin/cli.class.php
Matthew Wire (MJW Consulting) [Sat, 16 Mar 2019 10:43:42 +0000 (10:43 +0000)]
Update docblock for doPayment function
Matthew Wire [Mon, 29 Apr 2019 10:32:41 +0000 (11:32 +0100)]
Merge pull request #14145 from demeritcowboy/submitOften
dev/core#904 - undo part of 13333
Eileen McNaughton [Sun, 28 Apr 2019 23:40:01 +0000 (11:40 +1200)]
Merge pull request #14144 from eileenmcnaughton/dedupe4
dev/core#723 [REF] extract chunk of code that definitely does something.
Eileen McNaughton [Sun, 28 Apr 2019 22:34:25 +0000 (10:34 +1200)]
Merge pull request #14148 from eileenmcnaughton/dedupe8
[REF] extract getConflicts function
eileen [Sat, 27 Apr 2019 04:37:07 +0000 (16:37 +1200)]
[REF] extract chunk of code that definitely does something.
This is a really blunt extraction of a chunk of code whose Raison D'Etre I don't quite know as yet.
I've done the absolute minimum variable cleanup to keep it really clean in the first instance
eileen [Sat, 27 Apr 2019 06:36:12 +0000 (18:36 +1200)]
[REF] extract getConflicts function
This is for readability but I also want to add an api that retrieves conflicts without
trying a merge for more control